E-Book, Englisch, 68 Seiten
Wright How Cyber Security Can Protect Your Business
1. Auflage 2019
ISBN: 978-1-78778-197-9
Verlag: De Gruyter
Format: EPUB
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
A guide for all stakeholders
E-Book, Englisch, 68 Seiten
ISBN: 978-1-78778-197-9
Verlag: De Gruyter
Format: EPUB
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Summary - Explains in easy-to-understand terms what executives and senior managers need to know and do about the ever-changing cyber threat landscape.
- Gives strategic, business-focused guidance and advice relevant to C-suite executives.
- Provides an effective and efficient framework for managing cyber governance, risk and compliance.
- Explains what is required to implement an effective cyber security strategy.
Description With high-profile cyber attacks, data breaches and fines for GDPR (General Data Protection Regulation) non-compliance hitting the headlines daily, businesses must protect themselves and their reputations, while reassuring stakeholders they take cyber security seriously. Cyber attacks are becoming more sophisticated and prevalent, and the cost of data breaches is soaring. In addition, new regulations and reporting requirements make cyber security a critical business issue. Board members and senior management must understand the threat landscape and the strategies they can employ to establish, implement and maintain effective cyber resilience throughout their organisation. How Cyber Security Can Protect your Business – A guide for all stakeholders provides an effective and efficient framework for managing cyber governance, risk and compliance, which organisations can adapt to meet their own risk appetite and synchronise with their people, processes and technology. It explains what is meant by governance, risk and compliance, how it applies to cyber security and what is required to implement an effective cyber security strategy. The pocket guide: - Gives readers a greater understanding of cyber governance, risk and compliance;
- Explains what executives, senior managers and their advisors need to know and do about the ever-changing cyber threat landscape;
- Provides context as to why stakeholders need to be aware of and in control of their organisation’s cyber risk management and cyber incident response;
- Gives guidance on building an appropriate and efficient governance framework that enables organisations to demonstrate their cyber approach in a non-technical, strategic, business-focused way;
- Details an overview process to enable risk assessment, assess existing defence mitigations and provide a framework for developing suitable controls; and
- Includes a checklist to help readers focus on their higher-priority cyber areas.
Suitable for all managers and executives, this pocket guide will be of interest to non-cyber specialists, including non-executive directors, who may be required to review cyber arrangements. For cyber specialists, it provides an approach for explaining cyber issues in non-jargonistic, business-based language. Kick-start your journey to becoming cyber secure – buy this pocket guide today!
Weitere Infos & Material
Chapter 1: Introduction to Cyber Security GRC Background to GRC The three lines of defence model What is the relevance of GRC to cyber? Chapter 2: Cyber Security Governance Introduction and overview Culture and awareness Threat and risk awareness Risk management Responding to cyber incidents Cyber SOX Summary: Key cyber security questions for directors to ask Chapter 3: Cyber Security Risk Management Introduction and overview Risk management scoping Process and control mapping Risk assessment Designing and implementing controls Testing of controls Summary and conclusions Chapter 4: Cyber Risks and Controls Introduction and overview Identifying cyber risks and controls Third-party service providers Protecting against cyber risks Access management Firewalls Security patching Vulnerability management Anti-malware Security by design Summary and conclusion Chapter 5: Responding to an Attack Introduction and overview Preparing for cyber attacks Detecting potential cyber attacks Security operations centre IT service helpdesk Recovery following a cyber attack Summary Chapter 6: Cyber Compliance Overview and introduction Cyber compliance requirements IT (or information) security policy ISO 27001 General Data Protection Regulation Network and Information Systems (NIS) requirements Payment Card Industry Data Security Standard Sarbanes-Oxley Act Third-party compliance Cyber insurance policy clauses Summary References Further Reading
