Most organizations are undergoing a digital transformation of some sort and are looking to embrace innovative technology, but new ways of doing business inevitably lead to new threats which can cause irreparable financial, operational and reputational damage. In an increasingly punitive regulatory climate, organizations are also under pressure to be more accountable and compliant.
Cyber Risk Management clearly explains the importance of implementing a cyber security strategy and provides practical guidance for those responsible for managing threat events, vulnerabilities and controls, including malware, data leakage, insider threat and Denial-of-Service.
Examples and use cases including Yahoo, Facebook and TalkTalk, add context throughout and emphasize the importance of communicating security and risk effectively, while implementation review checklists bring together key points at the end of each chapter. Cyber Risk Management analyzes the innate human factors around risk and how they affect cyber awareness and employee training, along with the need to assess the risks posed by third parties. Including an introduction to threat modelling, this book presents a data-centric approach to cyber risk management based on business impact assessments, data classification, data flow modelling and assessing return on investment. It covers pressing developments in artificial intelligence, machine learning, big data and cloud mobility, and includes advice on responding to risks which are applicable for the environment and not just based on media sensationalism.
“One of the most informative books currently on the market that demystifies the risk management process surrounding cyber security. Chris uses up-to-date case studies to highlight the most important aspects of cyber risk, informing the reader of current best practices within industry, how to implement it within your company and ultimately how you can keep your business safe against the growing number of cyber threats out there.”
Tom Huckle, Head Of Cyber Training And Development, Crucial Academy
“Written in an extremely accessible style and covering issues of vital importance to today’s organisations, Cyber Risk Management offers a valuable resource for a managers and scholars looking to understand more about the topic, as well as for cyber security professionals seeking an experience-based account of the issues they are likely to be facing.”
Steven Furnell, Professor of Information Security, University of Plymouth
“Cyber Risk Management is extremely well researched and provides the reader with a simple to follow, guided journey through the cyber issues we face and the approaches we should be taking to cope with them. The pragmatic style demystifies complex issues making this a great read for both experienced security professionals and non-professionals alike.”
Amanda Finch, CEO, Institute of Information Security Professionals
“An approachable resource that combines Chris’s considerable business acumen and life experiences with risk management approaches and frameworks. This book will help executives and techies alike find common ground as they handle today’s cybersecurity challenges”James Stanger, Chief Technology Evangelist, CompTIA
“The approach Chris suggests is sensible, methodical, and pragmatic, everything you want when running security for a business”James Freestone, Deputy Chief Information Security Officer, Informa
“A thoroughly enjoyable and insightful book that provides a well-rounded perspective into the interconnected world of cyber-risk management. The breadth of knowledge and the wonderful similes used to breakdown complex ideas show that Chris clearly knows his stuff!”Atif Rafiq, Chief information Security Officer, Quantexa