Enterprise Cybersecurity in Digital Business
Building a Cyber Resilient Organization
Cyber risk is the highest perceived business risk according to risk managers and corporate insurance experts. Cybersecurity typically is viewed as the boogeyman: it strikes fear into the hearts of non-technical employees. Enterprise Cybersecurity in Digital Business: Building a Cyber Resilient Organization provides a clear guide for companies to understand cyber from a business perspective rather than a technical perspective, and to build resilience for their business.
Written by a world-renowned expert in the field, the book is based on three years of research with the Fortune 1000 and cyber insurance industry carriers, reinsurers, and brokers. It acts as a roadmap to understand cybersecurity maturity, set goals to increase resiliency, create new roles to fill business gaps related to cybersecurity, and make cyber inclusive for everyone in the business. It is unique since it provides strategies and learnings that have shown to lower risk and demystify cyber for each person. With a clear structure covering the key areas of the Evolution of Cybersecurity, Cybersecurity Basics, Cybersecurity Tools, Cybersecurity Regulation, Cybersecurity Incident Response, Forensics and Audit, GDPR, Cybersecurity Insurance, Cybersecurity Risk Management, Cybersecurity Risk Management Strategy, and Vendor Risk Management Strategy, the book provides a guide for professionals as well as a key text for students studying this field.
The book is essential reading for CEOs, Chief Information Security Officers, Data Protection Officers, Compliance Managers, and other cyber stakeholders, who are looking to get up to speed with the issues surrounding cybersecurity and how they can respond. It is also a strong textbook for postgraduate and executive education students in cybersecurity as it relates to business.
Table of Contents
Part I: The Evolution of Cybersecurity.
1. Cyber – A business Issue
2. ‘Cyber Risk’
3. ‘The History of Cybersecurity’
4. ‘Cyber Consequences’
5. ‘Cyber Trends and Spending’
6. ‘Cyber Roles’
Part II: Cybersecurity Basics.
7. ‘Cyber –Attack Surfaces and Digital Asset Inventories’
8. ‘Cyber Terminology and Statistics’
9. ‘Enterprise Threats of Today and Cybercriminals’
10. ‘Cybersecurity Regulations, Standards and Frameworks’
11. ‘Enterprise Cybersecurity Programs’
12. ‘Organizational Cyber Maturities’
Part III: Cybersecurity Tools.
13. ‘Cyber Policies’
14. ‘Cybersecurity Tools
Part IV: Cybersecurity Regulation.
15. ‘U.S. Federal Regulations’
16. ‘U.S. State Regulations’
17. ‘New York State Department of Financial Services Part 500’
18. ‘Global, Industry or Other Types of Cybersecurity Regulations’
Part V: Incident Response, Forensics and Audit.
19. ‘Incident Response Plans’
20. ‘Forensic Methods’
21. ‘IT Audit’
Part VI: Cybersecurity Risk Management.
22. ‘Cybersecurity Financial Exposures’
23. ‘Digital Asset Cyber Risk Modeling and Scoring’
24. ‘Mitigating Cybersecurity Scores and Residual Cyber Risk Scores’
Part VII: GDPR and Privacy.
25. ‘GDPR Overview’
26. ‘GDPR Articles’
27. ‘GDRP Evidence’
28. ‘GDPR Privacy Impact Assessment (PIA)’
Part VIII: Cybersecurity Risk Management Strategy.
29. ‘CISO Strategies’
30. ‘Cyber in the Board Room’
Part IX: Cybersecurity Insurance.
31. ‘Cyber Insurance Overview’
32. ‘Calculating Limits Adequacy’
33. ‘Ransomware Strategies’
Part X: Introduction to Cybersecurity Vendor Risk Management.
34. ‘Vendor Risk Overview’
35. ‘Vendor Cybersecurity Regulations’
Ariel Evans is the CEO of Cyber Intelligence 4U and a Senior Cyber Security Expert and an Entrepreneur based in Israel. She also is the Enterprise Cybersecurity Chairperson at Rutgers and Pace Universities.