Leirvik Understand, Manage, and Measure Cyber Risk

When it comes to managing cybersecurity in an organization, most organizations tussle with basic foundational components. This practitioner’s guide lays down those foundational components, with real client examples and pitfalls to avoid. A plethora of cybersecurity management resources are available—many with sound advice, management approaches, and technical solutions—but few with one common theme that pulls together management and technology, with a focus on executive oversight. Author Ryan Leirvik helps solve these common problems by providing a clear, easy-to-understand, and easy-to-deploy foundational cyber risk management approach applicable to your entire organization. The book provides tools and methods in a straight-forward practical manner to guide the management of your cybersecurity program and helps practitioners pull cyber from a “technical” problem to a “business risk management” problem, equipping you with a simple approach to understand, manage, and measure cyber risk for your enterprise. What You Will LearnEducate the executives/board on what you are doing to reduce riskCommunicate the value of cybersecurity programs and investments through insightful risk-informative metricsKnow your key performance indicators (KPIs), key risk indicators (KRIs), and/or objectives and key resultsPrioritize appropriate resources through identifying program-related gapsLay down the foundational components of a program based on real examples, including pitfalls to avoidWho This Book Is ForCISOs, CROs, CIOs, directors of risk management, and anyone struggling to pull together frameworks or basic metrics to quantify uncertainty and address risk