Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Resilient Cybersecurity

You're reading from   Resilient Cybersecurity Reconstruct your defense strategy in an evolving cyber world

Arrow left icon
Product type Paperback
Published in Sep 2024
Publisher Packt
ISBN-13 9781835462515
Length 752 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Mark Dunkerley Mark Dunkerley
Author Profile Icon Mark Dunkerley
Mark Dunkerley
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Current State FREE CHAPTER 2. Setting the Foundations 3. Building Your Roadmap 4. Solidifying Your Strategy 5. Cybersecurity Architecture 6. Identity and Access Management 7. Cybersecurity Operations 8. Vulnerability Management 9. User Awareness, Training, and Testing 10. Vendor Risk Management 11. Proactive Services 12. Operational Technology and the Internet of Things 13. Governance Oversight 14. Managing Risk 15. Regulatory and Compliance 16. Some Final Thoughts 17. Other Books You May Enjoy
18. Index

Preface

I’m excited to bring to you Resilient Cybersecurity: Reconstruct your defense strategy in an evolving cyber world, which addresses the need for a more robust cybersecurity program for every organization. Every organization should be assessing the current state of their cybersecurity program to ensure that it continues to evolve to meet the needs of today’s ongoing cybersecurity threats. We are in a place where organizations still do not have a dedicated cybersecurity program in place. Unfortunately, this is no longer acceptable, and the risk of a major cybersecurity incident or breach increases significantly. Having a mature cybersecurity program in place doesn’t guarantee that you will not suffer a major cybersecurity incident or breach, but having a mature program in place will reduce the risk and potential impact of a major cybersecurity incident or breach. More importantly, it will best prepare your organization on how to efficiently respond when a major cybersecurity incident occurs. The reality is, it is only matter of ‘when’ and not ‘if’ a major cybersecurity incident or breach occurs.

The idea behind this book is to provide a foundation for your organization’s cybersecurity program that is all-inclusive and can serve as a reference for any organization. The hope with this book is that you can take something meaningful away, even if it is just one piece of information that can be applied to support your cybersecurity program whether you are just getting started, or if you already have one in place. The principles in this book may not necessarily be the same as the ones you have in place today, but I am sharing the knowledge I have gained over the years from building a cybersecurity program from the ground up. The end goal is to share as much knowledge as possible with the optimism that we continue to work together and collaborate as one unified front to better protect the confidentiality, integrity, and availability (also known as the CIA triad) of the data and information being stored and accessed within our organizations.

One area we address in more detail is how critical the CISO role has become within the organization, quickly becoming a figure of significance in a very short period of time, and a role that every organization needs to have in place.

The CISO role continues to evolve at a very fast pace from one that traditionally focused more on the technical controls to protect an organization to a much broader risk-based role that needs to interact with every part of the business. With this evolution, we are entering a new generation and era for the CISO with new and expanded responsibilities and expectations, that of the CISO v2.0. As part of this evolving role, the CISO is not only expected to be technical in nature, but more of a business acumen who is integrated into every part of the business and is able to translate technical risk into more quantifiable and business terms for the leadership teams including the Board of Directors (BoD).

It is also important for today’s CISO to effectively ensure that accountability for cybersecurity is appropriately distributed across the organization, rather than being solely the responsibility of the CISO. Accountability sits at the top of an organization, more specifically with the executive leadership team and the BoD.

It is important to acknowledge that we have come to a critical point with cybersecurity, and it does not look like it is going to get any easier anytime soon. Threat actors are making substantial profits from cybercrime and businesses have been formed to support these ongoing efforts. With the world we live in becoming more interconnected with the advancement of technology and the internet, preventing these crimes has become extremely complex because of cross-border challenges with differing laws and conflicts. Because of this, we all need to focus on the theme of cybersecurity culture for our users, not just within the organization but for everyone’s everyday lives. Cybersecurity should not be an afterthought proceeding forward, but a concept that is engrained in everyone’s mindset with everything they do, including their personal lives. With a cybersecurity culture comes a shared responsibility that we all must hold ourselves accountable for. Everyone MUST take responsibility for the protection of the information they are responsible for within an organization in addition to the information they must protect for their personal lives.

lock icon The rest of the chapter is locked
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime