Book Description
Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team.
Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this.
Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges.
This open book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included.
This open book is licensed under a Creative Commons License (CC BY). You can download Rational Cybersecurity for Business ebook for free in PDF format (6.9 MB).
Table of Contents
Chapter 1
Executive Overview
Chapter 2
Identify and Align Security-Related Roles
Chapter 3
Put the Right Security Governance Model in Place
Chapter 4
Strengthen Security Culture Through Communications and Awareness Programs
Chapter 5
Manage Risk in the Language of Business
Chapter 6
Establish a Control Baseline
Chapter 7
Simplify and Rationalize IT and Security
Chapter 8
Control Access with Minimal Drag on the Business
Chapter 9
Institute Resilience Through Detection, Response, and Recovery
Chapter 10
Create Your Rational Cybersecurity Success Plan