Managing the Cyber Risk: A CISO’s practical guide to threat and vulnerability management (English Edition)
Author:Saurabh Mudgal (Author)
Publisher finelybook 出版社: BPB Publications
Publication Date 出版日期: 2025-05-17
Language 语言: English
Print Length 页数: 418 pages
ISBN-10: 9365892910
ISBN-13: 9789365892918
Book Description
Description
In today’s ever-expanding digital world, cyber threats are constantly evolving, and organizations are struggling to keep pace. Managing the Cyber Risk equips CISOs and security professionals with the knowledge and strategies necessary to build a robust defense against these ever-present dangers.
This comprehensive guide takes you on a journey through the evolving threat landscape, dissecting attacker motivations and methods, and recognizing modern dangers like AI-driven attacks and cloud vulnerabilities. You will learn to quantify the real-world cost of cybercrime, providing a clear justification for robust security measures. The book guides you through building a powerful vulnerability management program, covering asset discovery, scanning techniques (including penetration testing and threat intelligence integration), in-depth risk analysis using CVSS, and effective prioritization and remediation strategies. Cultivating a security-aware culture is paramount, and you will explore employee training, incident response planning, the crucial roles of security champions and SOCs, and the importance of measuring security program effectiveness. Finally, it teaches advanced techniques like continuous threat detection and response, deception technologies for proactive threat hunting, integrating security into development pipelines with DevSecOps, and understanding future trends shaping cybersecurity.
By the time you reach the final chapter, including the invaluable CISO’s toolkit with practical templates and resources, you will possess a holistic understanding of threat and vulnerability management. You will be able to strategically fortify your digital assets, proactively defend against sophisticated attacks, and confidently lead your organization towards a state of robust cyber resilience, truly mastering your cyber risk management.
What you will learn
● Grasp evolving threats (malware, AI), cybercrime costs, and VM principles comprehensively.
● Analyze attacker motivations, vectors (phishing, SQLi), and modern landscape intricacies.
● Establish a vulnerability management program tailored to your organization’s specific needs.
● Foster a culture of security awareness within your workforce.
● Leverage cutting-edge tools and techniques for proactive threat hunting and incident response.
● Implement security awareness, incident response, and SOC operations technically.
Who this book is for
This book is for cybersecurity professionals, including managers and architects, IT managers, system administrators, security analysts, and CISOs seeking a comprehensive understanding of threat and vulnerability management. Prior basic knowledge of networking principles and cybersecurity concepts could be helpful to fully leverage the technical depth presented.
Table of Contents
1. Rise of Vulnerability Management
2. Understanding Threats
3. The Modern Threat Landscape
4. The Cost of Cybercrime
5. Foundations of Vulnerability Management
6. Vulnerability Scanning and Assessment Techniques
7. Vulnerability Risk Analysis
8. Patch Management Prioritization and Remediation
9. Security Awareness Training and Employee Education
10. Planning Incident Response and Disaster Recovery
11. Role of Security Champions and Security Operations Center
12. Measuring Program Effectiveness
13. Continuous Threat Detection and Response
14. Deception Technologies and Threat Hunting
15. Integrating Vulnerability Management with DevSecOps Pipelines
16. Emerging Technology and Future of Vulnerability Management
17. The CISO’s Toolkit
APPENDIX: Glossary of Terms
