Cyber Risk Management in Practice
A Guide to Real-World Solutions
1st Edition
Published on 29. June 2025
Book
Paperback/Softback
340 pages
978-1-032-90113-8 (ISBN)
Description
Cyber Risk Management in Practice: A Guide to Real-World Solutions is your companion in the ever-changing landscape of cybersecurity. Whether you're expanding your knowledge or looking to sharpen your existing skills, this book demystifies the complexities of cyber risk management, offering clear, actionable strategies to enhance your organization's security posture. With a focus on real-world solutions, this guide balances practical application with foundational knowledge.
Key Features:
Foundational insights: Explore fundamental concepts, frameworks, and required skills that form the backbone of a strong and pragmatic cyber risk management program tailored to your organization's unique needs. It covers everything from basic principles and threat modeling to developing a security-first culture that drives change within your organization. You'll also learn how to align cybersecurity practices with business objectives to ensure a solid approach to risk management.
Practical application: Follow a hands-on, step-by-step implementation guide through the complete cyber risk management cycle, from business context analysis to developing and implementing effective treatment strategies. This book includes templates, checklists, and practical advice to execute your cyber risk management implementation, making complex processes manageable and straightforward. Real-world scenarios illustrate common pitfalls and effective solutions.
Advanced strategies: Go beyond the basics to achieve cyber resilience. Explore topics like third-party risk management, integrating cybersecurity with business continuity, and managing the risks of emerging technologies like AI and quantum computing. Learn how to build a proactive defense strategy that evolves with emerging threats and keeps your organization secure.
Key Features:
Foundational insights: Explore fundamental concepts, frameworks, and required skills that form the backbone of a strong and pragmatic cyber risk management program tailored to your organization's unique needs. It covers everything from basic principles and threat modeling to developing a security-first culture that drives change within your organization. You'll also learn how to align cybersecurity practices with business objectives to ensure a solid approach to risk management.
Practical application: Follow a hands-on, step-by-step implementation guide through the complete cyber risk management cycle, from business context analysis to developing and implementing effective treatment strategies. This book includes templates, checklists, and practical advice to execute your cyber risk management implementation, making complex processes manageable and straightforward. Real-world scenarios illustrate common pitfalls and effective solutions.
Advanced strategies: Go beyond the basics to achieve cyber resilience. Explore topics like third-party risk management, integrating cybersecurity with business continuity, and managing the risks of emerging technologies like AI and quantum computing. Learn how to build a proactive defense strategy that evolves with emerging threats and keeps your organization secure.
Reviews / Votes
"Cyber Risk Management in Practice: A Guide to Real-World Solutions by Carlos Morales serves as a beacon for professionals involved not only in IT or cybersecurity but also across executive and operational roles within organizations. This book is an invaluable resource that I highly recommend for its practical insights and clear guidance."Jose Antonio Fernandez Carbajal
Executive Chairman and CEO of FEMSA
More details
Series
Language
English
Place of publication
London
United Kingdom
Publishing group
Taylor & Francis Ltd
Target group
Professional and scholarly
Professional Practice & Development, Professional Reference, and Professional Training
Illustrations
30 s/w Abbildungen, 18 s/w Photographien bzw. Rasterbilder, 12 s/w Zeichnungen, 8 s/w Tabellen
8 Tables, black and white; 12 Line drawings, black and white; 18 Halftones, black and white; 30 Illustrations, black and white
Dimensions
Height: 234 mm
Width: 156 mm
Thickness: 19 mm
Weight
547 gr
ISBN-13
978-1-032-90113-8 (9781032901138)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
E-Book
06/2025
1st Edition
CRC Press
€63.49
Available for download
E-Book
06/2025
1st Edition
CRC Press
€63.49
Available for download
Book
06/2025
1st Edition
CRC Press
€167.70
Shipment within 10-20 days
Person
Carlos Morales, MBA, A. CCISO, CISM, GRCP, GRCA, CRISC, IRMP, CDPSE, IDPP, IPMP, IAAP, ICEP, is a cybersecurity professional with over 18 years of experience in risk management, privacy, and information security across diverse global landscapes. An advocate for cybersecurity as a business enabler, Carlos is recognized for developing pragmatic, risk-based models that align security initiatives with organizational objectives.
His international expertise is marked by his active participation in initiatives that bridge the gap between the private sector, public institutions, and academia. Carlos has worked with organizations of all sizes around the globe, from multinational conglomerates to startups, bringing a broad, practical perspective across industries. This experience allows him to tailor cybersecurity strategies that are effective and scalable, regardless of organizational size or sector.
He served as an advisor on cybersecurity matters to the Executive Office of the President of Mexico for the National Cybersecurity Plan and was a member of the first Cybersecurity Innovation Council led by the Organization of American States (OAS), where he fostered collaboration among participating countries. At the Instituto Tecnologico y de Estudios Superiores de Monterrey (ITESM), Carlos played an active role in shaping the design of the Cybersecurity HUB and the master's degree in cybersecurity. He continues to share his expertise as a professor in the ITESM Master's program in cybersecurity, guiding the next generation of professionals.
Carlos is also an active participant in international forums, where he shares practical insights and connects with diverse audiences, bridging technical and non-technical perspectives with clarity and impact.
His international expertise is marked by his active participation in initiatives that bridge the gap between the private sector, public institutions, and academia. Carlos has worked with organizations of all sizes around the globe, from multinational conglomerates to startups, bringing a broad, practical perspective across industries. This experience allows him to tailor cybersecurity strategies that are effective and scalable, regardless of organizational size or sector.
He served as an advisor on cybersecurity matters to the Executive Office of the President of Mexico for the National Cybersecurity Plan and was a member of the first Cybersecurity Innovation Council led by the Organization of American States (OAS), where he fostered collaboration among participating countries. At the Instituto Tecnologico y de Estudios Superiores de Monterrey (ITESM), Carlos played an active role in shaping the design of the Cybersecurity HUB and the master's degree in cybersecurity. He continues to share his expertise as a professor in the ITESM Master's program in cybersecurity, guiding the next generation of professionals.
Carlos is also an active participant in international forums, where he shares practical insights and connects with diverse audiences, bridging technical and non-technical perspectives with clarity and impact.
Content
Introduction, Section I. Mastering the essentials of cyber risk management, 1. Fundamentals of cyber risk management, 2. Cyber risk management frameworks, 3. Governance and cybersecurity culture, 4. Cyber risk management methodology and risk register, 5. Laying the groundwork, Section II. Executing cyber risk management in five steps, 6. Starting the process: Contexts and information gathering, 7. Risk assessment: From identification to characterization, 8. Risk treatment strategies, 9. Making things happen: Communication and implementation, 10. Risk monitoring and metrics, Section III. Elevating beyond basics: Achieving cyber resilience, 11. Third- party risk management, 12. Building cyber resilience, 13. Advancing toward risk quantification, 14. New technologies: Methods, tools, and challenges, Section IV. Conclusion, 15. Bringing it all together