Building a Cyber Risk Management Program: Evolving Security for the Digital Age
Author: Brian Allen (Author), Brandon Bapst (Author), Terry Hicks (Author)
Publisher finelybook 出版社: O’Reilly Media
Edition 版本: 1st
Publication Date 出版日期: 2024-01-09
Language 语言: English
Print Length 页数: 220 pages
ISBN-10: 1098147790
ISBN-13: 9781098147792
Book Description
Cyber risk management is one of the most urgent issues facing enterprises today. This book presents a detailed framework for designing, developing, and implementing a cyber risk management program that addresses your company’s specific needs. Ideal for corporate directors, senior executives, security risk practitioners, and auditors at many levels, this guide offers both the strategic insight and tactical guidance you’re looking for.
You’ll learn how to define and establish a sustainable, defendable, cyber risk management program, and the benefits associated with proper implementation. Cyber risk management experts Brian Allen and Brandon Bapst, working with writer Terry Allan Hicks, also provide advice that goes beyond risk management. You’ll discover ways to address your company’s oversight obligations as defined by international standards, case law, regulation, and board-level guidance.
This book helps you:
- Understand the transformational changes digitalization is introducing, and new cyber risks that come with it
- Learn the key legal and regulatory drivers that make cyber risk management a mission-critical priority for enterprises
- Gain a complete understanding of four components that make up a formal cyber risk management program
- Implement or provide guidance for a cyber risk management program within your enterprise
Review
“Building a Cyber Risk Management Program applies practical solutions to the ever evolving, complex, and technical cyber environment. It’s well thought-out and provides a structured risk-based governance approach with easy-to-follow concepts. This book is a must read for anyone with cyber risk management responsibilities.” John E. Turey, Chief Risk Officer – TE Connectivity
About the Author
Brandon Bapst is a Cyber Risk Advisor in EY’s Cybersecurity practice. He works closely with executives, CSOs and CISOs on developing mature cyber risk programs. He has worked with Global Fortune 500 companies to transform tactical security programs into holistic enterprise security risk management practices enabled through data driven insights and technology. Brandon is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA).