The Shortest Hour : An Applied Approach to Boardroom Governance of Cyber Security
معرفی کتاب «The Shortest Hour : An Applied Approach to Boardroom Governance of Cyber Security» نوشتهٔ LEE. PARRISH، منتشرشده توسط نشر CRC Press LLC در سال 2024. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
Independent directors of corporate boards understand the importance of cyber security as a business issue. Increased regulatory requirements, the onslaught of breaches, as well as the replacement of the corporate network perimeter with more third-party partnerships have all contributed to cyber security rising to the top of enterprise risks. Yet, many directors only receive a few brief cyber security updates during the year. Moreover, many directors have devoted their careers to other important business disciplines and may not fully grasp the technical concepts of cyber security. The challenge is that many publications on board cyber security governance address the topic at such a high level that it removes the important context of the cyber security details—or covers the topic too deeply with hard-to-understand technical language. These resources may often provide lists of security questions for directors to ask of their management team, but they do not provide the answers to the questions so that actionable oversight can be performed. What I would have wanted, and why you are probably reading this book summary, is a resource that delivers the questions to ask but also provides the answers and in a narrative, easy-to-understand style. An award-winning Chief Information Security Officer with over two decades of working with multiple Fortune 500 boards, Lee Parrish provides an example-laden vision to improve cyber security governance in the boardroom. Additionally, Lee deciphers the technical jargon to increase the reader’s cyber fluency—not to make you a cyber expert but to help you be able to ask direct questions, understand the answers provided, challenge strategies, and advise on important cyber decisions. Pick up your copy of The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security today and start your journey on achieving more effective cyber security oversight. Want to learn more? Please visit www.novelsecurity.com Cover Half Title Series Information Title Page Copyright Page Dedication Table of Contents About the Author Preface Introduction Section One Enhancing Board Oversight Chapter 1 The Threat Landscape We Are All Targets The Perimeter Is Dead Know Thy Enemy Notes Chapter 2 The Chief Information Security Officer Role CISO Options CISO Selection Process CISO Accountability Giving Up On the CISO Role Chapter 3 Security Vs. Compliance The Cost of Compliance Note Chapter 4 Examining the Information Security Board Governance Structure Board Engagements Full Board Presentations Regular Cyber Briefings 1:1 Interactions Incident Response Briefings Special Projects Note Chapter 5 Information Security Assessment CISO Assessment Internal Reports Consultancy Assessments Chapter 6 The Strategic Plan People Process Information Security Governance Centralization Vs. De-Centralization Technology Cloud Vs. On-Premises Publishing the Strategy Chapter 7 The Importance of Execution Clear Direction Planning and Follow-Through Regular Reviews Chapter 8 Financing Cyber Security Building Financial Proposals Timing of Investments Chapter 9 The Role of Security Vendors and Consultants Understanding Desired Attributes Outsourcing Security Chapter 10 Security Service Management Service Name Short Description Long Description Service Level Objective (SLO) How to Order the Service Cost of the Service Service Options Dependent Services Operational Cadence and the Rhythm of Security Operations People Process Technology Database of Information Note Chapter 11 A Vision for Cyber Security Board Governance Board Oversight Board Governance The CISO Cyber Security Board Committee Structure Board Expert On Cyber Security Cyber Risk Oversight Notes Section Two Cyber Security Overview Chapter 12 Security Operations Detection Vulnerability Management Application Security Artificial Intelligence (AI) Security Cloud Security Identity and Access Management Chapter 13 Incident Response The Right Response External Support The Incident Response Plan Ransomware Response Turning Policy Into Practice Chapter 14 Security Awareness Awareness Articles Role-based Security Training Brown Bag Sessions Cyber Security Awareness Month Cyber Security Branding Cyber Security Open House Dynamic Awareness: Internal Phishing Campaigns Chapter 15 Policy Management Chapter 16 Risk Management Third-party Risk Chapter 17 The Path Ahead Appendix: Cyber Security Inquiry Checklist Index
دانلود کتاب The Shortest Hour : An Applied Approach to Boardroom Governance of Cyber Security