2 minute read

Cyber Risk Management

Prioritize Threats, Identify Vulnerabilities and Apply Controls

Edition: 1 Date: 03/06/2019 Price: £42.99 ISBN Paperback: 9780749484125 ISBN Ebook: 9780749484132 Pages: 416 Format (mm): 230x155 Product Category: Supplementary Text/

Professional

Subject: Risk Management

Author Information

Christopher J Hodson is Chief Information Security Officer (CISO), EMEA at Tanium. He has 18 years’ experience across the financial, retail, energy and media industry sectors and was previously CISO, EMEA and Data Protection Officer at Zscaler. He holds an MSc in Cyber Security from Royal Holloway and retains an active role in the Infosec industry through directorship of the Institute of Information Security Professionals (IISP) and membership of CompTIA’s Cyber Security Committee. « Provides guidance on managing common threats to confidentiality, integrity and availability including malware, data leakage, insider threat and Denial-of-Service « Includes examples and use cases including Yahoo, Facebook and TalkTalk, along with implementation review checklists at the end of each chapter « Explores how to prioritize relevant risks rather than those sensationalized by the media « Covers human factors around cyber risk and how they impact employee training and cyber awareness « Contains interviews with leading security and risk professionals from a variety of industries

Description

Most organizations are undergoing a digital transformation of some sort and are looking to embrace innovative technology, but new ways of doing business inevitably lead to new threats which can cause irreparable financial, operational and reputational damage. In an increasingly punitive regulatory climate, organizations are also under pressure to be more accountable and compliant. Cyber Risk Management clearly explains the importance of implementing a cyber security strategy and provides practical guidance for those responsible for managing threat events, vulnerabilities and controls, including malware, data leakage, insider threat and Denial-of-Service.

Examples and use cases including Yahoo, Facebook and TalkTalk, add context throughout and emphasize the importance of communicating security and risk effectively, while implementation review checklists bring together key points at the end of each chapter. Cyber Risk Management analyzes the innate human factors around risk and how they affect cyber awareness and employee training, along with the need to assess the risks posed by third parties. Including an introduction to threat modelling, this book presents a data-centric approach to cyber risk management based on business impact assessments, data classification, data flow modelling and assessing return on investment. It covers pressing developments in artificial intelligence, machine learning, big data and cloud mobility, and includes advice on responding to risks which are applicable for the environment and not just based on media sensationalism.

Table of Contents

1 Contextualizing cybersecurity risk

1 Why now? The only constant is change 2 Technologies and security challenges 3 Data breaches

2 Cybersecurity programme management

3 What are cybersecurity and cybercrime? 4 Establishing a cybersecurity programme

3 Actors, events and vulnerabilities

4 Threat actors 5 Threat events 6 Vulnerabilities 7 Controls

4 Conclusion – The cybersecurity risk equation explained

5 Cyber risk management – A conclusion

This article is from: