{"product_id":"cybersecurity-for-executives-9781118888148","title":"Cybersecurity for Executives","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003ePractical guide that can be used by executives to make well-informed decisions on cybersecurity issues to better protect their business \u003cul\u003e \u003cli\u003eEmphasizes, in a direct and uncomplicated way, how executives can identify, understand, assess, and mitigate risks associated with cybersecurity issues\u003c\/li\u003e \u003cli\u003eCovers ''What to Do When You Get Hacked?'' including Business Continuity and Disaster Recovery planning, Public Relations, Legal and Regulatory issues, and Notifications and Disclosures\u003c\/li\u003e \u003cli\u003eProvides steps for integrating cybersecurity into Strategy; Policy and Guidelines; Change Management and Personnel Management\u003c\/li\u003e \u003cli\u003eIdentifies cybersecurity best practices that executives can and should use both in the office and at home to protect their vital information\u003c\/li\u003e \u003c\/ul\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eForeword xiii\u003c\/p\u003e \u003cp\u003ePreface xvii\u003c\/p\u003e \u003cp\u003eAcknowledgments xxiii\u003c\/p\u003e \u003cp\u003e\u003cb\u003e1.0 Introduction 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e1.1 Defining Cybersecurity 1\u003c\/p\u003e \u003cp\u003e1.2 Cybersecurity is a Business Imperative 2\u003c\/p\u003e \u003cp\u003e1.3 Cybersecurity is an Executive-Level Concern 4\u003c\/p\u003e \u003cp\u003e1.4 Questions to Ask 4\u003c\/p\u003e \u003cp\u003e1.5 Views of Others 7\u003c\/p\u003e \u003cp\u003e1.6 Cybersecurity is a Full-Time Activity 7\u003c\/p\u003e \u003cp\u003e\u003cb\u003e2.0 Why Be Concerned? 9\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e2.1 A Classic Hack 9\u003c\/p\u003e \u003cp\u003e2.2 Who Wants Your Fortune? 12\u003c\/p\u003e \u003cp\u003e2.3 Nation-State Threats 13\u003c\/p\u003e \u003cp\u003e2.3.1 China 13\u003c\/p\u003e \u003cp\u003e2.3.2 Don’t Think that China is the Only One 17\u003c\/p\u003e \u003cp\u003e2.4 Cybercrime is Big Business 20\u003c\/p\u003e \u003cp\u003e2.4.1 Mercenary Hackers 20\u003c\/p\u003e \u003cp\u003e2.4.2 Hacktivists 25\u003c\/p\u003e \u003cp\u003e2.4.3 The Insider Threat 26\u003c\/p\u003e \u003cp\u003e2.4.4 Substandard Products and Services 29\u003c\/p\u003e \u003cp\u003e2.5 Summary 36\u003c\/p\u003e \u003cp\u003e\u003cb\u003e3.0 Managing Risk 37\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e3.1 Who Owns Risk in Your Business? 37\u003c\/p\u003e \u003cp\u003e3.2 What are Your Risks? 38\u003c\/p\u003e \u003cp\u003e3.2.1 Threats to Your Intellectual Property and Trade Secrets 38\u003c\/p\u003e \u003cp\u003e3.2.2 Technical Risks 42\u003c\/p\u003e \u003cp\u003e3.2.3 Human Risks 47\u003c\/p\u003e \u003cp\u003e3.3 Calculating Your Risk 54\u003c\/p\u003e \u003cp\u003e3.3.1 Quantitative Risk Assessment 55\u003c\/p\u003e \u003cp\u003e3.3.2 Qualitative Risk Assessment 63\u003c\/p\u003e \u003cp\u003e3.3.3 Risk Decisions 71\u003c\/p\u003e \u003cp\u003e3.4 Communicating Risk 77\u003c\/p\u003e \u003cp\u003e3.4.1 Communicating Risk Internally 78\u003c\/p\u003e \u003cp\u003e3.4.2 Regulatory Communications 79\u003c\/p\u003e \u003cp\u003e3.4.3 Communicating with Shareholders 86\u003c\/p\u003e \u003cp\u003e3.5 Organizing for Success 89\u003c\/p\u003e \u003cp\u003e3.5.1 Risk Management Committee 89\u003c\/p\u003e \u003cp\u003e3.5.2 Chief Risk Officers 90\u003c\/p\u003e \u003cp\u003e3.6 Summary 91\u003c\/p\u003e \u003cp\u003e\u003cb\u003e4.0 Build Your Strategy 95\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e4.1 How Much “Cybersecurity” Do I Need? 95\u003c\/p\u003e \u003cp\u003e4.2 The Mechanics of Building Your Strategy 97\u003c\/p\u003e \u003cp\u003e4.2.1 Where are We Now? 99\u003c\/p\u003e \u003cp\u003e4.2.2 What do We have to Work with? 103\u003c\/p\u003e \u003cp\u003e4.2.3 Where do We Want to be? 104\u003c\/p\u003e \u003cp\u003e4.2.4 How do We Get There? 