"This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot.
It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read."—Thomas A. Stewart, Executive Director, National Center for the Middle Market and Co-Author of Woo, Wow, and Win: Service Design, Strategy, and the Art of Customer Delight
Get answers to all your cybersecurity questions
In 2016, we reached a tipping point—a moment where the global and local implications of cybersecurity became undeniable. Despite the seriousness of the topic, the term "cybersecurity" still exasperates many people. They feel terrorized and overwhelmed. The majority of business people have very little understanding of cybersecurity, how to manage it, and what's really at risk.
This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles and responsibilities, this book walks the reader through each step of developing and implementing a cybersecurity program. Read cover-to-cover, it’s a thorough overview, but it can also function as a useful reference book as individual questions and difficulties arise.
- Unlike other cybersecurity books, the text is not bogged down with industry jargon
- Speaks specifically to the executive who is not familiar with the development or implementation of cybersecurity programs
- Shows you how to make pragmatic, rational, and informed decisions for your organization
- Written by a top-flight technologist with decades of experience and a track record of success
If you’re a business manager or executive who needs to make sense of cybersecurity, this book demystifies it for you.
About The Author xiii
CHAPTER 1 Understanding Risk 1
CHAPTER 2 Everything You Always Wanted to Know About Tech (But Were Afraid to Ask Your Kids) 9
CHAPTER 3 A Cybersecurity Primer 15
CHAPTER 4 Management, Governance, and Alignment 47
CHAPTER 5 Your Cybersecurity Program: A High-Level Overview 67
CHAPTER 6 Assets 81
CHAPTER 7 Threats 95
CHAPTER 8 Vulnerabilities 105
CHAPTER 9 Environments 113
CHAPTER 10 Controls 131
CHAPTER 11 Incident-Response Planning 147
CHAPTER 12 People 163
CHAPTER 13 Living Cybersecure! 175
Appendix: Clear And Present Danger 195