Skip to main content
Apress

Rational Cybersecurity for Business

The Security Leaders' Guide to Business Alignment

  • Book
  • Open Access
  • © 2020

You have full access to this open access Book

Overview

  • The first comprehensive field guide to cybersecurity-business alignment
  • Focuses on six areas to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience
  • Includes more than 50 keys to alignment and advice on how to scale them for businesses of different types and sizes

Buy print copy

Softcover Book USD 44.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

') var buybox = document.querySelector("[data-id=id_"+ timestamp +"]").parentNode var buyboxMaxSingleColumnWidth = 480 // springerPlus roll out 10% starts here var springerPlusGroup = setLocalStorageSpringerPlus(); var rollOutSpringerPlus = springerPlusGroup === "B" function setLocalStorageSpringerPlus() { var selectUserKey = "springerPlusRollOut"; var springerPlusGroup = "X"; if (!window.localStorage) return springerPlusGroup; try { var selectUserValue = window.localStorage.getItem(selectUserKey) springerPlusGroup = selectUserValue || randomDistributionSpringerPlus(selectUserKey) } catch (err) { console.log(err) } return springerPlusGroup; } function randomDistributionSpringerPlus(selectUserKey) { var randomGroup = Math.random() < 0.7 ? "A" : "B" window.localStorage.setItem(selectUserKey, randomGroup) return randomGroup } if (rollOutSpringerPlus) { revealSpringerPlus(); } function revealSpringerPlus() { if(buybox) { document.querySelectorAll(".c-springer-plus").forEach(function(node) { node.style.display = "block" }) } } //springerPlus ends here ;[].slice.call(buybox.querySelectorAll(".buying-option")).forEach(initCollapsibles) function initCollapsibles(buyingOption, index) { var toggle = buyingOption.querySelector(".buying-option-price") buyingOption.classList.remove("expanded") var form = buyingOption.querySelector(".buying-option-form") var priceInfo = buyingOption.querySelector(".price-info") if (toggle && form && priceInfo) { toggle.setAttribute("role", "button") toggle.setAttribute("tabindex", "0") toggle.addEventListener("click", function (event) { var expandedBuyingOptions = buybox.querySelectorAll(".buying-option.expanded") var buyboxWidth = buybox.offsetWidth ;[].slice.call(expandedBuyingOptions).forEach(function(option) { if (buyboxWidth <= buyboxMaxSingleColumnWidth && option != buyingOption) { hideBuyingOption(option) } }) var expanded = toggle.getAttribute("aria-expanded") === "true" || false toggle.setAttribute("aria-expanded", !expanded) form.hidden = expanded if (!expanded) { buyingOption.classList.add("expanded") } else { buyingOption.classList.remove("expanded") } priceInfo.hidden = expanded }, false) } } function hideBuyingOption(buyingOption) { var toggle = buyingOption.querySelector(".buying-option-price") var form = buyingOption.querySelector(".buying-option-form") var priceInfo = buyingOption.querySelector(".price-info") toggle.setAttribute("aria-expanded", false) form.hidden = true buyingOption.classList.remove("expanded") priceInfo.hidden = true } function initKeyControls() { document.addEventListener("keydown", function (event) { if (document.activeElement.classList.contains("buying-option-price") && (event.code === "Space" || event.code === "Enter")) { if (document.activeElement) { event.preventDefault() document.activeElement.click() } } }, false) } function initialStateOpen() { var buyboxWidth = buybox.offsetWidth var narrowBuyboxArea = buyboxWidth <= buyboxMaxSingleColumnWidth var allOptionsInitiallyCollapsed = buybox.className.indexOf("all-options-initially-collapsed") > -1 ;[].slice.call(buybox.querySelectorAll(".buying-option")).forEach(function (option, index) { var toggle = option.querySelector(".buying-option-price") var form = option.querySelector(".buying-option-form") var priceInfo = option.querySelector(".price-info") if (allOptionsInitiallyCollapsed || narrowBuyboxArea && index > 0) { toggle.setAttribute("aria-expanded", "false") form.hidden = "hidden" priceInfo.hidden = "hidden" } else { toggle.click() } }) } initialStateOpen() if (window.buyboxInitialised) return window.buyboxInitialised = true initKeyControls() })()

About this book

Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team.

Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. 

Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges.

This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included.



What You Will Learn

  • Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy
  • Develop a consistent accountability model, information risk taxonomy, and risk management framework
  • Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend
  • Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets
  • Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more
  • Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities
  • Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger
  • Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan



Who This Book Is For

Chief Information Security Officers (CISOs)and other heads of security, security directors and managers, security architects and project leads, and other team members providing security leadership to your business



Similar content being viewed by others

Keywords

Table of contents (10 chapters)

Authors and Affiliations

  • Silver Spring, USA

    Dan Blum

About the author

Dan Blum is an internationally recognized cybersecurity and risk management strategist. He is a former Golden Quill Award-winning VP, Distinguished Analyst at Gartner, Inc., and has served as the de facto head of security for startups and consulting companies. He's advised hundreds of corporations, universities, and government organizations, and currently partners with top media, analyst firms, and clients to produce cybersecurity thought leadership research and to deliver cybersecurity workshops and coaching for security leaders.    



Bibliographic Information

  • Book Title: Rational Cybersecurity for Business

  • Book Subtitle: The Security Leaders' Guide to Business Alignment

  • Authors: Dan Blum

  • DOI: https://doi.org/10.1007/978-1-4842-5952-8

  • Publisher: Apress Berkeley, CA

  • eBook Packages: Professional and Applied Computing, Apress Access Books, Professional and Applied Computing (R0)

  • Copyright Information: Dan Blum 2020

  • Softcover ISBN: 978-1-4842-5951-1Published: 13 August 2020

  • eBook ISBN: 978-1-4842-5952-8Published: 12 August 2020

  • Edition Number: 1

  • Number of Pages: XXVI, 333

  • Number of Illustrations: 102 b/w illustrations

  • Topics: Security

Publish with us

Navigation