Cybersecurity Readiness: A Holistic and High-Performance Approach
Autor Dave Chatterjeeen Limba Engleză Hardback – 18 mar 2021
Preț: 403.98 lei
Nou
Puncte Express: 606
Preț estimativ în valută:
77.31€ • 80.31$ • 64.22£
77.31€ • 80.31$ • 64.22£
Carte disponibilă
Livrare economică 13-27 ianuarie 25
Livrare express 27 decembrie 24 - 02 ianuarie 25 pentru 42.51 lei
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781071837337
ISBN-10: 1071837338
Pagini: 336
Dimensiuni: 152 x 229 x 24 mm
Greutate: 0.62 kg
Ediția:First Edition
Editura: SAGE Publications
Colecția Sage Publications, Inc
Locul publicării:Thousand Oaks, United States
ISBN-10: 1071837338
Pagini: 336
Dimensiuni: 152 x 229 x 24 mm
Greutate: 0.62 kg
Ediția:First Edition
Editura: SAGE Publications
Colecția Sage Publications, Inc
Locul publicării:Thousand Oaks, United States
Recenzii
Information security has become an important and critical component of every organization. In his book, Professor Chatterjee explains the challenges that organizations experience to protect information assets. The book sheds light on different aspects of cybersecurity including a history and impact of the most recent security breaches, as well as the strategic and leadership components that help build strong cybersecurity programs. This book helps bridge the gap between academia and practice and provides important insights that may help professionals in every industry.
This book by Dave Chatterjee is by far the most comprehensive book on cybersecurity management. Cybersecurity is on top of the minds of board members, CEOs, and CIOs as they strive to protect their employees and intellectual property. This book is a must-read for CIOs and CISOs to build a robust cybersecurity program for their organizations.
Professor Chatterjee’s Cybersecurity Readiness: A Holistic and High-Performance Approach fills a critical unmet need for concise, timely, and actionable information for information technology and business leaders. So much of the literature available today is either too high level or too detailed to be usable by most practitioners. The book’s novel Cybersecurity Readiness Scorecard is a tool that any business should be able to use to better manage their risk.
Business executives in today’s world are aware of cybersecurity threats, but many of them are not comfortable with technical discussions. Dr. Chatterjee has made an excellent effort to help business executives understand cybersecurity risks and learn how to mitigate them at the management level. A systematic approach described in this book will help executives launch an effective cybersecurity strategy. I would highly recommend this book for all business and IT executives.
It is time for a holistic (and high-performance) approach to cybersecurity. While cybersecurity remains, nay grows, a pandemic in its own right, it is increasingly more than simply an engineering problem, a network problem, an access problem, or a denial of service problem, awaiting technical solutions. It is all of the above and then some. It is an overarching and alarming business problem. From an accounting/ auditing perspective, it represents a going concern issue; from a managerial standpoint, it may lead to reputation loss, capital market misgivings, internal audit harangues, external audit jitters, legal woes, privacy implications, customer flight, penalties, and it questions the very survival of corporate and non-corporate entities. This book, in response, spans a wide range of issues such as privacy, national and transnational guidelines, opt-in vs. opt-out, ransomware, the use of crypto-currencies, the dark web, occasional sovereign nation sponsorships of miscreants and malware, and it presents a solution scorecard and other approaches that appeal to more than the technical or IT wings of an enterprise. These issues are more likely to be understood and acted upon by enterprise and enterprising managers. It is this holistic perspective, then, of a growing cyber pandemic, that sets this book apart and makes for its likely adoption by the government, the corporate sector and academia alike. Cybersecurity issues need to be addressed and managed holistically and this book tells us how.
In the age of pandemic, the importance of cybersecurity readiness cannot be overemphasized. While a number of authors have focused on the technical aspects of cybersecurity, this book uniquely blends technology with management of cybersecurity and does it in a lucid and comprehensive manner. The author's vast experience and regular interactions with the people in the field is showcased in the engaging writing style involving practical examples and case studies. The book fulfills a gap that exists in the area and makes a timely and worthwhile contribution. The coverage of topics is extensive and depth of topics will fascinate even the specialized cybersecurity expert. This book is a must-have for academics and practitioners who want to learn about and manage the efforts toward creating cybersecurity awareness and preparedness in organizations.
