Stepping Through Cybersecurity Risk Management

Jennifer L Bayuk

Buch

A Systems Thinking Approach

lieferbar innerhalb 1-2 Wochen
(soweit verfügbar beim Lieferanten)

Aktueller Preis: EUR 110,51

Versandkosten (United States of America): EUR 19,90

Verlag:: Wiley, 03/2024
Einband:: Gebunden
Sprache:: Englisch
ISBN-13:: 9781394213955
Artikelnummer:: 11563597
Umfang:: 336 Seiten
Gewicht:: 617 g
Maße:: 229 x 152 mm
Stärke:: 19 mm
Erscheinungstermin:: 26.3.2024
Hinweis: Achtung: Artikel ist nicht in deutscher Sprache!

Klappentext

Authoritative resource delivering the professional practice of cybersecurity from the perspective of enterprise governance and risk management.

Stepping Through Cybersecurity Risk Managementcovers the professional practice of cybersecurity from the perspective of enterprise governance and risk management. It describes the state of the art in cybersecurity risk identification, classification, measurement, remediation, monitoring and reporting. It includes industry standard techniques for examining cybersecurity threat actors, cybersecurity attacks in the context of cybersecurity-related events, technology controls, cybersecurity measures and metrics, cybersecurity issue tracking and analysis, and risk and control assessments.

The text provides precise definitions for information relevant to cybersecurity management decisions and recommendations for collecting and consolidating that information in the service of enterprise risk management. The objective is to enable the reader to recognize, understand, and apply risk-relevant information to the analysis, evaluation, and mitigation of cybersecurity risk. A well-rounded resource, the text describes both reports and studies that improve cybersecurity decision support.

Composed of 10 chapters, the author provides learning objectives, exercises and quiz questions per chapter in an appendix, with quiz answers and exercise grading criteria available to professors.

Written by a highly qualified professional with significant experience in the field, Stepping Through Cybersecurity Risk Managementincludes information on:

Threat actors and networks, attack vectors, event sources, security operations, and CISO risk evaluation criteria with respect to this activity
Control process, policy, standard, procedures, automation, and guidelines, along with risk and control self assessment and compliance with regulatory standards
Cybersecurity measures and metrics, and corresponding key risk indicators
The role of humans in security, including the "three lines of defense" approach, auditing, and overall human risk management
Risk appetite, tolerance, and categories, and analysis of alternative security approaches via reports and studies

Providing comprehensive coverage on the topic of cybersecurity through the unique lens of perspective of enterprise governance and risk management, Stepping Through Cybersecurity Risk Managementis an essential resource for professionals engaged in compliance with diverse business risk appetites, as well as regulatory requirements such as FFIEC, HIIPAA, and GDPR, as well as a comprehensive primer for those new to the field.