1st Edition
Enterprise Security Risk Management (ESRM) in the Real World A Field Guide for Security Leaders Who Get Things Done
Introduction: Simplifying Security in a Complex World Section 1: Changing the Way We Think About Security 1. The ESRM Difference 2. Thinking Like a Risk Manager Section 2: Turning Strategy into Action — The Three Essential Questions 3. What Am I Trying to Protect? - Understanding Critical Assets and Their Impact 4. What Does It Truly Need to Be Protected From? - Understanding Threat to Evaluate Risk 5. How Can We Most Effectively and Efficiently Protect It? - Choosing the Best Mitigations for Your Risk Profile Section 3: Sustaining ESRM — Improvement, Oversight, and Culture 6. Continual Improvement Strategies 7. Required for Success: Making the Shift to a Security-Driven Culture Section 4: What’s Next for ESRM? 8. The Future of ESRM: Adapting to an Accelerating World
Biography
Rachelle Loyear is a seasoned security executive with 15 years of experience in corporate security and risk management. As Vice President of Integrated Security Solutions at one of the largest security services providers in the world, she works with clients across the globe in Enterprise Security Risk Management (ESRM) programs, focusing on aligning security strategies with organizational objectives. Her expertise encompasses both physical and cyber risk domains, ensuring comprehensive enterprise resilience.