Dr. Dave Chatterjee is a renowned scholar and technology thought leader. His vast knowledge and insight into the world of cybersecurity is well known and widely sought after by industry, academic, and government leaders around the globe. Now he delivers a book that gives leaders a real-world, coherent understanding of what they face and the multiple dimensions necessary to prepare and respond. I highly recommend reading Dr. Chatterjee’s book to learn and benefit from his years of experience and perceptions into this important subject.
While there are many publications focused on the technical aspects of cybersecurity, very few provide such a well-formulated crosswalk between the technical and business sides of cyber risk. Cybersecurity Readiness: A Holistic and High-Performance Approach provides a clear roadmap for security practitioners to utilize as they build comprehensive information security programs, and it also guides business leaders and board members as they navigate through the journey of understanding and managing cyber risk as an enterprise risk.
With increasing importance of data as a source of competitive advantage, cybersecurity has moved beyond the confines of IT departments to an enterprise-wide endeavor. Professor Chatterjee takes a company culture-level perspective in his new book wherein he has dived deep into his years of experience as a cybersecurity expert and his role in advising firms and CIOs on this issue. This is an extremely relevant and timely piece of work that would advise many firms on the best organizational practices required to safeguard their data from cyberthreats. Professor Chatterjee leads his readers into the domain organizational aspects of cybersecurity and provides mechanisms to assess and plan a company’s readiness for future vulnerabilities and not just respond to the threats from a technical viewpoint. The book would find favor with an entire generation of business leaders interested in creating a secure organization.
Very few issues in the modern world are as pervasive to individuals, corporations, and governments as that of cybersecurity. Dave brings to light aspects that have received too little attention, that is, the human factor, which provides a context that is central to this issue. The “success factors” he puts forward in the book provide any organization with the means to benchmark and monitor changes in programs of all sizes.
This book is a valuable resource for cybersecurity readiness today. Many breaches in the past could have been prevented. This book reviews past leadership decisions and breach examples to provide an effective approach using lessons learned and best practices.
Prof. Chatterjee’s book is a very pragmatic and comprehensive guide to cybersecurity readiness. The governance framework is both powerful and easy to comprehend. Anchored on three high-performance security culture dimensions of commitment, preparedness, and discipline, the framework presents a set of seventeen cybersecurity success factors. Uncovered from analyzing primary and secondary data gathered over several years, these success factors encompass people-, process-, and technology-driven measures. Numerous breach incidents, presented in the form of vignettes and cases, are used to highlight vulnerabilities and lessons learned. The book also provides useful resources such as cybersecurity readiness scorecard elements; a list of physical, technical, and administrative controls; an information security monitoring control guide; an overview of cybersecurity and privacy laws and regulations; cybersecurity performance measures; and case studies.
Dr. Chatterjee’s book fortifies the most essential truth when it comes to effective cybersecurity programs: “technology alone will not mitigate cybersecurity risks.” He identifies key traits that need to be engrained in organizational culture to support the cybersecurity mission as well as seventeen success factors within that cultural framework that any student or practitioner should consider when evaluating their security posture.
Dr. Dave’s book on cybersecurity management is an eye opener for all organizations in today’s world. He has taken tremendous efforts in presenting how to identify, defend, respond, and build resilience in case of cyberattacks in a very simple way. This book is very easy to understand and very important for the senior leadership team of an organization to gain thorough knowledge on the subject of cybersecurity.
Cyber threats, in their many and continuously evolving ways, remain more than ever an existential threat to virtually all companies, both large and small. In his new book Cybersecurity Readiness: A Holistic and High- Performance Approach, Dr. Chatterjee does an excellent job of breaking down these threats and providing a framework for creating a culture of engagement at all levels in an organization to effectively and proactively manage these threats. In my years leading enterprise IT organizations, I can personally attest to the effectiveness of the concepts outlined here and I wholeheartedly recommend this book. In fact, I believe that this should be required reading for anyone entering today’s workforce, regardless of their role. Cybersecurity is not an IT issue, which Dr. Chatterjee makes clear, but rather something that requires everyone’s knowledge and involvement. A must read!
