You are previewing Cybersecurity for Executives: A Practical Guide.
O'Reilly logo
Cybersecurity for Executives: A Practical Guide

Book Description

Practical guide that can be used by executives to make well-informed decisions on cybersecurity issues to better protect their business

  • Emphasizes, in a direct and uncomplicated way, how executives can identify, understand, assess, and mitigate risks associated with cybersecurity issues

  • Covers 'What to Do When You Get Hacked?' including Business Continuity and Disaster Recovery planning, Public Relations, Legal and Regulatory issues, and Notifications and Disclosures

  • Provides steps for integrating cybersecurity into Strategy; Policy and Guidelines; Change Management and Personnel Management

  • Identifies cybersecurity best practices that executives can and should use both in the office and at home to protect their vital information

  • Table of Contents

    1. COVER
    2. TITLE PAGE
    3. COPYRIGHT PAGE
    4. DEDICATION PAGE
    5. FOREWORD
    6. PREFACE
    7. ACKNOWLEDGMENTS
    8. 1.0 INTRODUCTION
      1. 1.1 DEFINING CYBERSECURITY
      2. 1.2 CYBERSECURITY IS A BUSINESS IMPERATIVE
      3. 1.3 CYBERSECURITY IS AN EXECUTIVE-LEVEL CONCERN
      4. 1.4 QUESTIONS TO ASK
      5. 1.5 VIEWS OF OTHERS
      6. 1.6 CYBERSECURITY IS A FULL-TIME ACTIVITY
    9. 2.0 WHY BE CONCERNED?
      1. 2.1 A CLASSIC HACK
      2. 2.2 WHO WANTS YOUR FORTUNE?
      3. 2.3 NATION-STATE THREATS
      4. 2.4 CYBERCRIME IS BIG BUSINESS
      5. 2.5 SUMMARY
    10. 3.0 MANAGING RISK
      1. 3.1 WHO OWNS RISK IN YOUR BUSINESS?
      2. 3.2 WHAT ARE YOUR RISKS?
      3. 3.3 CALCULATING YOUR RISK
      4. 3.4 COMMUNICATING RISK
      5. 3.5 ORGANIZING FOR SUCCESS
      6. 3.6 SUMMARY
    11. 4.0 BUILD YOUR STRATEGY
      1. 4.1 HOW MUCH “CYBERSECURITY” DO I NEED?
      2. 4.2 THE MECHANICS OF BUILDING YOUR STRATEGY
      3. 4.3 AVOIDING STRATEGY FAILURE
      4. 4.4 WAYS TO INCORPORATE CYBERSECURITY INTO YOUR STRATEGY
      5. 4.5 PLAN FOR SUCCESS
      6. 4.6 SUMMARY
    12. 5.0 PLAN FOR SUCCESS
      1. 5.1 TURNING VISION INTO REALITY
      2. 5.2 POLICIES COMPLEMENT PLANS
      3. 5.3 PROCEDURES IMPLEMENT PLANS
      4. 5.4 EXERCISE YOUR PLANS
      5. 5.5 LEGAL COMPLIANCE CONCERNS
      6. 5.6 AUDITING
      7. 5.7 SUMMARY
    13. 6.0 CHANGE MANAGEMENT
      1. 6.1 WHY MANAGING CHANGE IS IMPORTANT
      2. 6.2 WHEN TO CHANGE?
      3. 6.3 WHAT IS IMPACTED BY CHANGE?
      4. 6.4 CHANGE MANAGEMENT AND INTERNAL CONTROLS
      5. 6.5 CHANGE MANAGEMENT AS A PROCESS
      6. 6.6 BEST PRACTICES IN CHANGE MANAGEMENT
      7. 6.7 SUMMARY
    14. 7.0 PERSONNEL MANAGEMENT
      1. 7.1 FINDING THE RIGHT FIT
      2. 7.2 CREATING THE TEAM
      3. 7.3 ESTABLISHING PERFORMANCE STANDARDS
      4. 7.4 ORGANIZATIONAL CONSIDERATIONS
      5. 7.5 TRAINING FOR SUCCESS
      6. 7.6 SPECIAL CONSIDERATIONS FOR CRITICAL INFRASTRUCTURE PROTECTION
      7. 7.7 SUMMARY
    15. 8.0 PERFORMANCE MEASURES
      1. 8.1 WHY MEASURE?
      2. 8.2 WHAT TO MEASURE?
      3. 8.3 METRICS AND THE C-SUITE
      4. 8.4 THE EXECUTIVE CYBERSECURITY DASHBOARD
      5. 8.5 SUMMARY
    16. 9.0 WHAT TO DO WHENYOU GET HACKED
      1. 9.1 HACKERS ALREADY HAVE YOU UNDER SURVEILLANCE
      2. 9.2 THINGS TO DO BEFORE IT’S TOO LATE: PREPARING FOR THE HACK
      3. 9.3 WHAT TO DO WHEN BAD THINGS HAPPEN: IMPLEMENTING YOUR PLAN
      4. 9.4 FOOT STOMPERS
      5. 9.5 FOOL ME ONCE…
      6. 9.6 SUMMARY
    17. 10.0 BOARDROOM INTERACTIONS
    18. APPENDIX A: POLICIES
    19. APPENDIX B: GENERAL RULES FOR EMAIL ETIQUETTE
    20. GLOSSARY
    21. SELECT BIBLIOGRAPHY
    22. INDEX
    23. END USER LICENSE AGREEMENT