Cyber Risk Management

Learn how to prioritize threats, implement a cyber security programme and effectively communicate risks.

How can you manage the complex threats that can cause financial, operational and reputational damage to the business? This practical guide shows how to implement a successful cyber security programme. The second edition of Cyber Risk Management covers the latest developments in cyber security for those responsible for managing threat events, vulnerabilities and controls. These include the impact of Web3 and the metaverse on cyber security, supply-chain security in the gig economy and exploration of the global, macroeconomic conditions that affect strategies. It explains how COVID-19 and remote working changed the cybersecurity landscape. Cyber Risk Management presents a data-centric approach to cyber risk management based on business impact assessments, data classification, data flow modelling and assessing return on investment. It covers pressing developments in artificial intelligence, machine learning, big data and cloud mobility, and includes advice on dealing with malware, data leakage, insider threat and Denial-of-Service. With analysis on the innate human factors affecting cyber risk and awareness and the importance of communicating security effectively, this book is essential reading for all risk and cybersecurity professionals.

Contains interviews, examples and use cases with leading security and risk professionals from a variety of industries

Auteur
Christopher J Hodson is Chief Security Officer for Cyberhaven where he oversees all facets of security to protect Cyberhaven customers and employees, including cloud and application security, security operations, and risk management. In addition, Chris serves as a board advisor at the workforce development platform, Cybrary, and is a fellow of the Chartered Institute of Information Security. He has previously held CISO positions with Contentful, Zscaler, and Tanium. He is a guest lecturer at Royal Holloway, University of London where he also holds a master's degree in computer and information systems security.

Contenu

• Section - PART ONE: Contextualizing cybersecurity risk;
• • Chapter - 01: Why now? The only constant is change;
  • Chapter - 02: Technologies and security challenges;
  • Chapter - 03: Data breaches;
• Section - PART TWO: Cybersecurity programme management;
• • Chapter - 04: What are cybersecurity and cybercrime?;
  • Chapter - 05: Establishing a cybersecurity programme;
• Section - PART THREE: Actors, events and vulnerabilities;
• • Chapter - 06: Threat actors;
  • Chapter - 07: Threat events;
  • Chapter - 08: Vulnerabilities;
  • Chapter - 09: Controls;
• Section - PART FOUR: Conclusion: the cybersecurity risk equation explained;
• • Chapter - 10: Cyber risk management: a conclusion;