107\u003c\/p\u003e \u003cp\u003e4.2.5 Goals and Objectives 108\u003c\/p\u003e \u003cp\u003e4.3 Avoiding Strategy Failure 111\u003c\/p\u003e \u003cp\u003e4.3.1 Poor Plans, Poor Execution 111\u003c\/p\u003e \u003cp\u003e4.3.2 Lack of Communication 113\u003c\/p\u003e \u003cp\u003e4.3.3 Resistance to Change 114\u003c\/p\u003e \u003cp\u003e4.3.4 Lack of Leadership and Oversight 117\u003c\/p\u003e \u003cp\u003e4.4 Ways to Incorporate Cybersecurity into Your Strategy 118\u003c\/p\u003e \u003cp\u003e4.4.1 Identify the Information Critical to Your Business 119\u003c\/p\u003e \u003cp\u003e4.4.2 Make Cybersecurity Part of Your Culture 119\u003c\/p\u003e \u003cp\u003e4.4.3 Consider Cybersecurity Impacts in Your Decisions 119\u003c\/p\u003e \u003cp\u003e4.4.4 Measure Your Progress 120\u003c\/p\u003e \u003cp\u003e4.5 Plan For Success 121\u003c\/p\u003e \u003cp\u003e4.6 Summary 123\u003c\/p\u003e \u003cp\u003e\u003cb\u003e5.0 Plan For Success 125\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e5.1 Turning Vision into Reality 125\u003c\/p\u003e \u003cp\u003e5.1.1 Planning for Excellence 127\u003c\/p\u003e \u003cp\u003e5.1.2 A Plan of Action 128\u003c\/p\u003e \u003cp\u003e5.1.3 Doing Things 131\u003c\/p\u003e \u003cp\u003e5.2 Policies Complement Plans 140\u003c\/p\u003e \u003cp\u003e5.2.1 Great Cybersecurity Policies for Everyone 140\u003c\/p\u003e \u003cp\u003e5.2.2 Be Clear about Your Policies and Who Owns Them 188\u003c\/p\u003e \u003cp\u003e5.3 Procedures Implement Plans 190\u003c\/p\u003e \u003cp\u003e5.4 Exercise Your Plans 191\u003c\/p\u003e \u003cp\u003e5.5 Legal Compliance Concerns 193\u003c\/p\u003e \u003cp\u003e5.6 Auditing 195\u003c\/p\u003e \u003cp\u003e5.7 Summary 196\u003c\/p\u003e \u003cp\u003e\u003cb\u003e6.0 Change Management 199\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e6.1 Why Managing Change is Important 199\u003c\/p\u003e \u003cp\u003e6.2 When to Change? 201\u003c\/p\u003e \u003cp\u003e6.3 What is Impacted by Change? 205\u003c\/p\u003e \u003cp\u003e6.4 Change Management and Internal Controls 209\u003c\/p\u003e \u003cp\u003e6.5 Change Management as a Process 214\u003c\/p\u003e \u003cp\u003e6.5.1 The Touhill Change Management Process 215\u003c\/p\u003e \u003cp\u003e6.5.2 Following the Process 216\u003c\/p\u003e \u003cp\u003e6.5.3 Have a Plan B, Plan C, and maybe a Plan D 220\u003c\/p\u003e \u003cp\u003e6.6 Best Practices in Change Management 220\u003c\/p\u003e \u003cp\u003e6.7 Summary 224\u003c\/p\u003e \u003cp\u003e\u003cb\u003e7.0 Personnel Management 227\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e7.1 Finding the Right Fit 227\u003c\/p\u003e \u003cp\u003e7.2 Creating the Team 229\u003c\/p\u003e \u003cp\u003e7.2.1 Picking the Right Leaders 230\u003c\/p\u003e \u003cp\u003e7.2.2 Your Cybersecurity Leaders 233\u003c\/p\u003e \u003cp\u003e7.3 Establishing Performance Standards 237\u003c\/p\u003e \u003cp\u003e7.4 Organizational Considerations 240\u003c\/p\u003e \u003cp\u003e7.5 Training for Success 242\u003c\/p\u003e \u003cp\u003e7.5.1 Information Every Employee Ought to Know 242\u003c\/p\u003e \u003cp\u003e7.5.2 Special Training for Executives 246\u003c\/p\u003e \u003cp\u003e7.6 Special Considerations for Critical Infrastructure Protection 249\u003c\/p\u003e \u003cp\u003e7.7 Summary 258\u003c\/p\u003e \u003cp\u003e\u003cb\u003e8.0 Performance Measures 261\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e8.1 Why Measure? 