Building a Cyber Risk Management Program
Evolving Security for the Digital Age
Published on 19. December 2023
Book
Paperback/Softback
300 pages
978-1-0981-4779-2 (ISBN)
Description
Cyber risk management is one of the most urgent issues facing enterprises today. This book presents a detailed framework for designing, developing, and implementing a cyber risk management program that addresses your company's specific needs. Ideal for corporate directors, senior executives, security risk practitioners, and auditors at many levels, this guide offers both the strategic insight and tactical guidance you're looking for.
You'll learn how to define and establish a sustainable, defendable, cyber risk management program, and the benefits associated with proper implementation. Cyber risk management experts Brian Allen and Brandon Bapst, working with writer Terry Allan Hicks, also provide advice that goes beyond risk management. You'll discover ways to address your company's oversight obligations as defined by international standards, case law, regulation, and board-level guidance.
This book helps you:
Understand the transformational changes digitalization is introducing, and new cyber risks that come with it
Learn the key legal and regulatory drivers that make cyber risk management a mission-critical priority for enterprises
Gain a complete understanding of four components that make up a formal cyber risk management program
Implement or provide guidance for a cyber risk management program within your enterprise
You'll learn how to define and establish a sustainable, defendable, cyber risk management program, and the benefits associated with proper implementation. Cyber risk management experts Brian Allen and Brandon Bapst, working with writer Terry Allan Hicks, also provide advice that goes beyond risk management. You'll discover ways to address your company's oversight obligations as defined by international standards, case law, regulation, and board-level guidance.
This book helps you:
Understand the transformational changes digitalization is introducing, and new cyber risks that come with it
Learn the key legal and regulatory drivers that make cyber risk management a mission-critical priority for enterprises
Gain a complete understanding of four components that make up a formal cyber risk management program
Implement or provide guidance for a cyber risk management program within your enterprise
More details
Language
English
Place of publication
Sebastopol
United States
Product notice
Paperback (trade)
Unsewn / adhesive bound
Dimensions
Height: 233 mm
Width: 180 mm
Thickness: 17 mm
Weight
365 gr
ISBN-13
978-1-0981-4779-2 (9781098147792)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Brian Allen | Brandon Bapst | Terry Allan Hicks
Building a Cyber Risk Management Program
E-Book
12/2023
O'Reilly
€50.49
Available for download
Brian Allen | Brandon Bapst | Terry Allan Hicks
Building a Cyber Risk Management Program
E-Book
12/2023
O'Reilly
€50.49
Available for download
Persons
Brian Allen was the Chief Security Officer for Time Warner Cable, a critical infrastructure, Fortune 130 enterprise. He worked for EY as the sub-competency lead for their cyber risk management program efforts, presenting to dozens of boards and c-suite executives at some of the largest global organizations. Today, Brian works at The Bank Policy institute as the SVP, Cybersecurity and Technology Risk Management, working with bank executives (CEO, GC, CRO, CISO), advocating for the industry in front of regulators, legislators, law enforcement agencies, and the intelligence communities. Mr. Allen has worked on several industry and government coordinated critical infrastructure groups including the executive committees of the Comm-ISAC and Comm-Sector Coordinating Council. He was appointed by the FCC Chairman to represent the communication industry in working with NIST on the development of the Cybersecurity Framework. Mr. Allen is an author of two enterprise security risk management books, an Adjunct Professor at the University of Connecticut's MBA Financial Risk Management program, teaching cybersecurity risk and enterprise risk management concepts, and has spoken globally on the topic, including multiple keynote addresses. He holds multiple industry certifications and is a member of the New York State Bar Association. Brandon Bapst works as a consultant and executive adviser in EY's Cyber Transformation practice, and has more than eight years of strategic experience in the security risk field. In his current role with EY, he works closely with executives, CSOs and CISOs in developing strategic cyber risk programs. He has worked with Global Fortune 100 companies to transform their tactical security programs into holistic enterprise security risk management practices. He is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA). Terry Allan Hicks is a longtime business and technology writer, focusing primarily on the interrelated areas of financial services, information security, and regulatory compliance and corporate governance, with experience including more than twenty years as a senior writer with Gartner, the world's leading IT research and advisory firm. He is also the published author of more than twenty books.