The Cybersecurity Guide to Governance, Risk, and Compliance - Jason Edwards, Griffin Weaver

Blick ins Buch

The Cybersecurity Guide to Governance, Risk, and Compliance (eBook)

Jason Edwards, Griffin Weaver (Autoren)

eBook Download: EPUB

2024
1100 Seiten
John Wiley & Sons (Verlag)
978-1-394-25020-2 (ISBN)

Lese- und Medienproben

Ebook-Leseprobe (EPUB)

The Cybersecurity Guide to Governance, Risk, and Compliance Understand and respond to a new generation of cybersecurity threats Cybersecurity has never been a more significant concern of modern businesses, with security breaches and confidential data exposure as potentially existential risks. Managing these risks and maintaining compliance with agreed-upon cybersecurity policies is the focus of Cybersecurity Governance and Risk Management. This field is becoming ever more critical as a result. A wide variety of different roles and categories of business professionals have an urgent need for fluency in the language of cybersecurity risk management. The Cybersecurity Guide to Governance, Risk, and Compliance meets this need with a comprehensive but accessible resource for professionals in every business area. Filled with cutting-edge analysis of the advanced technologies revolutionizing cybersecurity, increasing key risk factors at the same time, and offering practical strategies for implementing cybersecurity measures, it is a must-own for CISOs, boards of directors, tech professionals, business leaders, regulators, entrepreneurs, researchers, and more. The Cybersecurity Guide to Governance, Risk, and Compliance also covers: Over 1300 actionable recommendations found after each section Detailed discussion of topics including AI, cloud, and quantum computing More than 70 ready-to-use KPIs and KRIs "e;This guide s coverage of governance, leadership, legal frameworks, and regulatory nuances ensures organizations can establish resilient cybersecurity postures. Each chapter delivers actionable knowledge, making the guide thorough and practical."e; GARY McALUM, CISO "e;This guide represents the wealth of knowledge and practical insights that Jason and Griffin possess. Designed for professionals across the board, from seasoned cybersecurity veterans to business leaders, auditors, and regulators, this guide integrates the latest technological insights with governance, risk, and compliance (GRC)"e;. WIL BENNETT, CISO

Dr. Jason Edwards, DM, CISSP, CRISC, is an esteemed cybersecurity expert and accomplished industry leader with over 25 years in cybersecurity, risk, and compliance, backed by a specialized doctorate in Cybersecurity Regulatory Risk and Compliance. A prolific educator and influencer, Dr. Edwards contributes as an Adjunct Cyber Professor at multiple universities and is recognized as a leading cybersecurity voice on LinkedIn. His portfolio includes many publications, including the notable Cyber Spear educational newsletter. In addition to his remarkable professional achievements, Dr. Edwards proudly served as a distinguished combat veteran and premier military cyber officer. Griffin Weaver, JD, serves as the Managing Legal Director at a renowned technology company and is also a respected Adjunct Professor specializing in Cybersecurity Law. With a rich background encompassing various technical and managerial roles in IT, Griffin seamlessly transitioned into a flourishing legal career after earning his law degree from the University of Utah. As an acknowledged thought leader, Griffin has enhanced the domain with his scholarly contributions through numerous articles. He is a sought-after speaker renowned for his insightful presentations at cybersecurity conferences.

Purpose of the Book xvii

Target Audience xix

Structure of the Book xxi

Foreword by Wil Bennett xxiii

Foreword by Gary McAlum xxv

Chapter 1 Governance, Risk Management, and Compliance 1

Chapter 2 The Landscape of Cybersecurity 19

Chapter 3 Cybersecurity Leadership: Insights and Best Practices 33

Chapter 4 Cybersecurity Program and Project Management 53

Chapter 5 Cybersecurity for Business Executives 69

Chapter 6 Cybersecurity and the Board of Directors 87

Chapter 7 Risk Management 109

Chapter 8 The NIST Risk Management Framework 131

Chapter 9 Cybersecurity Metrics 151

Chapter 10 Risk Assessments 171

Chapter 11 NIST Cybersecurity Framework 191

Chapter 12 Cybersecurity Frameworks 209

Chapter 13 NIST SP 800-53: Security and Privacy Controls Framework 231

Chapter 14 The FFIEC: An Introduction 245

Chapter 15 U.S. Federal Cybersecurity Regulations 267

Chapter 16 State-level Cybersecurity Regulations 287

Chapter 17 International Cybersecurity Laws and Regulations 299

Chapter 18 Privacy Laws and Their Intersection with Cybersecurity 315

Chapter 19 Auditing Cybersecurity: Guides for Auditors and the Audited 333

Chapter 20 The Challenging Role of the Regulator 355

Chapter 21 Understanding US Regulatory Bodies 377

Chapter 22 Managing Regulatory Visits and Requests for Information 395

Chapter 23 Understanding Regulatory Penalties 409

Chapter 24 Addressing and Remediating Regulatory Findings 429

Chapter 25 Cybersecurity Architecture 445

Chapter 26 Risk Mitigation 463

Chapter 27 Cloud Security 481

Chapter 28 Artificial Intelligence in Cybersecurity 497

Chapter 29 Quantum Computing: A New Frontier 511

Chapter 30 Incident Response and Recovery 521

Chapter 31 Navigating the Cyber Insurance Maze 541

Glossary 549

Cybersecurity Resources 555

Ready to Use KPI Examples 567

Ready to Use KRI Examples 599

The End 631

Index 633

Erscheint lt. Verlag	19.3.2024
Sprache	englisch
Themenwelt	Mathematik / Informatik ► Informatik ► Netzwerke
Themenwelt	Technik ► Elektrotechnik / Energietechnik
Schlagworte	Artificial Intelligence (A.I.) • Audit • Business & Management • cloud computing security • Communication System Security • Compliance • Computer Science • Corporate Governance • cyber insurance • cybersecurity • Electrical & Electronics Engineering • Elektrotechnik u. Elektronik • Governance • GRC • Incident Response and Recovery • Informatik • Leadership • legal • Networking / Security • Netzwerke • Netzwerke / Sicherheit • privacy • Quantum Computing Security • Regulatory frameworks • Risk Management • Sicherheit in Kommunikationssystemen • Technology Design and Security Integration • Third-Party and Vendor Management • Unternehmensführung • Wirtschaft u. Management
ISBN-10	1-394-25020-7 / 1394250207
ISBN-13	978-1-394-25020-2 / 9781394250202

Haben Sie eine Frage zum Produkt?

EPUB (Adobe DRM)
Größe: 2,0 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.