Building Effective Cybersecurity Programs: A Security Manager’s Handbook

Rothstein Publishing
Free sample

You know by now that your company could not survive without the Internet. Not in today’s market. You are either part of the digital economy or reliant upon it. With critical information assets at risk, your company requires a state-of-the-art cybersecurity program. But how do you achieve the best possible program? Tari Schreider, in Building Effective Cybersecurity Programs: A Security Manager’s Handbook, lays out the step-by-step roadmap to follow as you build or enhance your cybersecurity program.

Over 30+ years, Tari Schreider has designed and implemented cybersecurity programs throughout the world, helping hundreds of companies like yours. Building on that experience, he has created a clear roadmap that will allow the process to go more smoothly for you. Building Effective Cybersecurity Programs: A Security Manager’s Handbook is organized around the six main steps on the roadmap that will put your cybersecurity program in place:

  1. Design a Cybersecurity Program
  2. Establish a Foundation of Governance
  3. Build a Threat, Vulnerability Detection, and Intelligence Capability
  4. Build a Cyber Risk Management Capability
  5. Implement a Defense-in-Depth Strategy
  6. Apply Service Management to Cybersecurity Programs

Because Schreider has researched and analyzed over 150 cybersecurity architectures, frameworks, and models, he has saved you hundreds of hours of research. He sets you up for success by talking to you directly as a friend and colleague, using practical examples. His book helps you to:

  • Identify the proper cybersecurity program roles and responsibilities.
  • Classify assets and identify vulnerabilities.
  • Define an effective cybersecurity governance foundation.
  • Evaluate the top governance frameworks and models.
  • Automate your governance program to make it more effective.
  • Integrate security into your application development process.
  • Apply defense-in-depth as a multi-dimensional strategy.
  • Implement a service management approach to implementing countermeasures.

With this handbook, you can move forward confidently, trusting that Schreider is recommending the best components of a cybersecurity program for you. In addition, the book provides hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies.

Read more

About the author

Tari Schreider, SSCP, CISM, C|CISO, ITIL Foundation, is a distinguished technologist and nationally known expert in the fields of cybersecurity, risk management, and disaster recovery. Co-founder of Prescriptive Risk Solutions, LLC (PRS), he is former Chief Security Architect at Hewlett-Packard Enterprise. PRS designs custom solutions for companies with challenging legal and regulatory compliance issues that need to be solved quickly. PRS maintains one of the world’s largest databases of security and disaster recovery incidents with nearly 12,000 incidents covering 10.6 billion compromised records.

Mr. Schreider has designed and implemented complex cybersecurity programs including a red team penetration testing program for one of the largest oil and gas companies in the world, an NERC CIP compliance program for one of Canada’s largest electric utility companies, and an integrated security control management program for one of the US’ largest 911 systems. He has advised organizations from China to India on how to improve their cybersecurity programs through his Information Security Service Management – Reference Model (ISSM-RM). Schreider implemented a virtual Security Operations Center network with vSOCs located in the US, Brazil, Italy, Japan, Sweden, and the US. He was also responsible for creating the first Information Sharing and Analysis Center in collaboration with the Information Technology Association of America (IT-ISCA). His earliest disaster recovery experiences included assisting companies affected by the 1992 Los Angeles Rodney King Riots, and 1993 World Trade Center bombing. His unique experience came during the 1990 Gulf War, helping a New York financial institution recover after becoming separated from its data center in Kuwait.

Schreider has appeared on ABC News, CNN, CNBC, NPR, and has had numerous articles printed in security and business magazines including Business Week, New York Times, SC Magazine, The Wall Street Journal, and many others.

He studied Criminal Justice at the College of Social & Behavioral Sciences at the University of Phoenix and holds the following certifications in security and disaster recovery:

• American College of Forensic Examiners, CHS-III • Certified CISO (C|CISO) • Certified Information Security Manager (CISM) • ITILTM v3 Foundation Certified • System Security Certified Practitioner (SSCP) • The Business Continuity Institute, MBCI • University of Richmond – Master Certified Recovery Planner (MCRP)

Kristen Noakes-Fry, ABCI, is Executive Editor at Rothstein Publishing. Previously, she was a Research Director, Information Security and Risk Group, for Gartner, Inc.; Associate Editor at Datapro (McGraw- Hill); and Associate Professor of English at Atlantic Cape College in New Jersey. She holds an M.A. from New York University and a B.A. from Russell Sage College.

Read more
Loading...

