Rational Cybersecurity for Business

Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will...

وصف كامل

محفوظ في:
التفاصيل البيبلوغرافية
المؤلف الرئيسي: Blum, Dan
التنسيق: Online
اللغة:الإنجليزية
منشور في: Springer Nature 2021
الموضوعات:
الوصول للمادة أونلاين:ONIX_20200921_9781484259528_118
الوسوم: إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
_version_ 1869520896990904320
author Blum, Dan
author_browse Blum, Dan
author_facet Blum, Dan
author_sort Blum, Dan
collection Directory of Open Access Books
description Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team. Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges. This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included. What You Will Learn Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy Develop a consistent accountability model, information risk taxonomy, and risk management framework Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan Who This Book Is For Chief Information Security Officers (CISOs) and other heads of security, security directors and managers, security architects and project leads, and other team members providing security leadership to your business
format Online
id doab-20.500.12854ir-30469
institution Directory of Open Access Books
language eng
publishDate 2021
publishDateRange 2021
publishDateSort 2021
publisher Springer Nature
publisherStr Springer Nature
record_format ojs
spelling doab-20.500.12854ir-304692025-07-30T10:21:35Z Rational Cybersecurity for Business Blum, Dan Security Computer Science Rational cybersecurity Cybersecurity Risk management Cybersecurity strategy DevSecOps Security governance Security culture Cyber-resilience Cybersecurity maturity model Cybersecurity RACIs Shared responsibility Security championship Modern identity Agile security Open Access Computer security thema EDItEUR::U Computing and Information Technology::UR Computer security thema EDItEUR::U Computing and Information Technology::UR Computer security Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team. Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges. This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included. What You Will Learn Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy Develop a consistent accountability model, information risk taxonomy, and risk management framework Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan Who This Book Is For Chief Information Security Officers (CISOs) and other heads of security, security directors and managers, security architects and project leads, and other team members providing security leadership to your business 2021-02-10T13:41:51Z 2021-02-10T13:41:51Z 2020-09-21T13:42:30Z 2020 book ONIX_20200921_9781484259528_118 OCN: 1191063054 https://library.oapen.org/handle/20.500.12657/41762 https://directory.doabooks.org/handle/20.500.12854/30469 eng open access image/jpeg image/jpeg image/jpeg n/a n/a n/a https://library.oapen.org/bitstream/20.500.12657/41762/1/2020_Book_RationalCybersecurityForBusine.pdf https://library.oapen.org/bitstream/20.500.12657/41762/1/2020_Book_RationalCybersecurityForBusine.pdf https://library.oapen.org/bitstream/20.500.12657/41762/1/2020_Book_RationalCybersecurityForBusine.pdf Springer Nature Apress 10.1007/978-1-4842-5952-8 10.1007/978-1-4842-5952-8 9fa3421d-f917-4153-b9ab-fc337c396b5a Apress 333 open access
spellingShingle Security
Computer Science
Rational cybersecurity
Cybersecurity
Risk management
Cybersecurity strategy
DevSecOps
Security governance
Security culture
Cyber-resilience
Cybersecurity maturity model
Cybersecurity RACIs
Shared responsibility
Security championship
Modern identity
Agile security
Open Access
Computer security
thema EDItEUR::U Computing and Information Technology::UR Computer security
thema EDItEUR::U Computing and Information Technology::UR Computer security
Blum, Dan
Rational Cybersecurity for Business
title Rational Cybersecurity for Business
title_full Rational Cybersecurity for Business
title_fullStr Rational Cybersecurity for Business
title_full_unstemmed Rational Cybersecurity for Business
title_short Rational Cybersecurity for Business
title_sort rational cybersecurity for business
topic Security
Computer Science
Rational cybersecurity
Cybersecurity
Risk management
Cybersecurity strategy
DevSecOps
Security governance
Security culture
Cyber-resilience
Cybersecurity maturity model
Cybersecurity RACIs
Shared responsibility
Security championship
Modern identity
Agile security
Open Access
Computer security
thema EDItEUR::U Computing and Information Technology::UR Computer security
thema EDItEUR::U Computing and Information Technology::UR Computer security
topic_facet Security
Computer Science
Rational cybersecurity
Cybersecurity
Risk management
Cybersecurity strategy
DevSecOps
Security governance
Security culture
Cyber-resilience
Cybersecurity maturity model
Cybersecurity RACIs
Shared responsibility
Security championship
Modern identity
Agile security
Open Access
Computer security
thema EDItEUR::U Computing and Information Technology::UR Computer security
thema EDItEUR::U Computing and Information Technology::UR Computer security
url ONIX_20200921_9781484259528_118
work_keys_str_mv AT blumdan rationalcybersecurityforbusiness