Chelly / Tan / Tran | Building a Cyber Resilient Business | E-Book | www.sack.de
E-Book

E-Book, Englisch, 232 Seiten

Chelly / Tan / Tran Building a Cyber Resilient Business

A cyber handbook for executives and boards
1. Auflage 2024
ISBN: 978-1-80323-969-9
Verlag: De Gruyter
Format: EPUB
Kopierschutz: 0 - No protection

A cyber handbook for executives and boards

E-Book, Englisch, 232 Seiten

ISBN: 978-1-80323-969-9
Verlag: De Gruyter
Format: EPUB
Kopierschutz: 0 - No protection



With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business's cyber resilience due to its complex nature and the lack of a clear return on investment.
This book demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO).
The book equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The book also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required.
With this book, you'll have a deeper appreciation of the various ways all executives can contribute to the organization's cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business.

Chelly / Tan / Tran Building a Cyber Resilient Business jetzt bestellen!

Weitere Infos & Material


Table of Contents - The CEO Cyber Manual
- A Modern Cyber-Responsible CFO
- The Role of the CRO in Cyber Resilience
- Your CIO—Your Cyber Enabler
- Working with Your CISO
- The Role of the CHRO in Reducing Cyber Risk
- The COO and Their Critical Role in Cyber Resilience
- The CTO and Security by Design
- The CMO and CPO—Convergence Between Privacy and Security
- The World of the Board
- The Recipe for Building a Strong Security Culture—Bringing It All Together


Preface


Executive leadership is essential in creating a culture of cybersecurity and business resilience within an organization. Therefore, every executive has a role to play in cybersecurity and their organization’s cyber resilience. Executives must be aware of the risks their organization faces, and they must collaborate to put in place the right strategy to protect the company’s data and infrastructure.

In addition, executive team members can play a critical role in responding to a cyber incident. They can provide direction during the response phase, help ensure all stakeholders are kept informed, and make decisions about how to best restore systems and services. Finally, executives must also continue to work toward increasing the organization’s overall cybersecurity posture, even when there is not an active incident.

This book provides an in-depth view of each executive’s role in the cyber-resilience journey and provides practical insights, with lessons learned, supporting a mindset change to address the new digitization era.

Who this book is for


This book is for you—the executive who is curious about cyber resilience and cyber risk and is ready to understand the importance of everyone’s role in achieving it.

What this book covers


, , starts by laying out the fundamentals of building a cyber-resilient business in a digitized world. The Chief Executive Officer has a critical role in cybersecurity and cyber resilience, as they are ultimately responsible for the overall security of the company and its data.

, , lines up the fundamentals for a CFO’s success in supporting cyber resilience. The Chief Financial Officer has a critical role in cybersecurity and cyber resilience. One of their key functions is to ensure the organization has accurate data to make decisions. The CFO is also responsible for ensuring there is a process in place to quantify the losses associated with a cyberattack, in collaboration with the Chief Information Security Officer. This includes quantifying the financial loss but also the cost of downtime, loss of customer data, and loss of employee productivity.

, , looks at the Chief Risk Officer’s perspectives, challenges, and how cyber risk is integrated into an enterprise’s risk management strategy. The CRO is responsible for making sure the company is managing all types of risks, and when it comes to cyber, they need to collaborate closely with the CISO to achieve a balanced risk posture.

, , explores the Chief Information Officer’s role in cyber resilience, which is to ensure an organization has a technology infrastructure while protecting its digital assets and that these assets are accessible to the appropriate stakeholders when needed. It is the CIO’s responsibility to keep up with new technologies and to develop policies and procedures for incorporating these technologies into the organization’s infrastructure, including security and privacy concerns. This can be a challenging task, as it often requires balancing security needs with business needs. This chapter presents examples of conflict of interest inherent in the CIO’s responsibilities and how to address them while continuing to innovate.

, , is a thorough overview of the Chief Information Security Officer’s world, challenges, lessons learned, and practical insights on cyber-risk quantification and risk transfer. The CISO is responsible for risk management within an organization. They work with senior leadership to ensure the company is protected from cyber threats and business processes can continue in the event of a cyber incident. The CISO is also responsible for usability while maintaining a balance with security. They work with departments across the company to ensure employees have access only to data they need to do their jobs, and that information is accessible in a way that makes sense for the business.

, , delves into the Chief Human Resources Officer’s role in cybersecurity, which is to ensure the company has the proper HR policies and procedures in place to protect employees’ personal data and mitigate the risk of a cyberattack. The CHRO, together with the CISO, is responsible for developing and implementing a security awareness program that educates employees about how to protect themselves online, how to spot phishing emails, and what to do if they suspect they’ve been compromised. As well, the CHRO must work with the CISO to establish a cultural change and cyber awareness adoption.

