Is your enterprise’s strategy for cybersecurity just crossing its fingers and hoping nothing bad ever happens? If so…you’re not alone. Getting cybersecurity right is all too often an afterthought for Fortune 500 firms, bolted on and hopefully creating a secure environment. We all know this approach doesn’t work, but what should a smart enterprise do to stay safe?
Today, cybersecurity is no longer just a tech issue. In reality, it never was. It’s a management issue, a leadership issue, a strategy issue: It’s a "must have right"…a survival issue. Business leaders and IT managers alike need a new paradigm to work together and succeed.
After years of distinguished work as a corporate executive, board member, author, consultant, and expert witness in the field of risk management and cybersecurity, David X Martin is THE pioneering thought leader in the new field of CyRMSM. Martin has created an entirely new paradigm that approaches security as a business problem and aligns it with business needs. He is the go-to guy on this vitally important issue. In this new book, Martin shares his experience and expertise to help you navigate today’s dangerous cybersecurity terrain, and take proactive steps to prepare your company—and yourself —to survive, thrive, and keep your data (and your reputation) secure.
Table of Contents
Introduction. Chapter 1. The Current Landscape. Prong 1: CyRM℠: Cyber Risk Management. Chapter 2. Gather Intelligence, Anticipate Risk. Chapter 3. Building a More Effective Cybersecurity Defense. Chapter 4. Align Critical Decision-Making for IT vs. Business. Chapter 5. Cybersecurity for Senior Executives and Board Members. Prong 2: CyberWellness℠. Chapter 6. CyberWellness℠: A Companywide Approach. Chapter 7. Cultivate a Strong Culture to Enhance Cybersecurity. Prong 3: Cybersecurity as a Business Strategy. Chapter 8. Trust Will Become a Competitive Advantage. Chapter 9. CyRM℠ as a Vital Business Strategy. Chapter 10. How to Think About the Future. Conclusion. Appendix A: Guiding Principles for Cyber Risk Governance. Appendix B: Primer on Cybersecurity for Boards of Directors. Index.
David X Martin an internationally recognized expert on risk management and cybersecurity, as the CEO of DavidXMartin, a global cyber risk management consulting firm, is a member of the Sanctions Sub Committee of the US State Department, senior advisory board member for Fintech4Good and is a special counselor to the Center for Financial Stability. Formerly Chief Risk Officer for AllianceBernstein, he also held executive risk management positions at Citibank. Mr Martin was the founding chairman of the Investment Company Institute’s (ICI) Risk Committee, is an adjunct professor at NYUs Stern School of Business and is the author of “Risk and the Smart Investor and “The Nature of Risk” He is a frequent speaker at Risk and Cybersecurity conferences in the US and abroad and he and his family live in the New York Metropolitan area.
"Cyber risk management is much more than technology. It is core to business strategy and grounded in culture. This is the key message of David X Martin’s excellent and very timely book which is packed with his insights. Rich in both reflection and practical advice, this is essential reading for board members and executive leaders confronting the new uncertainties of our post-pandemic world."
Michael Power, London School of Economics and Political Science
"Today’s board directors face an incredible challenge: How to secure the company’s data assets while the incidence of cybercrime is going through the roof. David X Martin’s latest book tackles this essential question and offers a solid plan to ensure top leaders continue to manage risks while still leveraging technology for growth."
James M. Kerr, top management advisor and author of Indispensable: How To Build and Lead A Company Customers Can’t Live Without
"Like most corporate managers and executives, I always thought that cyber-security was a tech issue, to be handled by the IT department. Boy, was I wrong! David X Martin’s new book opened my eyes to the fact that cyber-security is a management issue, not just a tech issue. Cyber-security is everyone’s responsibility... and your organization’s defense against hackers, malware, and data theft is only as strong as your weakest employee. David’s terrific new book will show you how to protect your company – and yourself. Read it and reap… great results!"
BJ Gallagher, author of the diversity classic, "A Peacock in the Land of Penguins: A Fable About Creativity and Courage"
"David X Martin does the seemingly impossible. He shows how cyber security is not a cost but a competitive advantage. His book is fascinating and offers essential guidance to any C-level executive who needs to keep data secure (and that's every CEO)."
New York Times Best Selling Author Michael Levin
"I found the book to be well written, easy to read, and containing actionable, practicable strategies. I enjoyed the manner David used to provide the reader with a "how-to" framework for developing a prudent, agile vision to master the management of cybersecurity. The three prongs of risk management, cyber-wellness and ensuring the cybersecurity business model can succeed; provides a holistic approach and map for Boards and C-suite executives to adapt an offensive approach for this critical risk.
The increase in cybersecurity incidents necessities that Board and C-Suite leadership have the insightful information you provide, allowing them to prepare themselves to tackle the disruptive challenges that their organizations will confront in the years to come."
Frank Morisano 马博明
Chief Risk Officer
Industrial and Commercial Bank of China Limited
"David X Martin is among the nation's top risk management experts and scholars and when he sounds the alarm on cyber intrusion threats as a fundamental and possible existential risk to corporate America, he should be listened to carefully. In reality, cyber attacks are a national security threat, not simply a business risk. Both the private and public sectors are spending more money on cyber security than ever before and still being successfully attacked more than ever before. This is a failure of strategy, not technology. David X Martin's contribution to a more strategic conversation is invaluable."
Kevin R. Brock, former Assistant Director for Intelligence, Federal Bureau of Investigation
"David X Martin's latest book is a must for anyone who wants to manage cybersecurity issues. Security, as David rightly emphasizes, is not a technical problem, it is a key leadership responsibility. Cyber risk-management or CyRMsm helps promote innovation and trust. Over the pages, he explains the three prongs of CyRMsm: Risk Management, CyberWellnesssm and cybersecurity as a Business Strategy. I recommend this book full of examples and action points at the end of each chapter. Thank you David for sharing with us your 4 decades of experience in this book and for giving us the keys to success in cybersecurity management."
Florence Angles (Switzerland) | Chief Risk Officer, REYL & Cie Ltd; founder of a Risk Manager Association in Switzerland: GIROS ; member of Club de lecture et de Preìseìlection du Prix Turgot (Paris, France)□
"David X Martin served as co-chair of the DCRO Cyber Risk Governance Council, which drafted the DCRO Guiding Principles on Cyber Risk Governance. He's also the lecturer for the DCRO Institute's Certificate in Risk Governance program on Cyber Risk. His expertise is highly sought-after, and he has a global reputation as an expert across many dimensions of risk. So, when you read about companies paying tens of millions of dollars to free their critical systems, or as David calls them, "Crown Jewels," you know that organizations of almost any size need to understand Cyber Risk, cyber defenses, cyber resiliency, and cyber as a strategic topic that the board must cover. David expertly addresses all of those in this book
Chapter 6 of his book is on CyberWellness, which takes you through a plan to get there at your company. If for no other reason, buy the book for this chapter
And then remember, your company's value is in many ways dependent upon the level of trust that all your capital providers, employees, and customers have in you. A cyber breach can destroy that trust that you worked so hard to establish. Chapter 8 talks about trust becoming a competitive advantage.
Finally, because all risk is forward-looking, he wraps up the book talking about thinking about the future and making better decisions around risk and risk-taking.
I'm not sure that I have seen a more comprehensive approach to understanding and dealing with Cyber Risk at the executive and board level than what David has written. Buy it now. Read it right away."
David R. Koenig
President and CEO, the DCRO, the DCRO Institute
Author, Governance Reimagined, and The Board Member's Guide to Risk