Build a robust cybersecurity program that adapts to the constantly evolving threat landscape
Key Features
- Gain a deep understanding of the current state of cybersecurity, including insights into the latest threats such as Ransomware and AI
- Lay the foundation of your cybersecurity program with a comprehensive approach allowing for continuous maturity
- Equip yourself and your organizations with the knowledge and strategies to build and manage effective cybersecurity strategies
Book Description
Building a Comprehensive Cybersecurity Program addresses the current challenges and knowledge gaps in cybersecurity, empowering individuals and organizations to navigate the digital landscape securely and effectively. Readers will gain insights into the current state of the cybersecurity landscape, understanding the evolving threats and the challenges posed by skill shortages in the field.
This book emphasizes the importance of prioritizing well-being within the cybersecurity profession, addressing a concern often overlooked in the industry. You will construct a cybersecurity program that encompasses architecture, identity and access management, security operations, vulnerability management, vendor risk management, and cybersecurity awareness. It dives deep into managing Operational Technology (OT) and the Internet of Things (IoT), equipping readers with the knowledge and strategies to secure these critical areas.
You will also explore the critical components of governance, risk, and compliance (GRC) within cybersecurity programs, focusing on the oversight and management of these functions. This book provides practical insights, strategies, and knowledge to help organizations build and enhance their cybersecurity programs, ultimately safeguarding against evolving threats in today’s digital landscape.
What you will learn
- Build and define a cybersecurity program foundation
- Discover the importance of why an architecture program is needed within cybersecurity
- Learn the importance of Zero Trust Architecture
- Learn what modern identity is and how to achieve it
- Review of the importance of why a Governance program is needed
- Build a comprehensive user awareness, training, and testing program for your users
- Review what is involved in a mature Security Operations Center
- Gain a thorough understanding of everything involved with regulatory and compliance
Who this book is for
This book is geared towards the top leaders within an organization, C-Level, CISO, and Directors who run the cybersecurity program as well as management, architects, engineers and analysts who help run a cybersecurity program. Basic knowledge of Cybersecurity and its concepts will be helpful.
Table of Contents
- Current State
- Setting the Foundations
- Building your Roadmap
- Solidifying your Strategy
- Cybersecurity Architecture
- Identity & Access Management
- Cybersecurity Operations
- Vulnerability Management
- Cybersecurity Awareness, Training & Testing
- Supplier Risk Management
- Proactive Services
- Operational Technology (OT) & the Internet of Things (IoT)
- Governance Oversight
- Managing Risk
- Regulatory & Compliance
- Some Final Thoughts
Review
“A solid guide that covers modern security threats like ransomware and AI attacks in a way that’s easy to understand. The book doesn’t just throw technical solutions at you – it shows you how to build a complete security program step by step, including how to manage IoT devices and keep your team sharp. Great for both beginners and experienced pros who want to strengthen their company’s security.”
Joas Santos, Author of the book Defense Evasion Techniques
About the Author
Mark Dunkerley is a cybersecurity and technology leader with over 20 years of experience working in higher education, healthcare, and Fortune 100 companies. Mark has extensive knowledge in IT architecture and cybersecurity through delivering secure technology solutions and services. He has experience in cloud technologies, vulnerability management, vendor risk management, identity and access management, security operations, security testing, awareness and training, application and data security, incident and response management, regulatory and compliance, and more. Mark holds a master’s degree in business administration and has received certifications through (ISC)², AirWatch, Microsoft, CompTIA, VMware, AXELOS, Cisco, and EMC. Mark has spoken at multiple events, is a published author, sits on customer advisory boards, has published several case studies, and is featured as one of Security magazine’s 2022 Top Cybersecurity Leaders.
