{"product_id":"stepping-through-cybersecurity-risk-management-a-systems-thinking-approach-hardcover","title":"Stepping Through Cybersecurity Risk Management: A Systems Thinking Approach - Hardcover","description":"\u003cp\u003eby \u003cb\u003eJennifer L. Bayuk\u003c\/b\u003e (Author)\u003c\/p\u003e\u003cp\u003e\u003cb\u003eStepping Through Cybersecurity Risk Management\u003c\/b\u003e \u003c\/p\u003e\u003cp\u003e\u003cb\u003eAuthoritative resource delivering the professional practice of cybersecurity from the perspective of enterprise governance and risk management.\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003ci\u003eStepping Through Cybersecurity Risk Management \u003c\/i\u003ecovers the professional practice of cybersecurity from the perspective of enterprise governance and risk management. It describes the state of the art in cybersecurity risk identification, classification, measurement, remediation, monitoring and reporting. It includes industry standard techniques for examining cybersecurity threat actors, cybersecurity attacks in the context of cybersecurity-related events, technology controls, cybersecurity measures and metrics, cybersecurity issue tracking and analysis, and risk and control assessments.\u003c\/p\u003e \u003cp\u003eThe text provides precise definitions for information relevant to cybersecurity management decisions and recommendations for collecting and consolidating that information in the service of enterprise risk management. The objective is to enable the reader to recognize, understand, and apply risk-relevant information to the analysis, evaluation, and mitigation of cybersecurity risk. A well-rounded resource, the text describes both reports and studies that improve cybersecurity decision support.\u003c\/p\u003e \u003cp\u003eComposed of 10 chapters, the author provides learning objectives, exercises and quiz questions per chapter in an appendix, with quiz answers and exercise grading criteria available to professors.\u003c\/p\u003e \u003cp\u003eWritten by a highly qualified professional with significant experience in the field, \u003ci\u003eStepping Through Cybersecurity Risk Management \u003c\/i\u003eincludes information on: \u003c\/p\u003e \u003cul\u003e \u003cli\u003eThreat actors and networks, attack vectors, event sources, security operations, and CISO risk evaluation criteria with respect to this activity\u003c\/li\u003e \u003cli\u003eControl process, policy, standard, procedures, automation, and guidelines, along with risk and control self assessment and compliance with regulatory standards\u003c\/li\u003e \u003cli\u003eCybersecurity measures and metrics, and corresponding key risk indicators\u003c\/li\u003e \u003cli\u003eThe role of humans in security, including the \"three lines of defense\" approach, auditing, and overall human risk management\u003c\/li\u003e \u003cli\u003eRisk appetite, tolerance, and categories, and analysis of alternative security approaches via reports and studies\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eProviding comprehensive coverage on the topic of cybersecurity through the unique lens of perspective of enterprise governance and risk management, \u003ci\u003eStepping Through Cybersecurity Risk Management \u003c\/i\u003eis an essential resource for professionals engaged in compliance with diverse business risk appetites, as well as regulatory requirements such as FFIEC, HIIPAA, and GDPR, as well as a comprehensive primer for those new to the field.\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e \u003cp\u003eA complimentary forward by Professor Gene Spafford explains why \"This book will be helpful to the newcomer as well as to the hierophants in the C-suite. The newcomer can read this to understand general principles and terms. The C-suite occupants can use the material as a guide to check that their understanding encompasses all it should.\"\u003c\/p\u003e\u003ch3\u003eBack Jacket\u003c\/h3\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003e \u003cb\u003eAuthoritative resource delivering the professional practice of cybersecurity from the perspective of enterprise governance and risk management.\u003c\/b\u003e \u003c\/p\u003e\u003cp\u003e\u003ci\u003eStepping Through Cybersecurity Risk Management \u003c\/i\u003ecovers the professional practice of cybersecurity from the perspective of enterprise governance and risk management. It describes the state of the art in cybersecurity risk identification, classification, measurement, remediation, monitoring and reporting. It includes industry standard techniques for examining cybersecurity threat actors, cybersecurity attacks in the context of cybersecurity-related events, technology controls, cybersecurity measures and metrics, cybersecurity issue tracking and analysis, and risk and control assessments. \u003c\/p\u003e\u003cp\u003eThe text provides precise definitions for information relevant to cybersecurity management decisions and recommendations for collecting and consolidating that information in the service of enterprise risk management. The objective is to enable the reader to recognize, understand, and apply risk-relevant information to the analysis, evaluation, and mitigation of cybersecurity risk. A well-rounded resource, the text describes both reports and studies that improve cybersecurity decision support. \u003c\/p\u003e\u003cp\u003eComposed of 10 chapters, the author provides learning objectives, exercises and quiz questions per chapter in an appendix, with quiz answers and exercise grading criteria available to professors. \u003c\/p\u003e\u003cp\u003eWritten by a highly qualified professional with significant experience in the field, \u003ci\u003eStepping Through Cybersecurity Risk Management \u003c\/i\u003eincludes information on: \u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eThreat actors and networks, attack vectors, event sources, security operations, and CISO risk evaluation criteria with respect to this activity \u003c\/li\u003e\n\u003cli\u003eControl process, policy, standard, procedures, automation, and guidelines, along with risk and control self assessment and compliance with regulatory standards \u003c\/li\u003e\n\u003cli\u003eCybersecurity measures and metrics, and corresponding key risk indicators \u003c\/li\u003e\n\u003cli\u003eThe role of humans in security, including the \"three lines of defense\" approach, auditing, and overall human risk management \u003c\/li\u003e\n\u003cli\u003eRisk appetite, tolerance, and categories, and analysis of alternative security approaches via reports and studies\u003c\/li\u003e\n\u003c\/ul\u003e \u003cp\u003eProviding comprehensive coverage on the topic of cybersecurity through the unique lens of perspective of enterprise governance and risk management, \u003ci\u003eStepping Through Cybersecurity Risk Management \u003c\/i\u003eis an essential resource for professionals engaged in compliance with diverse business risk appetites, as well as regulatory requirements such as FFIEC, HIIPAA, and GDPR, as well as a comprehensive primer for those new to the field.\u003c\/p\u003e\u003ch3\u003eAuthor Biography\u003c\/h3\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003e\u003cb\u003eJennifer L. Bayuk \u003c\/b\u003eis a cybersecurity due diligence expert with a MS in Computer Science and a PhD in Systems Engineering. She has been a Global Financial Services Technology Risk Management Officer, a Wall Street Chief Information Security Officer, a Big 4 Information Risk Management Consultant, a Manager of Information Technology Internal Audit, a Security Architect, a Bell Labs Security Software Engineer, a Professor of Systems Security Engineering, and a Private Cybersecurity Investigator and Expert Witness\u003c\/p\u003e\u003cdiv\u003e\n\u003cstrong\u003eNumber of Pages:\u003c\/strong\u003e 336\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003eDimensions:\u003c\/strong\u003e 0.75 x 9 x 6 IN\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003ePublication Date:\u003c\/strong\u003e March 26, 2024\u003c\/div\u003e","brand":"Books by splitShops","offers":[{"title":"Default Title","offer_id":51749590303008,"sku":"9781394213955","price":136.8,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0974\/9764\/5344\/files\/85e830c6ca435d68a38ae041b04391ea.webp?v=1779934270","url":"https:\/\/ebocreations.com\/products\/stepping-through-cybersecurity-risk-management-a-systems-thinking-approach-hardcover","provider":"The E-Book Oasis LLC","version":"1.0","type":"link"}