261\u003c\/p\u003e \u003cp\u003e8.2 What to Measure? 267\u003c\/p\u003e \u003cp\u003e8.2.1 Business Drivers 267\u003c\/p\u003e \u003cp\u003e8.2.2 Types of Metrics 271\u003c\/p\u003e \u003cp\u003e8.3 Metrics and the C-Suite 272\u003c\/p\u003e \u003cp\u003e8.3.1 Considerations for the C-Suite 273\u003c\/p\u003e \u003cp\u003e8.3.2 Questions about Cybersecurity Executives Should Ask 275\u003c\/p\u003e \u003cp\u003e8.4 The Executive Cybersecurity Dashboard 277\u003c\/p\u003e \u003cp\u003e8.4.1 How Vulnerable Are We? 277\u003c\/p\u003e \u003cp\u003e8.4.2 How Effective Are Our Systems and Processes? 282\u003c\/p\u003e \u003cp\u003e8.4.3 Do We Have the Right People, Are They Properly Trained, and Are They Following Proper Procedures? 286\u003c\/p\u003e \u003cp\u003e8.4.4 Am I Spending the Right Amount on Security? 287\u003c\/p\u003e \u003cp\u003e8.4.5 How Do We Compare to Others? 288\u003c\/p\u003e \u003cp\u003e8.4.6 Creating Your Executive Cybersecurity Dashboard 289\u003c\/p\u003e \u003cp\u003e8.5 Summary 291\u003c\/p\u003e \u003cp\u003e\u003cb\u003e9.0 What To Do When You Get Hacked 293\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e9.1 Hackers Already Have You Under Surveillance 293\u003c\/p\u003e \u003cp\u003e9.2 Things to do Before it’s Too Late: Preparing for the Hack 295\u003c\/p\u003e \u003cp\u003e9.2.1 Back Up Your Information 296\u003c\/p\u003e \u003cp\u003e9.2.2 Baseline and Define What is Normal 296\u003c\/p\u003e \u003cp\u003e9.2.3 Protect Yourself with Insurance 297\u003c\/p\u003e \u003cp\u003e9.2.4 Create Your Disaster Recovery and Business Continuity Plan 298\u003c\/p\u003e \u003cp\u003e9.3 What to do When Bad Things Happen: Implementing Your Plan 299\u003c\/p\u003e \u003cp\u003e9.3.1 Item 1: Don’t Panic 300\u003c\/p\u003e \u003cp\u003e9.3.2 Item 2: Make Sure You’ve Been Hacked 301\u003c\/p\u003e \u003cp\u003e9.3.3 Item 3: Gain Control 302\u003c\/p\u003e \u003cp\u003e9.3.4 Item 4: Reset All Passwords 303\u003c\/p\u003e \u003cp\u003e9.3.5 Item 5: Verify and Lock Down All Your External Links 304\u003c\/p\u003e \u003cp\u003e9.3.6 Item 6: Update and Scan 305\u003c\/p\u003e \u003cp\u003e9.3.7 Item 7: Assess the Damage 305\u003c\/p\u003e \u003cp\u003e9.3.8 Item 8: Make Appropriate Notifications 307\u003c\/p\u003e \u003cp\u003e9.3.9 Item 9: Find Out Why It Happened and Who Did It 309\u003c\/p\u003e \u003cp\u003e9.3.10 Item 10: Adjust Your Defenses 310\u003c\/p\u003e \u003cp\u003e9.4 Foot Stompers 310\u003c\/p\u003e \u003cp\u003e9.4.1 The Importance of Public Relations 310\u003c\/p\u003e \u003cp\u003e9.4.2 Working with Law Enforcement 315\u003c\/p\u003e \u003cp\u003e9.4.3 Addressing Liability 317\u003c\/p\u003e \u003cp\u003e9.4.4 Legal Issues to Keep an Eye On 318\u003c\/p\u003e \u003cp\u003e9.5 Fool Me Once… 319\u003c\/p\u003e \u003cp\u003e9.6 Summary 320\u003c\/p\u003e \u003cp\u003e\u003cb\u003e10.0 Boardroom Interactions 323\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAppendix A: Policies 347\u003c\/p\u003e \u003cp\u003eAppendix B: General Rules for Email Etiquette: Sample\u003c\/p\u003e \u003cp\u003eTraining Handout 357\u003c\/p\u003e \u003cp\u003eGlossary 361\u003c\/p\u003e \u003cp\u003eSelect Bibliography 371\u003c\/p\u003e \u003cp\u003eIndex 373\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49406940643671,"sku":"9781118888148","price":72.86,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781118888148.jpg?v=1730497629","url":"https:\/\/bookcurl.com\/products\/cybersecurity-for-executives-9781118888148","provider":"Book Curl","version":"1.0","type":"link"}