You are previewing Managing Online Risk.
O'Reilly logo
Managing Online Risk

Book Description

In recent years, building a corporate online presence has become nonnegotiable for businesses, as consumers expect to connect with them in as many ways as possible. There are benefits to companies that use online technology, but there are risks as well. Managing Online Risk presents the tools and resources needed to better understand the security and reputational risks of online and digital activity, and how to mitigate those risks to minimize potential losses.

Managing Online Risk highlights security and risk management best practices that address concerns such as data collection and storage, liability, recruitment, employee communications, compliance violations, security of devices (in contexts like mobile, apps, and cloud computing), and more. Additionally, this book offers a companion website that was developed in parallel with the book and includes the latest updates and resources for topics covered in the book.



  • Explores the risks associated with online and digital activity and covers the latest technologies, such as social media and mobile devices
  • Includes interviews with risk management experts and company executives, case studies, checklists, and policy samples
  • A website with related content and updates (including video) is also available

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. About the Author
  6. Online Resources
  7. Introduction
  8. Chapter 1. Risk Management Digital Style
    1. Risk management models
    2. Best practices for incident response
    3. BONUS: ten IT security myths
    4. Security/risk management apps
  9. Chapter 2. Internal and External Risks
    1. Internal risks
    2. Internal risk 1: security perception, priority, and budget
    3. Internal risk 2: traditional and shadow IT
    4. Internal risk 3: mobile
    5. Internal risk 4: people
    6. External risks
    7. External risk 1: technology advances
    8. External risk 2: cloud storage
    9. External risk 3: hacking
    10. External risk 4: regulation
    11. External risk 5: natural disasters and squirrels
  10. Chapter 3. Reputation and Identity
    1. Reputation
    2. Reputational risks
    3. Defining identity
    4. Digital identity
    5. Legal identity
    6. Executive identity
    7. Corporate identity: The BRAND
    8. Value and worth of identity
    9. Identity versus reputation
    10. Protecting identity
    11. Protecting reputation
  11. Chapter 4. The New Workforce
    1. Employment cycle
    2. Who is the workforce?
    3. Millennials
    4. Recruitment
    5. Hiring
    6. Employment
    7. Termination
    8. Other
  12. Chapter 5. Big Data
    1. Data cycle
    2. Data management plans
    3. Data classification
    4. Data access
    5. Data analytics
    6. Protecting data: backup
    7. Losing data
    8. Data recovery
    9. Privacy: to use or not to use data dilemma
    10. Protecting against liability for data/privacy loss
    11. Data surveillance
    12. Dictatorship of data
  13. Chapter 6. Approaches to content
    1. Content marketing versus content management
    2. Different audiences, different content
    3. Myths of content marketing and content management
    4. Benefits of the content approach
    5. Intellectual property rights, risks, and content
    6. IP cycle
    7. Copyrights
    8. Digital Millennium Copyright Act
    9. Fair use doctrine
    10. International IP concerns
    11. Creative Commons license
    12. A couple of digital concerns for copyrights
    13. Trademarks
    14. Trademark and gripe sites
    15. Trademark and reputational risks
    16. Trade secrets
    17. Patents
    18. Technology development
    19. IP other risks
    20. IP valuation
    21. IP legislation
  14. Chapter 7. Compliance
    1. Who needs to be compliant?
    2. General compliance: disclosures
    3. General compliance: disclaimers
    4. General compliance: human resources
    5. Financial Institutions
    6. Health Care and Medical Institutions
    7. Higher education (FERPA)
    8. Professional Trade Oversight and Organizations: Mobile
    9. Other Federal Agencies
    10. Federal legislation
    11. State legislation
    12. Compliance oversight
    13. Compliance training
  15. Chapter 8. Currency and Campaigns
    1. Online banking
    2. E-payments convert to M-payments
    3. Virtual currency
    4. Digital currency
    5. Bitcoin
    6. Beyond bitcoins
    7. Crowdfunding
    8. Online microfinancing
    9. Online charitable donations and fundraising
    10. Future of money
    11. Digital political campaigns
    12. Digital advocacy
    13. Digital lobbying
    14. Risk and security of online politics
  16. Chapter 9. Digital Succession
    1. Succession planning
    2. Information technology security shortage
    3. The next generation of InfoSec Pro
    4. Women in Infosec
    5. Cybersecurity simulations
    6. Digital legacy
    7. Digital assets
    8. Digital afterlife
    9. Digital expiration
    10. Digital immortality
  17. Chapter 10. The Future of Online Security
    1. The future: unpredictable
    2. The future: four scenarios
    3. Monitored Man
    4. Bicentennial man revisited
    5. Credential verification
    6. Big Data
  18. Index