Building Effective Cybersecurity Programs: A Security Manager’s Handbook

Rothstein Publishing
Free sample

You know by now that your company could not survive without the Internet. Not in today’s market. You are either part of the digital economy or reliant upon it. With critical information assets at risk, your company requires a state-of-the-art cybersecurity program. But how do you achieve the best possible program? Tari Schreider, in Building Effective Cybersecurity Programs: A Security Manager’s Handbook, lays out the step-by-step roadmap to follow as you build or enhance your cybersecurity program.

Over 30+ years, Tari Schreider has designed and implemented cybersecurity programs throughout the world, helping hundreds of companies like yours. Building on that experience, he has created a clear roadmap that will allow the process to go more smoothly for you. Building Effective Cybersecurity Programs: A Security Manager’s Handbook is organized around the six main steps on the roadmap that will put your cybersecurity program in place:

  1. Design a Cybersecurity Program
  2. Establish a Foundation of Governance
  3. Build a Threat, Vulnerability Detection, and Intelligence Capability
  4. Build a Cyber Risk Management Capability
  5. Implement a Defense-in-Depth Strategy
  6. Apply Service Management to Cybersecurity Programs

Because Schreider has researched and analyzed over 150 cybersecurity architectures, frameworks, and models, he has saved you hundreds of hours of research. He sets you up for success by talking to you directly as a friend and colleague, using practical examples. His book helps you to:

  • Identify the proper cybersecurity program roles and responsibilities.
  • Classify assets and identify vulnerabilities.
  • Define an effective cybersecurity governance foundation.
  • Evaluate the top governance frameworks and models.
  • Automate your governance program to make it more effective.
  • Integrate security into your application development process.
  • Apply defense-in-depth as a multi-dimensional strategy.
  • Implement a service management approach to implementing countermeasures.

With this handbook, you can move forward confidently, trusting that Schreider is recommending the best components of a cybersecurity program for you. In addition, the book provides hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies.

Read more

About the author

Tari Schreider, SSCP, CISM, C|CISO, ITIL Foundation, is a distinguished technologist and nationally known expert in the fields of cybersecurity, risk management, and disaster recovery. Co-founder of Prescriptive Risk Solutions, LLC (PRS), he is former Chief Security Architect at Hewlett-Packard Enterprise. PRS designs custom solutions for companies with challenging legal and regulatory compliance issues that need to be solved quickly. PRS maintains one of the world’s largest databases of security and disaster recovery incidents with nearly 12,000 incidents covering 10.6 billion compromised records.

Mr. Schreider has designed and implemented complex cybersecurity programs including a red team penetration testing program for one of the largest oil and gas companies in the world, an NERC CIP compliance program for one of Canada’s largest electric utility companies, and an integrated security control management program for one of the US’ largest 911 systems. He has advised organizations from China to India on how to improve their cybersecurity programs through his Information Security Service Management – Reference Model (ISSM-RM). Schreider implemented a virtual Security Operations Center network with vSOCs located in the US, Brazil, Italy, Japan, Sweden, and the US. He was also responsible for creating the first Information Sharing and Analysis Center in collaboration with the Information Technology Association of America (IT-ISCA). His earliest disaster recovery experiences included assisting companies affected by the 1992 Los Angeles Rodney King Riots, and 1993 World Trade Center bombing. His unique experience came during the 1990 Gulf War, helping a New York financial institution recover after becoming separated from its data center in Kuwait.

Schreider has appeared on ABC News, CNN, CNBC, NPR, and has had numerous articles printed in security and business magazines including Business Week, New York Times, SC Magazine, The Wall Street Journal, and many others.

He studied Criminal Justice at the College of Social & Behavioral Sciences at the University of Phoenix and holds the following certifications in security and disaster recovery:

• American College of Forensic Examiners, CHS-III • Certified CISO (C|CISO) • Certified Information Security Manager (CISM) • ITILTM v3 Foundation Certified • System Security Certified Practitioner (SSCP) • The Business Continuity Institute, MBCI • University of Richmond – Master Certified Recovery Planner (MCRP)

Kristen Noakes-Fry, ABCI, is Executive Editor at Rothstein Publishing. Previously, she was a Research Director, Information Security and Risk Group, for Gartner, Inc.; Associate Editor at Datapro (McGraw- Hill); and Associate Professor of English at Atlantic Cape College in New Jersey. She holds an M.A. from New York University and a B.A. from Russell Sage College.