Public and hybrid cloud adoption have made the boundaries of corporate IT infrastructure more nebulous, and the need for a well-defined and executed security strategy has never been greater. As companies increasingly pursue the financial benefits of cloudification by virtualizing and containerizing their application architectures, the architectural complexity and the number of potential vulnerabilities significantly increase. Dr. Chatterjee does a superb job of portraying both the business need and the technology approach to define a successful security strategy
Our financial lives, our business lives, and even our personal lives are all online. Cybersecurity is a non-negotiable investment for almost every company in our global community. Just as we have to make sure people walking into a store are physically safe during their experience, we have to ensure their information is safe when they ‘walk into” the cyber version. Professor Chatterjee’s book highlights the traits of a high-performing information security culture: commitment, preparedness, and discipline. His insight and accessible tactics make this book mandatory for any institution looking to mitigate financial and reputational risk.
Commitment, preparedness, and discipline in cybersecurity are things Professor Chatterjee has been advocating for many years. The book is a comprehensive summary for executives who wish to understand how cybersecurity has moved from a “techie” topic to a serious boardroom agenda and what organizations should be doing to not only defend, but also respond and build resilience in case of a cyberattack. Professor Chatterjee’s writing style is simple and offers an engaging, informative, and most importantly, actionable read and is highly recommended as an executive leadership must-read and must-discuss book.
Information security is a part of everyone’s responsibility; yet, too many people and organizations still do not completely understand and embrace this. People (and organization culture) continue to be the weakest link in most organization’s security postures. Too often, information security teams focus on technical solutions and audit-driven processes, while not being able to drive the organization-wide awareness, buy-in, and culture change that is needed to holistically secure the enterprise.
Dr. Chatterjee’s Cybersecurity Readiness: A Holistic and High- Performance Approach tackles this weakest link, the hardest part of information security. He uses high-performance culture traits, supporting success factors, and actionable guiding questions to integrate top-down and bottom-up human-centric approaches, to permeate information security awareness and ownership across the organization. His Cybersecurity Readiness Scorecard, built from these guiding questions, is an effective way to periodically assess and quantify an organization’s cultural cybersecurity maturity.
This book is definitely a must-read for everyone in the knowledge economy. If your organization uses this approach to fortify its cybersecurity culture, it will ultimately save your jobs and your reputation, enhance your competitiveness, and avoid millions to billions of dollars in costs down the line! Cancel the rest of your meetings today and start reading!
Professor Chatterjee’s book is a must-read for any executive who views their organizations’ data as a strategic asset. It is one of the finest works I have read on giving a broad understanding of the dangerous cyber world we live in and why it is here to stay with us. His work provides an excellent framework for building and sustaining a high-performance security
culture, with appropriate systems and processes, to achieve cyber-risk resilience and operate business with confidence rather than fear.
Organizations need to protect against cybersecurity attacks, not just respond to them, for it is too late then as most of the damage has already been done. Professor Chatterjee’s book does an outstanding job of identifying the different kinds of cybersecurity attacks and describing the various managerial, organizational, and technological preventive measures. Dave’s book is highly readable and actionable, with numerous examples drawn from recent accounts of cybersecurity attacks and data breaches.
Data is an increasingly valuable resource for organisations. If it is not managed securely it runs the risk of becoming a toxic asset, yet how best to manage data securely is not always obvious. This invaluable book “Cybersecurity Readiness: A Holistic and High-Performance Approach” combines academic rigour with practitioner driven insights to provide clear guidance for organisations to enhance their cybersecurity readiness.
This book by Dave Chatterjee is by far the most comprehensive book on cybersecurity management. Cybersecurity is on top of the minds of board members, CEOs, and CIOs as they strive to protect their employees and intellectual property. This book is a must-read for CIOs and CISOs to build a robust cybersecurity program for their organizations.
Professor Chatterjee’s Cybersecurity Readiness: A Holistic and High-Performance Approach fills a critical unmet need for concise, timely, and actionable information for information technology and business leaders. So much of the literature available today is either too high level or too detailed to be usable by most practitioners. The book’s novel Cybersecurity Readiness Scorecard is a tool that any business should be able to use to better manage their risk.
