Cumulative Effect: Cyber Security Guide for Directors and CEOs

Description

For years, cyber security was the ‘poor relation’ in many boardrooms: treated as inferior to other priorities, seen as an irritating cost centre and assumed to be money that could be spent ‘better’ elsewhere. That mindset is rarely the result of a single bad decision. It is inertia, the cumulative effect of multiple factors and, above all, a lack of understanding of how dramatically the landscape... Read more

For years, cyber security was the ‘poor relation’ in many boardrooms: treated as inferior to other priorities, seen as an irritating cost centre and assumed to be money that could be spent ‘better’ elsewhere. That mindset is rarely the result of a single bad decision. It is inertia, the cumulative effect of multiple factors and, above all, a lack of understanding of how dramatically the landscape has changed over the past 25 years.

This book is written as a practical wake-up call for Board Members and CEOs. It reframes cyber security as a leadership issue rooted in the inherent insecurities of the internet on which modern organisations are built, encouraging leaders to think as if they operate in a high-crime area. It then shows how to translate that mindset into board-level oversight: strengthening domain and subdomain controls and certificate management, expanding organisational KPIs to include correctly chosen cyber measures (such as year-on-year reduction in IT ecosystem complexity) and making explicit decisions about unmanaged devices such as BYOD and home computers.

The book also introduces a ‘cyber security risk-reward’ lens for business cases, reshaping how leaders assess digital transformation, agile delivery, SaaS sprawl and shadow IT. It clarifies shared security responsibility and how to implement and manage it properly, then broadens the conversation to supply chain cyber risks and dependencies across all vendors and service providers, not just IT. It highlights the strategic importance of DNS ownership and management, examines the cyber implications of reliance on ‘digital monopolies’ such as Microsoft or CrowdStrike and makes clear that compliance does not equal security: standards and frameworks may help, but they do not guarantee real security. Finally, it tackles modern boardroom pressure points, including avoiding FOMO-driven decisions, assessing AI adoption through a cyber risk lens and planning for post-quantum cryptography.

Read less

Foreword
Preface: Why you should read this book
About the author
Acknowledgments
Introduction: Personal liability and cyber insurance
1. Cumulative effect
2. CIA, risk appetite, and risk exposure
3. The fifth column
4. Complexity tax
5. Digital revolution (and its consequences)
6. Agile curse
7. Cloud: Who owns the breach?
8. SaaS sprawl
9. Supply chain challenges
10. The fifth column just got bigger: Internet protocols
11. Compliance ≠ Security
12. Standards and frameworks
13. Tyranny of KPIs
14. Gone phishing
15. Emerging threats
Conclusion

Author(s)

Biography

Dr Vladas Leonas is a subject matter expert and specialises in ICT Strategies, their implementation and ICT Operations, gateway reviews and internal audits, enterprise risk management, cyber security, governance, procurement, and compliance. Over the last 25 years, he has held eight CIO and CTO positions.

Cumulative Effect Cyber Security Guide for Directors and CEOs

Description

Table of Contents

Author(s)

Biography

SOCIAL NETWORKS

Secure Shopping Payment Options