Cybersecurity Policy Guidebook
2nd Edition
Will be published approx. on 17. December 2026
Book
Hardback
288 pages
978-1-394-40740-8 (ISBN)
Description
Sound guidance on design, implementation, and governance of cybersecurity policy
Now in its Second Edition, the Cybersecurity Policy Guidebook delivers an issue-focused treatment of public, private, and individual cybersecurity policy alternatives for treatment of systemic cyber risks. Seven practitioners from government, industry, and academia analyze overlapping perspectives of decision-makers, technology professionals, and critical infrastructure engineers within the recently transformed digital landscape.
The first edition dealt with threats to impersonation, infrastructure access, intellectual property, internet access, nation-state conflict, operational continuity, privacy, and supply chain. New to this edition is coverage of AI's impact on cybersecurity, cyber-physical systems, and custodial issues for technology platforms and other cyber-enabled services. The book addresses threat intelligence across industry sectors, governance frameworks, and risk appetite thresholds. A policy catalog reflects pros and cons of pressing policy positions.
Key topics also include:
Communication strategies for conveying cybersecurity risk to decision makers across public and private levels of authority
Policy objectives mapped to technology evolution, connecting operational choices with their broader strategic and regulatory implications
Guidance on banking and financial services cybersecurity supervision, drawing on interagency regulatory frameworks and examination standards
Operational technology and control system cybersecurity policy, addressing risks unique to industrial control systems and other cyber-physical systems
Cross-disciplinary course alignment for programs in public policy, law, business, computer science, engineering, and social sciences
Cybersecurity Policy Guidebook serves leaders of public and private organizations, as well as technology professionals, industry analysts, scholars, and individuals seeking a structured reference on cybersecurity policy issues. Whatever the starting point of perspective, readers will gain the policy knowledge required to act with precision.
Now in its Second Edition, the Cybersecurity Policy Guidebook delivers an issue-focused treatment of public, private, and individual cybersecurity policy alternatives for treatment of systemic cyber risks. Seven practitioners from government, industry, and academia analyze overlapping perspectives of decision-makers, technology professionals, and critical infrastructure engineers within the recently transformed digital landscape.
The first edition dealt with threats to impersonation, infrastructure access, intellectual property, internet access, nation-state conflict, operational continuity, privacy, and supply chain. New to this edition is coverage of AI's impact on cybersecurity, cyber-physical systems, and custodial issues for technology platforms and other cyber-enabled services. The book addresses threat intelligence across industry sectors, governance frameworks, and risk appetite thresholds. A policy catalog reflects pros and cons of pressing policy positions.
Key topics also include:
Communication strategies for conveying cybersecurity risk to decision makers across public and private levels of authority
Policy objectives mapped to technology evolution, connecting operational choices with their broader strategic and regulatory implications
Guidance on banking and financial services cybersecurity supervision, drawing on interagency regulatory frameworks and examination standards
Operational technology and control system cybersecurity policy, addressing risks unique to industrial control systems and other cyber-physical systems
Cross-disciplinary course alignment for programs in public policy, law, business, computer science, engineering, and social sciences
Cybersecurity Policy Guidebook serves leaders of public and private organizations, as well as technology professionals, industry analysts, scholars, and individuals seeking a structured reference on cybersecurity policy issues. Whatever the starting point of perspective, readers will gain the policy knowledge required to act with precision.
More details
Edition
2nd edition
Language
English
Place of publication
New York
United States
Target group
Professional and scholarly
ISBN-13
978-1-394-40740-8 (9781394407408)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Previous edition
Jennifer L. Bayuk | Jason Healey | Paul Rohmeyer
Cyber Security Policy Guidebook
Book
05/2012
Wiley
€102.50
Shipment within 15-20 days
Persons
Jennifer L. Bayuk, PhD, is an independent cybersecurity consultant, CEO of Decision Framework Systems, and cybersecurity professor. Previously a Wall Street CISO and Bell Labs security software engineer, she has numerous publications on security architecture, risk management, and cybersecurity forensics.
Art Ehuan is Executive Director of Duke University's Master of Engineering in Cybersecurity and CISO Executive Certificate programs. A former FBI Supervisory Special Agent, he served as cyber expert on breaches at Heartland, Sony Pictures, Target, Anthem, Equifax, Capital One, and Marriott.
Jason Healey is a Senior Research Scholar at Columbia University's School for International and Public Affairs. He founded the Atlantic Council's Cyber Statecraft Initiative and was a founding member of the White House Office of the National Cyber Director.
Paul Rohmeyer, PhD, is an IT management consultant and Information Systems faculty member at Stevens Institute of Technology. He serves on the editorial boards of Computers & Security Journal and Cybersecurity & Cybercrime Journal, with expertise spanning banking, finance, healthcare, and life sciences.
Marcus H. Sachs, PE, is Senior Vice President and Chief Engineer at the Center for Internet Security. A retired U.S. Army officer and former White House appointee, he previously served as CSO of the North American Electric Reliability Corporation and VP for National Security Policy at Verizon.
Donald Saxinger is an independent financial sector regulatory policy consultant. As an FDIC banking supervisor for over three decades, he chaired the FFIEC IT Examination Handbook and Cybersecurity and Critical Infrastructure Working Groups, authored banking industry cybersecurity guidance, led interagency cyber rulemaking, and advised central banks internationally.
Joseph Weiss, PE is Managing Partner of Applied Control Solutions, LLC, an independent control system cybersecurity consultant. An ISA Life Fellow and member of Control's Process Automation Hall of Fame, he has published over 100 papers and holds patents on instrumentation, control systems, and OT networks.
Art Ehuan is Executive Director of Duke University's Master of Engineering in Cybersecurity and CISO Executive Certificate programs. A former FBI Supervisory Special Agent, he served as cyber expert on breaches at Heartland, Sony Pictures, Target, Anthem, Equifax, Capital One, and Marriott.
Jason Healey is a Senior Research Scholar at Columbia University's School for International and Public Affairs. He founded the Atlantic Council's Cyber Statecraft Initiative and was a founding member of the White House Office of the National Cyber Director.
Paul Rohmeyer, PhD, is an IT management consultant and Information Systems faculty member at Stevens Institute of Technology. He serves on the editorial boards of Computers & Security Journal and Cybersecurity & Cybercrime Journal, with expertise spanning banking, finance, healthcare, and life sciences.
Marcus H. Sachs, PE, is Senior Vice President and Chief Engineer at the Center for Internet Security. A retired U.S. Army officer and former White House appointee, he previously served as CSO of the North American Electric Reliability Corporation and VP for National Security Policy at Verizon.
Donald Saxinger is an independent financial sector regulatory policy consultant. As an FDIC banking supervisor for over three decades, he chaired the FFIEC IT Examination Handbook and Cybersecurity and Critical Infrastructure Working Groups, authored banking industry cybersecurity guidance, led interagency cyber rulemaking, and advised central banks internationally.
Joseph Weiss, PE is Managing Partner of Applied Control Solutions, LLC, an independent control system cybersecurity consultant. An ISA Life Fellow and member of Control's Process Automation Hall of Fame, he has published over 100 papers and holds patents on instrumentation, control systems, and OT networks.