Business executives in today’s world are aware of cybersecurity threats, but many of them are not comfortable with technical discussions. Dr. Chatterjee has made an excellent effort to help business executives understand cybersecurity risks and learn how to mitigate them at the management level. A systematic approach described in this book will help executives launch an effective cybersecurity strategy. I would highly recommend this book for all business and IT executives.
It is time for a holistic (and high-performance) approach to cybersecurity. While cybersecurity remains, nay grows, a pandemic in its own right, it is increasingly more than simply an engineering problem, a network problem, an access problem, or a denial of service problem, awaiting technical solutions. It is all of the above and then some. It is an overarching and alarming business problem. From an accounting/ auditing perspective, it represents a going concern issue; from a managerial standpoint, it may lead to reputation loss, capital market misgivings, internal audit harangues, external audit jitters, legal woes, privacy implications, customer flight, penalties, and it questions the very survival of corporate and non-corporate entities. This book, in response, spans a wide range of issues such as privacy, national and transnational guidelines, opt-in vs. opt-out, ransomware, the use of crypto-currencies, the dark web, occasional sovereign nation sponsorships of miscreants and malware, and it presents a solution scorecard and other approaches that appeal to more than the technical or IT wings of an enterprise. These issues are more likely to be understood and acted upon by enterprise and enterprising managers. It is this holistic perspective, then, of a growing cyber pandemic, that sets this book apart and makes for its likely adoption by the government, the corporate sector and academia alike. Cybersecurity issues need to be addressed and managed holistically and this book tells us how.
In the age of pandemic, the importance of cybersecurity readiness cannot be overemphasized. While a number of authors have focused on the technical aspects of cybersecurity, this book uniquely blends technology with management of cybersecurity and does it in a lucid and comprehensive manner. The author's vast experience and regular interactions with the people in the field is showcased in the engaging writing style involving practical examples and case studies. The book fulfills a gap that exists in the area and makes a timely and worthwhile contribution. The coverage of topics is extensive and depth of topics will fascinate even the specialized cybersecurity expert. This book is a must-have for academics and practitioners who want to learn about and manage the efforts toward creating cybersecurity awareness and preparedness in organizations.
Dr. Dave Chatterjee is a renowned scholar and technology thought leader. His vast knowledge and insight into the world of cybersecurity is well known and widely sought after by industry, academic, and government leaders around the globe. Now he delivers a book that gives leaders a real-world, coherent understanding of what they face and the multiple dimensions necessary to prepare and respond. I highly recommend reading Dr. Chatterjee’s book to learn and benefit from his years of experience and perceptions into this important subject.
While there are many publications focused on the technical aspects of cybersecurity, very few provide such a well-formulated crosswalk between the technical and business sides of cyber risk. Cybersecurity Readiness: A Holistic and High-Performance Approach provides a clear roadmap for security practitioners to utilize as they build comprehensive information security programs, and it also guides business leaders and board members as they navigate through the journey of understanding and managing cyber risk as an enterprise risk.
With increasing importance of data as a source of competitive advantage, cybersecurity has moved beyond the confines of IT departments to an enterprise-wide endeavor. Professor Chatterjee takes a company culture-level perspective in his new book wherein he has dived deep into his years of experience as a cybersecurity expert and his role in advising firms and CIOs on this issue. This is an extremely relevant and timely piece of work that would advise many firms on the best organizational practices required to safeguard their data from cyberthreats. Professor Chatterjee leads his readers into the domain organizational aspects of cybersecurity and provides mechanisms to assess and plan a company’s readiness for future vulnerabilities and not just respond to the threats from a technical viewpoint. The book would find favor with an entire generation of business leaders interested in creating a secure organization.
Very few issues in the modern world are as pervasive to individuals, corporations, and governments as that of cybersecurity. Dave brings to light aspects that have received too little attention, that is, the human factor, which provides a context that is central to this issue. The “success factors” he puts forward in the book provide any organization with the means to benchmark and monitor changes in programs of all sizes.
This book is a valuable resource for cybersecurity readiness today. Many breaches in the past could have been prevented. This book reviews past leadership decisions and breach examples to provide an effective approach using lessons learned and best practices.