Additional Information

Publisher
Rothstein Publishing
Read more
Published on
Oct 20, 2017
Read more
Pages
249
Read more
ISBN
9781944480509
Read more
Language
English
Read more
Genres
Business & Economics / General
Business & Economics / Insurance / General
Business & Economics / Insurance / Risk Assessment & Management
Business & Economics / Management
Read more
Content Protection
This content is DRM protected.
Read more
Read Aloud
Available on Android devices
Read more
Eligible for Family Library

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
In today’s litigious business world, cyber-related matters could land you in court. As a computer security professional, you are protecting your data, but are you protecting your company? While you know industry standards and regulations, you may not be a legal expert. Fortunately, in a few hours of reading, rather than months of classroom study, Tari Schreider’s The Manager’s Guide to Cybersecurity Law: Essentials for Today’s Business, lets you integrate legal issues into your security program.

Tari Schreider, a board-certified information security practitioner with a criminal justice administration background, has written a much-needed book that bridges the gap between cybersecurity programs and cybersecurity law. He says, “My nearly 40 years in the fields of cybersecurity, risk management, and disaster recovery have taught me some immutable truths. One of these truths is that failure to consider the law when developing a cybersecurity program results in a protective façade or false sense of security.”

In a friendly style, offering real-world business examples from his own experience supported by a wealth of court cases, Schreider covers the range of practical information you will need as you explore – and prepare to apply – cybersecurity law. His practical, easy-to-understand explanations help you to:

Understand your legal duty to act reasonably and responsibly to protect assets and information. Identify which cybersecurity laws have the potential to impact your cybersecurity program. Upgrade cybersecurity policies to comply with state, federal, and regulatory statutes. Communicate effectively about cybersecurity law with corporate legal department and counsel. Understand the implications of emerging legislation for your cybersecurity program. Know how to avoid losing a cybersecurity court case on procedure – and develop strategies to handle a dispute out of court. Develop an international view of cybersecurity and data privacy – and international legal frameworks.

Schreider takes you beyond security standards and regulatory controls to ensure that your current or future cybersecurity program complies with all laws and legal jurisdictions. Hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies. This book needs to be required reading before your next discussion with your corporate legal department.

Now updated — your guide to getting the best insurance policy

Are you intimidated by insurance? Have no fear — this easy-to-understand guide explains everything you need to know, from getting the most coverage at the best price to dealing with adjusters, filing claims, and more. Whether you're looking for personal or business insurance, you'll see how to avoid common pitfalls, lower your costs, and get what you deserve at claim time.

Get to know the basics — understand how to make good insurance decisions and reduce the chances of a financial loss in your life

Take your insurance on the road — manage your personal automobile risks, handle special situations, insure recreational vehicles, and deal with insurance adjusters

Understand homeowner's and renter's insurance — know what is and isn't covered by typical policies, common exclusions and pitfalls, and how to cover yourself against personal lawsuits

Buy the right umbrella policy — discover the advantages, and coordinate your policies to cover the gaps

Manage life, health, and disability risks — explore individual and group policies, understand Medicare basics, and evaluate long-term disability and long-term-care insurance

Open the book and find:

The best life, health, home, and auto policies

Strategies for handling the claims process to get what you deserve

Tips on adjusting your deductible to suit your lifestyle

How to navigate healthcare policies

Ways to reduce your risk and your premiums

Common traps and loopholes

Considerations for grads, freelancers, and remote workers

“Entertaining and informative. Desai takes us on a journey through the fundamentals of finance, from asset pricing to risk and risk management, via options, mergers, debt, and bankruptcy."- John Lanchester, The New Yorker

"A fascinating new perspective on modern finance," --Oliver Hart, 2016 Nobel Laureate in Economics

"Lucid, witty and delightfully erudite...From the French revolution to film noir, from the history of probability to Jane Austen and The Simpsons, this is an astonishing intellectual feast." --Sebastian Mallaby, author of The Man Who Knew: The Life and Times of Alan Greenspan

Longlisted for 2017 Financial Times/McKinsey Business Book of the Year 

A 2017 AMAZON PICK IN BUSINESS & LEADERSHIP

A WealthManagement.com BEST BUSINESS BOOK OF 2017

In 1688, essayist Josef de la Vega described finance as both “the fairest and most deceitful business . . . the noblest and the most infamous in the world, the finest and most vulgar on earth.”

The characterization of finance as deceitful, infamous, and vulgar still rings true today – particularly in the wake of the 2008 financial crisis. But, what happened to the fairest, noblest, and finest profession that de la Vega saw? 