, , examines the role of the Chief Operating Officer in cybersecurity, which is to help develop and execute an organization’s Business Continuity Plan (BCP). The BCP outlines how the company will continue to function in the event of a major disruption, such as a cyberattack. The COO is responsible for ensuring the BCP is up to date and comprehensive and all departments are aware of their roles and responsibilities in relation to it. Collaboration between the COO and the CISO is critical in achieving a successful resilient journey.

, , specifically addresses the responsibilities of the Chief Technology Officer in supporting cyber resilience. The role of the CTO in cybersecurity is to ensure software development processes are secure and compliant with industry standards. This includes overseeing the Secure Development Life Cycle (SDLC), which encompasses code review, testing, and other activities designed to ensure applications are free of vulnerabilities. In addition, the CTO works closely with other parts of the organization to ensure security is embedded into every facet of the business, which necessitates strong collaboration with the CISO.

, , explores how, in recent years, the roles of Chief Marketing Officer and Chief Privacy Officer have become increasingly important in cybersecurity. As the world becomes more connected, businesses are collecting and storing more data than ever before. And with the General Data Protection Regulation (GDPR) recently coming into effect, companies must be extra careful about how they collect, process, and store customer data. That’s where the CMO and CPO come in. The CMO is responsible for overseeing all marketing activities within a company. This includes developing marketing strategies, planning and executing marketing campaigns, and analyzing market trends. The CPO, on the other hand, is responsible for ensuring a company’s privacy policy complies with all applicable laws and regulations. This chapter provides good insights on how those two roles support cyber resilience.

, , looks at business priorities and clarifies a board of directors’ role in achieving business resilience while supporting the CISO. The role of the board in cybersecurity is to ensure an organization has adequate defenses in place to protect its digital assets and management has put in place processes and protocols to mitigate risk and respond to incidents. The board should also ensure the organization has a risk management framework in place, which includes assessing vulnerabilities and threats, determining acceptable levels of risk, and implementing mitigating controls. Finally, the board should review incident response plans to make sure they are adequate and enable the organization to quickly restore normal operations after an incident.

, , brings together everything we have learned and provides a holistic overview of how a team effort leads to a resilient business. An organization’s cyber-awareness culture is a collection of values, policies, and norms governing how its employees use personal data and information technology. A strong cyber-awareness culture helps an organization protect itself from cyber threats by educating and empowering its employees to be security conscious in their daily work routines.

Download the color images


We also provide a PDF file that has color images of the screenshots and diagrams used in this book. You can download it here: https://packt.link/xgNMw.

Get in touch


Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, email us at customercare@packtpub.com and mention the book title in the subject line of your message.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata and fill in the form.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at copyright@packt.com with a link to the...


Chelly Dr. Magda Lilia :

Dr. Magda Lilia Chelly is an award-winning global cybersecurity leader. She has been named one of the top 20 most influential cybersecurity personalities in 2017 and 2021 by IFSEC Global. Magda has authored her first book called "Light, Shadow and Cyber: Vera's Cyber Adventures." Magda's many appearances discussing cybersecurity on national and international TV, Radio, and News Magazines have raised her profile as the media's go-to expert on cybersecurity subjects. In her career, Magda wore several hats. She has been an Information Security Officer for multiple organizations. She developed businesses in the cyber advisory space. Magda also co-founded a cybersecurity start-up in Singapore Responsible Cyber, valued at 7 Million SGD in 2020.Tan Shamane :

As one of the most established women in the fields of technology and cybersecurity, Shamane Tan is the Chief Growth Officer at Sekuro, leading the security outreach strategy with the C-Suite and executives. Recognized by IFSEC as a Global Top 20 Cybersecurity Influencer and awarded ASEAN Top 30 Women in Security, the ‘Cyber Risk Leaders' and 'Cyber Mayday and the Day After' author was also listed in the 40 under 40 Most Influential Asian-Australians. Winner of multiple awards including ARN Shining Star (Multinational) 2021 and AiSP Singapore's Cybersecurity (Professional) award, the TEDx speaker and podcaster is also the founder of Cyber Risk Meetup, an international community and platform for cyber risk executives to exchange learnings.Tran Hai :

Hai Tran was a Chief Executive Officer with extensive GRC leadership experience across a broad range of industry sectors including higher education, telecommunications, federal government, and law enforcement, including 5 years as the inaugural CISO for Western Australia Police Force. He had a pragmatic and business-led approach to security based on the philosophy that security should be an enabler, pervasive and frictionless. Hai held a CISSP, CISM, CISA, Diploma of Policing (Australian Federal Police College), Bachelor of Commerce (University of WA), and Masters of Electronic Commerce (Murdoch University) with a track record of building high performing teams, and embedding security into business processes to enable technology innovation and enhance business performance.



Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.