Prof. Chatterjee’s book is a very pragmatic and comprehensive guide to cybersecurity readiness. The governance framework is both powerful and easy to comprehend. Anchored on three high-performance security culture dimensions of commitment, preparedness, and discipline, the framework presents a set of seventeen cybersecurity success factors. Uncovered from analyzing primary and secondary data gathered over several years, these success factors encompass people-, process-, and technology-driven measures. Numerous breach incidents, presented in the form of vignettes and cases, are used to highlight vulnerabilities and lessons learned. The book also provides useful resources such as cybersecurity readiness scorecard elements; a list of physical, technical, and administrative controls; an information security monitoring control guide; an overview of cybersecurity and privacy laws and regulations; cybersecurity performance measures; and case studies.
Dr. Chatterjee’s book fortifies the most essential truth when it comes to effective cybersecurity programs: “technology alone will not mitigate cybersecurity risks.” He identifies key traits that need to be engrained in organizational culture to support the cybersecurity mission as well as seventeen success factors within that cultural framework that any student or practitioner should consider when evaluating their security posture.
Dr. Dave’s book on cybersecurity management is an eye opener for all organizations in today’s world. He has taken tremendous efforts in presenting how to identify, defend, respond, and build resilience in case of cyberattacks in a very simple way. This book is very easy to understand and very important for the senior leadership team of an organization to gain thorough knowledge on the subject of cybersecurity.
Cyber threats, in their many and continuously evolving ways, remain more than ever an existential threat to virtually all companies, both large and small. In his new book Cybersecurity Readiness: A Holistic and High- Performance Approach, Dr. Chatterjee does an excellent job of breaking down these threats and providing a framework for creating a culture of engagement at all levels in an organization to effectively and proactively manage these threats. In my years leading enterprise IT organizations, I can personally attest to the effectiveness of the concepts outlined here and I wholeheartedly recommend this book. In fact, I believe that this should be required reading for anyone entering today’s workforce, regardless of their role. Cybersecurity is not an IT issue, which Dr. Chatterjee makes clear, but rather something that requires everyone’s knowledge and involvement. A must read!
Public and hybrid cloud adoption have made the boundaries of corporate IT infrastructure more nebulous, and the need for a well-defined and executed security strategy has never been greater. As companies increasingly pursue the financial benefits of cloudification by virtualizing and containerizing their application architectures, the architectural complexity and the number of potential vulnerabilities significantly increase. Dr. Chatterjee does a superb job of portraying both the business need and the technology approach to define a successful security strategy
Our financial lives, our business lives, and even our personal lives are all online. Cybersecurity is a non-negotiable investment for almost every company in our global community. Just as we have to make sure people walking into a store are physically safe during their experience, we have to ensure their information is safe when they ‘walk into” the cyber version. Professor Chatterjee’s book highlights the traits of a high-performing information security culture: commitment, preparedness, and discipline. His insight and accessible tactics make this book mandatory for any institution looking to mitigate financial and reputational risk.
Commitment, preparedness, and discipline in cybersecurity are things Professor Chatterjee has been advocating for many years. The book is a comprehensive summary for executives who wish to understand how cybersecurity has moved from a “techie” topic to a serious boardroom agenda and what organizations should be doing to not only defend, but also respond and build resilience in case of a cyberattack. Professor Chatterjee’s writing style is simple and offers an engaging, informative, and most importantly, actionable read and is highly recommended as an executive leadership must-read and must-discuss book.
Information security is a part of everyone’s responsibility; yet, too many people and organizations still do not completely understand and embrace this. People (and organization culture) continue to be the weakest link in most organization’s security postures. Too often, information security teams focus on technical solutions and audit-driven processes, while not being able to drive the organization-wide awareness, buy-in, and culture change that is needed to holistically secure the enterprise.
Dr. Chatterjee’s Cybersecurity Readiness: A Holistic and High- Performance Approach tackles this weakest link, the hardest part of information security. He uses high-performance culture traits, supporting success factors, and actionable guiding questions to integrate top-down and bottom-up human-centric approaches, to permeate information security awareness and ownership across the organization. His Cybersecurity Readiness Scorecard, built from these guiding questions, is an effective way to periodically assess and quantify an organization’s cultural cybersecurity maturity.