Read more

Reviews

Loading...

Additional Information

Publisher
Rothstein Publishing
Read more
Published on
Oct 20, 2017
Read more
Pages
249
Read more
ISBN
9781944480509
Read more
Language
English
Read more
Genres
Business & Economics / General
Business & Economics / Insurance / General
Business & Economics / Insurance / Risk Assessment & Management
Business & Economics / Management
Read more
Content Protection
This content is DRM protected.
Read more
Read Aloud
Available on Android devices
Read more
Eligible for Family Library

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
Tari Schreider, SSCP, CISM, C|CISO, ITIL Foundation
In today’s litigious business world, cyber-related matters could land you in court. As a computer security professional, you are protecting your data, but are you protecting your company? While you know industry standards and regulations, you may not be a legal expert. Fortunately, in a few hours of reading, rather than months of classroom study, Tari Schreider’s The Manager’s Guide to Cybersecurity Law: Essentials for Today’s Business, lets you integrate legal issues into your security program.

Tari Schreider, a board-certified information security practitioner with a criminal justice administration background, has written a much-needed book that bridges the gap between cybersecurity programs and cybersecurity law. He says, “My nearly 40 years in the fields of cybersecurity, risk management, and disaster recovery have taught me some immutable truths. One of these truths is that failure to consider the law when developing a cybersecurity program results in a protective façade or false sense of security.”

In a friendly style, offering real-world business examples from his own experience supported by a wealth of court cases, Schreider covers the range of practical information you will need as you explore – and prepare to apply – cybersecurity law. His practical, easy-to-understand explanations help you to:

Understand your legal duty to act reasonably and responsibly to protect assets and information. Identify which cybersecurity laws have the potential to impact your cybersecurity program. Upgrade cybersecurity policies to comply with state, federal, and regulatory statutes. Communicate effectively about cybersecurity law with corporate legal department and counsel. Understand the implications of emerging legislation for your cybersecurity program. Know how to avoid losing a cybersecurity court case on procedure – and develop strategies to handle a dispute out of court. Develop an international view of cybersecurity and data privacy – and international legal frameworks.

Schreider takes you beyond security standards and regulatory controls to ensure that your current or future cybersecurity program complies with all laws and legal jurisdictions. Hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies. This book needs to be required reading before your next discussion with your corporate legal department.

Jack Hungelmann
Now updated — your guide to getting the best insurance policy

Are you intimidated by insurance? Have no fear — this easy-to-understand guide explains everything you need to know, from getting the most coverage at the best price to dealing with adjusters, filing claims, and more. Whether you're looking for personal or business insurance, you'll see how to avoid common pitfalls, lower your costs, and get what you deserve at claim time.

Get to know the basics — understand how to make good insurance decisions and reduce the chances of a financial loss in your life

Take your insurance on the road — manage your personal automobile risks, handle special situations, insure recreational vehicles, and deal with insurance adjusters

Understand homeowner's and renter's insurance — know what is and isn't covered by typical policies, common exclusions and pitfalls, and how to cover yourself against personal lawsuits

Buy the right umbrella policy — discover the advantages, and coordinate your policies to cover the gaps

Manage life, health, and disability risks — explore individual and group policies, understand Medicare basics, and evaluate long-term disability and long-term-care insurance

Open the book and find:

The best life, health, home, and auto policies

Strategies for handling the claims process to get what you deserve

Tips on adjusting your deductible to suit your lifestyle

How to navigate healthcare policies

Ways to reduce your risk and your premiums

Common traps and loopholes

Considerations for grads, freelancers, and remote workers

Tari Schreider, SSCP, CISM, C|CISO, ITIL Foundation
In today’s litigious business world, cyber-related matters could land you in court. As a computer security professional, you are protecting your data, but are you protecting your company? While you know industry standards and regulations, you may not be a legal expert. Fortunately, in a few hours of reading, rather than months of classroom study, Tari Schreider’s The Manager’s Guide to Cybersecurity Law: Essentials for Today’s Business, lets you integrate legal issues into your security program.