De la Vega hit on an essential truth that has been forgotten: finance can be just as principled, life-affirming, and worthy as it can be fraught with questionable practices.  Today, finance is shrouded in mystery for outsiders, while many insiders are uneasy with the disrepute of their profession.  How can finance become more accessible and also recover its nobility?

Harvard Business School professor Mihir Desai, in his “last lecture” to the graduating Harvard MBA class of 2015, took up the cause of restoring humanity to finance. With incisive wit and irony, his lecture drew upon a rich knowledge of literature, film, history, and philosophy to explain the inner workings of finance in a manner that has never been seen before.

This book captures Desai’s lucid exploration of the ideas of finance as seen through the unusual prism of the humanities. Through this novel, creative approach, Desai shows that outsiders can access the underlying ideas easily and insiders can reacquaint themselves with the core humanity of their profession.

The mix of finance and the humanities creates unusual pairings: Jane Austen and Anthony Trollope are guides to risk management; Jeff Koons becomes an advocate of leverage; and Mel Brooks’s The Producers teaches us about fiduciary responsibility. In Desai’s vision, the principles of finance also provide answers to critical questions in our lives. Among many surprising parallels, bankruptcy teaches us how to react to failure, the lessons of mergers apply to marriages, and the Capital Asset Pricing Model demonstrates the true value of relationships.
THE WISDOM OF FINANCE is a wholly unique book, offering a refreshing new perspective on one of the world’s most complex and misunderstood professions.    
Concept of the Corporation was the first study ever of the constitution, structure, and internal dynamics of a major business enterprise. Basing his work on a two-year analysis of the company done during the closing years of World War II, Drucker looks at the General Motors managerial organization from within. He tries to understand what makes the company work so effectively, what its core principles are, and how they contribute to its successes. The themes this volume addresses go far beyond the business corporation, into a consideration of the dynamics of the so-called corporate state itself.

When the book initially appeared, General Motors managers rejected it as unfairly critical and antibusiness. Yet, the GM concept of the corporation and its principles of organization later became models for organizations worldwide. Not only businesses, but also government agencies, research laboratories, hospitals, and universities have found in Concept of the Corporation a basis for effective organization and management.

Because it offers a fundamental theory of corporate goals, this book is a valuable resource for business professionals and organization analysts. It will also be of interest to students and professionals in economics, public administration, and political science. Professional and technical readers who admire Peter Drucker's work will want to be certain this volume is in their personal library. At a time when everything from the size to the structure of corporations is being questioned, this classic should prove a valuable guide.

"Toyota Kata gets to the essence of how Toyota manages continuous improvement and human ingenuity, through its improvement kata and coaching kata. Mike Rother explains why typical companies fail to understand the core of lean and make limited progress—and what it takes to make it a real part of your culture."
—Jeffrey K. Liker, bestselling author of The Toyota Way

"[Toyota Kata is] one of the stepping stones that will usher in a new era of management thinking."
—The Systems Thinker

"How any organization in any industry can progress from old-fashioned management by results to a strikingly different and better way."
—James P. Womack, Chairman and Founder, Lean Enterprise Institute

"Practicing the improvement kata is perhaps the best way we've found so far for actualizing PDCA in an organization."
—John Shook, Chairman and CEO, Lean Enterprise Institute

This game-changing book puts you behind the curtain at Toyota, providing new insight into the legendary automaker's management practices and offering practical guidance for leading and developing people in a way that makes the best use of their brainpower.

Drawing on six years of research into Toyota's employee-management routines, Toyota Kata examines and elucidates, for the first time, the company's organizational routines--called kata--that power its success with continuous improvement and adaptation. The book also reaches beyond Toyota to explain issues of human behavior in organizations and provide specific answers to questions such as:

How can we make improvement and adaptation part of everyday work throughout the organization? How can we develop and utilize the capability of everyone in the organization to repeatedly work toward and achieve new levels of performance? How can we give an organization the power to handle dynamic, unpredictable situations and keep satisfying customers?

Mike Rother explains how to improve our prevailing management approach through the use of two kata: Improvement Kata--a repeating routine of establishing challenging target conditions, working step-by-step through obstacles, and always learning from the problems we encounter; and Coaching Kata: a pattern of teaching the improvement kata to employees at every level to ensure it motivates their ways of thinking and acting.

With clear detail, an abundance of practical examples, and a cohesive explanation from start to finish, Toyota Kata gives executives and managers at any level actionable routines of thought and behavior that produce superior results and sustained competitive advantage.

©2018 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.