This book is definitely a must-read for everyone in the knowledge economy. If your organization uses this approach to fortify its cybersecurity culture, it will ultimately save your jobs and your reputation, enhance your competitiveness, and avoid millions to billions of dollars in costs down the line! Cancel the rest of your meetings today and start reading!
Professor Chatterjee’s book is a must-read for any executive who views their organizations’ data as a strategic asset. It is one of the finest works I have read on giving a broad understanding of the dangerous cyber world we live in and why it is here to stay with us. His work provides an excellent framework for building and sustaining a high-performance security
culture, with appropriate systems and processes, to achieve cyber-risk resilience and operate business with confidence rather than fear.
Organizations need to protect against cybersecurity attacks, not just respond to them, for it is too late then as most of the damage has already been done. Professor Chatterjee’s book does an outstanding job of identifying the different kinds of cybersecurity attacks and describing the various managerial, organizational, and technological preventive measures. Dave’s book is highly readable and actionable, with numerous examples drawn from recent accounts of cybersecurity attacks and data breaches.
Data is an increasingly valuable resource for organisations. If it is not managed securely it runs the risk of becoming a toxic asset, yet how best to manage data securely is not always obvious. This invaluable book “Cybersecurity Readiness: A Holistic and High-Performance Approach” combines academic rigour with practitioner driven insights to provide clear guidance for organisations to enhance their cybersecurity readiness.
Cuprins
Preface
Foreword
Endorsements
Acknowledgments
About the Author
Chapter 1. Introduction: The Challenge of Cybersecurity
Chapter 2. The Cyberattack Epidemic
2.1 Expanding Hardware and Software Attack Surfaces
2.2 The Human Vulnerability Factor
2.3 Growing Attack Vectors
2.4 Nature and Extent of Impact
Chapter 3. Breach Incidents and Lessons Learned
3.1 The Capital One Breach That Exposed 100 Million Applicants and Customer Information
3.2 British Airways Ordered to Pay a Record Fine of $230 Million
3.3 Target Retail Chain Experiences an External Intrusion That Compromised Millions of Customers’ Data
3.4 Adult Friend Finder Site Breach Exposes Millions of Customer Records
3.5 Three Billion Yahoo User Accounts Compromised
3.6 Equifax Data Breach Exposes Millions of Customers’ Data
3.7 Adobe Breach Exposes 38 Million Customer Records
3.8 Anthem Breach Affects 78.8 Million People
Chapter 4. Foundations of the High-Performance Information Security Culture Framework
4.1 Organizational Culture and Firm Performance
4.2 Organizational Culture and Cybersecurity
4.3 High-Reliability Organizational Culture Traits
Chapter 5. Commitment
5.1 Hands-On Top Management
5.2 “We-Are-in-It-Together” Culture
5.3 Cross-Functional Participation
5.4 Sustainable Budget
5.5 Strategic Alignment and Partnerships
5.6 Joint Ownership and Accountability
5.7 Empowerment
Chapter 6. Preparedness
6.1 Identify
6.2 Protect
6.3 Detect
6.4 Respond and Recover
Chapter 7. Discipline
7.1 Information Security Governance Policy
7.2 Communications and Enforcement of Policies
7.3 Continuous Monitoring
7.4 Continuous Performance Assessment and Improvement
7.5 Security Audits and Drills
7.6 Penetration Testing and Red Team Exercises
Chapter 8. Key Messages and Actionable Recommendations
8.1 Commitment
8.2 Preparedness
8.3 Discipline
Appendix 1 Information Security Monitoring Controls
Appendix 2 Cybersecurity Performance Measures
Appendix 3A Cybersecurity Readiness Scorecard: Commitment
Appendix 3B Cybersecurity Readiness Scorecard: Preparedness
Appendix 3C Cybersecurity Readiness Scorecard: Discipline
Appendix 4 Cybersecurity and Privacy Laws and Regulations
Appendix 5 Physical, Technical, and Administrative Controls: A Representative List
Appendix 6 Case Studies
Cybersecurity Resources
Index
Foreword
Endorsements
