Buch, Englisch, 306 Seiten, Format (B × H): 156 mm x 234 mm
Buch, Englisch, 306 Seiten, Format (B × H): 156 mm x 234 mm
Reihe: Security, Audit and Leadership Series
ISBN: 978-1-041-24622-0
Verlag: Taylor & Francis Ltd
1st Edition
Security Relationship Management
Leveraging Marketing Concepts to Advance a Cybersecurity Program
Aligning information security to the goals and strategies of the business is paramount for ensuring risks are addressed, without an abundance of negative impacts to the company. But how does a Chief Information Security Officer (CISO) accomplish effective alignment? A security executive must understand the detailed needs of business leaders and stakeholders from across all corners of the company. We cannot rely on a standard cadence of general security discussions across all of the lines of business, as well as functional areas, and expect our alignment to be maximally effective. Instead, we should promote our security programs in such a way that makes it personal to whomever we are speaking with at any given time.
By leveraging already established and tested marketing concepts, slightly altered for information security, the CISO can tailor their message to fit the needs of each stakeholder. This allows for in-depth business alignment, as well as a holistic view of the company’s underpinnings for the CISO. Within these pages, the reader will learn how segmentation, the Four Ps, and customer relationship management techniques, can help to transform their security program. Additionally, the book introduces a concept called Security Relationship Management (SRM) that optimizes the creation and nurturing of the hundreds of professional relationships (within and outside the company) that a CISO must balance each week. Through structured tracking of interactions and analyzing SRM data, the CISO ensures that relationships are managed effectively, which increases alignment between the business and cybersecurity initiatives. Pick up your copy of Security Relationship Management: Leveraging Marketing Concepts to Advance a Cybersecurity Program, today to begin your SRM journey.
Please visit www.novelsecurity.com for more information.
1st Edition
The Shortest Hour
An Applied Approach to Boardroom Governance of Cyber Security
Independent directors of corporate boards understand the importance of cyber security as a business issue. Increased regulatory requirements, the onslaught of breaches, as well as the replacement of the corporate network perimeter with more third-party partnerships have all contributed to cyber security rising to the top of enterprise risks. Yet, many directors only receive a few brief cyber security updates during the year. Moreover, many directors have devoted their careers to other important business disciplines and may not fully grasp the technical concepts of cyber security.
The challenge is that many publications on board cyber security governance address the topic at such a high level that it removes the important context of the cyber security details—or covers the topic too deeply with hard-to-understand technical language. These resources may often provide lists of security questions for directors to ask of their management team, but they do not provide the answers to the questions so that actionable oversight can be performed. What I would have wanted, and why you are probably reading this book summary, is a resource that delivers the questions to ask but also provides the answers and in a narrative, easy-to-understand style.
An award-winning Chief Information Security Officer with over two decades of working with multiple Fortune 500 boards, Lee Parrish provides an example-laden vision to improve cyber security governance in the boardroom. Additionally, Lee deciphers the technical jargon to increase the reader’s cyber fluency—not to make you a cyber expert but to help you be able to ask direct questions, understand the answers provided, challenge strategies, and advise on important cyber decisions.
Pick up your copy of The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security today and start your journey on achieving more effective cyber security oversight.
Want to learn more? Please visit www.novelsecurity.com
Zielgruppe
Professional Practice & Development, Professional Reference, and Professional Training
Autoren/Hrsg.
Fachgebiete
Weitere Infos & Material
1st Edition
Security Relationship Management
Leveraging Marketing Concepts to Advance a Cybersecurity Program
Dedication
Introduction
Chapter 1: Aligning on the CISO Role
The Importance of Information Security
Enterprise Reach
Executive Level Access
Putting It All Together
Chapter 2: Security Relationship Management Defined
Chapter 3: Marketing Concepts Re-Imagined
Getting Started
Product
Price
Place
Promotion
Chapter 4: Segmentation (Not the Network Kind)
Chapter 5: Segmentation Suggestions
Corporation
Board of Directors
Executive Team
Cybersecurity Governance Committee
Top Cybersecurity Proponents
Other Committees
Business Unit
Manufacturing
Distribution
International
Human Resources/Talent Management
Finance
Sales
Information Technology (IT)
Digital & eCommerce
Communications/Investor Relations
Legal (Including Outside Counsel)
Internal Audit
Top Cybersecurity Vendors
The Cybersecurity Team
Chapter 6: The Core Attributes of Segments
Critical Stakeholders
Metrics & Measurements
Segment Contributions
Segment Details
Feedback Loops
Compliance Requirements
Cultural Considerations
Documentation Retention
Chapter 7: The ABC’s of SRM
Connection Status
Advocate
Connection
Initial Interaction
Shadow
Tracking Connections
Connection Information
Top Initiatives
A Level Deeper
Chapter 8: SRM Analytics
Scenario One
Scenario Two
Scenario Three
Broader Themes
Chapter 9: Moving Outside of Your Corporation
Frequency
Scale
Data Elements
Vendor Relationships
Chapter 10: Addressing Challenges
Managing Engagement Challenges
Oversaturation & Balancing the Message
Unconventional Measures
Geographical Challenges
Company Size
Chapter 11: The Future of SRM
Appendix: SRM Toolkit
SRM Discussion Topics
Industry-specific Relationship Building
1st Edition
The Shortest Hour
An Applied Approach to Boardroom Governance of Cyber Security
About the Author
Preface
Introduction
SECTION ONE. Enhancing Board Oversight
1. The threat landscape
2. The chief information security officer role
3. Security vs. compliance
4. Examining the information security board governance structure
5. Information security assessment
6. The strategic plan
7. The importance of execution
8. Financing cyber security
9. The role of security vendors and consultants
10. Security service management
11. A vision for cyber security board governance
SECTION TWO. Cyber security overview
12. Security operations
13. Incident response
14. Security awareness
15. Policy management
16. Risk management
17. The path ahead
Appendix: Cyber security inquiry checklist
Index