Tari Schreider, a board-certified information security practitioner with a criminal justice administration background, has written a much-needed book that bridges the gap between cybersecurity programs and cybersecurity law. He says, “My nearly 40 years in the fields of cybersecurity, risk management, and disaster recovery have taught me some immutable truths. One of these truths is that failure to consider the law when developing a cybersecurity program results in a protective façade or false sense of security.”

In a friendly style, offering real-world business examples from his own experience supported by a wealth of court cases, Schreider covers the range of practical information you will need as you explore – and prepare to apply – cybersecurity law. His practical, easy-to-understand explanations help you to:

Understand your legal duty to act reasonably and responsibly to protect assets and information. Identify which cybersecurity laws have the potential to impact your cybersecurity program. Upgrade cybersecurity policies to comply with state, federal, and regulatory statutes. Communicate effectively about cybersecurity law with corporate legal department and counsel. Understand the implications of emerging legislation for your cybersecurity program. Know how to avoid losing a cybersecurity court case on procedure – and develop strategies to handle a dispute out of court. Develop an international view of cybersecurity and data privacy – and international legal frameworks.

Schreider takes you beyond security standards and regulatory controls to ensure that your current or future cybersecurity program complies with all laws and legal jurisdictions. Hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies. This book needs to be required reading before your next discussion with your corporate legal department.

Mihir Desai
"A fascinating new perspective on modern finance," --Oliver Hart, 2016 Nobel Laureate in Economics

"Lucid, witty and delightfully erudite...From the French revolution to film noir, from the history of probability to Jane Austen and The Simpsons, this is an astonishing intellectual feast." --Sebastian Mallaby, author of The Man Who Knew: The Life and Times of Alan Greenspan

Longlisted for 2017 Financial Times/McKinsey Business Book of the Year 

A 2017 AMAZON PICK IN BUSINESS & LEADERSHIP

A WealthManagement.com BEST BUSINESS BOOK OF 2017

In 1688, essayist Josef de la Vega described finance as both “the fairest and most deceitful business . . . the noblest and the most infamous in the world, the finest and most vulgar on earth.”

The characterization of finance as deceitful, infamous, and vulgar still rings true today – particularly in the wake of the 2008 financial crisis. But, what happened to the fairest, noblest, and finest profession that de la Vega saw? 

De la Vega hit on an essential truth that has been forgotten: finance can be just as principled, life-affirming, and worthy as it can be fraught with questionable practices.  Today, finance is shrouded in mystery for outsiders, while many insiders are uneasy with the disrepute of their profession.  How can finance become more accessible and also recover its nobility?

Harvard Business School professor Mihir Desai, in his “last lecture” to the graduating Harvard MBA class of 2015, took up the cause of restoring humanity to finance. With incisive wit and irony, his lecture drew upon a rich knowledge of literature, film, history, and philosophy to explain the inner workings of finance in a manner that has never been seen before.

This book captures Desai’s lucid exploration of the ideas of finance as seen through the unusual prism of the humanities. Through this novel, creative approach, Desai shows that outsiders can access the underlying ideas easily and insiders can reacquaint themselves with the core humanity of their profession.

The mix of finance and the humanities creates unusual pairings: Jane Austen and Anthony Trollope are guides to risk management; Jeff Koons becomes an advocate of leverage; and Mel Brooks’s The Producers teaches us about fiduciary responsibility. In Desai’s vision, the principles of finance also provide answers to critical questions in our lives. Among many surprising parallels, bankruptcy teaches us how to react to failure, the lessons of mergers apply to marriages, and the Capital Asset Pricing Model demonstrates the true value of relationships.
THE WISDOM OF FINANCE is a wholly unique book, offering a refreshing new perspective on one of the world’s most complex and misunderstood professions.    
©2018 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.