Acknowledgments
About the Author
Chapter 1. Introduction: The Challenge of Cybersecurity
Chapter 2. The Cyberattack Epidemic
2.1 Expanding Hardware and Software Attack Surfaces
2.2 The Human Vulnerability Factor
2.3 Growing Attack Vectors
2.4 Nature and Extent of Impact
Chapter 3. Breach Incidents and Lessons Learned
3.1 The Capital One Breach That Exposed 100 Million Applicants and Customer Information
3.2 British Airways Ordered to Pay a Record Fine of $230 Million
3.3 Target Retail Chain Experiences an External Intrusion That Compromised Millions of Customers’ Data
3.4 Adult Friend Finder Site Breach Exposes Millions of Customer Records
3.5 Three Billion Yahoo User Accounts Compromised
3.6 Equifax Data Breach Exposes Millions of Customers’ Data
3.7 Adobe Breach Exposes 38 Million Customer Records
3.8 Anthem Breach Affects 78.8 Million People
Chapter 4. Foundations of the High-Performance Information Security Culture Framework
4.1 Organizational Culture and Firm Performance
4.2 Organizational Culture and Cybersecurity
4.3 High-Reliability Organizational Culture Traits
Chapter 5. Commitment
5.1 Hands-On Top Management
5.2 “We-Are-in-It-Together” Culture
5.3 Cross-Functional Participation
5.4 Sustainable Budget
5.5 Strategic Alignment and Partnerships
5.6 Joint Ownership and Accountability
5.7 Empowerment
Chapter 6. Preparedness
6.1 Identify
6.2 Protect
6.3 Detect
6.4 Respond and Recover
Chapter 7. Discipline
7.1 Information Security Governance Policy
7.2 Communications and Enforcement of Policies
7.3 Continuous Monitoring
7.4 Continuous Performance Assessment and Improvement
7.5 Security Audits and Drills
7.6 Penetration Testing and Red Team Exercises
Chapter 8. Key Messages and Actionable Recommendations
8.1 Commitment
8.2 Preparedness
8.3 Discipline
Appendix 1 Information Security Monitoring Controls
Appendix 2 Cybersecurity Performance Measures
Appendix 3A Cybersecurity Readiness Scorecard: Commitment
Appendix 3B Cybersecurity Readiness Scorecard: Preparedness
Appendix 3C Cybersecurity Readiness Scorecard: Discipline
Appendix 4 Cybersecurity and Privacy Laws and Regulations
Appendix 5 Physical, Technical, and Administrative Controls: A Representative List
Appendix 6 Case Studies
Cybersecurity Resources
Index
Notă biografică
Dave Chatterjee, Ph.D.is Associate Professor in the Department of Management Information Systems at the Terry College of Business at the University of Georgia and a Visiting Professor at Duke¿s Pratt School of Engineering. Dr. Chatterjee¿s interest and expertise lie in the various facets of information technology management, with current focus on cybersecurity and enterprise digitization. His work has been published in prestigious outlets such asThe Wall Street Journal,MIT Sloan Management Review,California Management Review,Business Horizons,MIS Quarterly, and theJournal of Management Information Systems.
Dr. Chatterjee has taught at the graduate and undergraduate levels, including classes on: information systems leadership, information technology and strategy, business process management, and enterprise digitization trends and implications. He serves as Senior Editor on theJournal of Organizational Computing and Electronic Commerce.
Dr. Chatterjee delivers talks around the world; moderates CXO panel discussions; conducts corporate training, workshops, and webinars; and provides consulting and advisory services. He has appeared on radio and TV interviews and is often quoted by news media on major technology-related developments. He has served on the corporate and community leadership board of a prestigious cybersecurity network of Chief Information Security Officers (CISOs) and on a CISO SWAT team. For more details please visit https://dchatte.com.
Descriere
With rapidly expanding attacks and evolving methods of attack, organizations are in a perpetual state of breach and must deal with this existential threat head-on. Cybersecurity Readiness is intended to help students and practitioners develop and enhance this capability, as individuals continue to be both the strongest and weakest links in a cyber defense system.