"This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot.

It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read."
--Thomas A. Stewart, Executive Director, National Center for the Middle Market and Co-Author of Woo, Wow, and Win: Service Design, Strategy, and the Art of Customer Delight

Get answers to all your cybersecurity questions

In 2016, we reached a tipping point--a moment where the global and local implications of cybersecurity became undeniable. Despite the seriousness of the topic, the term "cybersecurity" still exasperates many people. They feel terrorized and overwhelmed. The majority of business people have very little understanding of cybersecurity, how to manage it, and what's really at risk.

This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles and responsibilities, this book walks the reader through each step of developing and implementing a cybersecurity program. Read cover-to-cover, it's a thorough overview, but it can also function as a useful reference book as individual questions and difficulties arise.

* Unlike other cybersecurity books, the text is not bogged down with industry jargon

* Speaks specifically to the executive who is not familiar with the development or implementation of cybersecurity programs

* Shows you how to make pragmatic, rational, and informed decisions for your organization

* Written by a top-flight technologist with decades of experience and a track record of success

If you're a business manager or executive who needs to make sense of cybersecurity, this book demystifies it for you.

CHRIS MOSCHOVITIS is the founder of tmg-emedia, a consultancy focused on providing independent technology and cybersecurity management expertise, development, and outsourcing services. It is one of the premier independent consulting firms in the country. He is sought after by private industry, government, and nonprofits for his ability to explain complex IT and cybersecurity topics to executives.

Klappentext

Praise for Cybersecurity Program Development for Business

"This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot.

It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read."

"In my days as a Commanding Officer of U. S. Coast Guard ships at sea, I developed a deeply held respect for the notion of preparing well so as to perform well. Chris Moschovitis challenges a new generation to embrace that philosophy. He encourages us to recognize how overwhelming the flood of guidance and advice can be to leaders in either business or government especially when the topic seems more difficult to understand every day. Chris reaches backward into his own experience and lessons learned to design a practical approach to protecting the things for which those leaders are responsible. This book is not Cybersecurity for Dummies. Rather, it offers the insights and pathways important to those willing to do the hard work up front that will enable them to succeed when it counts.

Indeed, Preparation Equals Performance."

"Cybersecurity Program Development for Business by Chris Moschovitis is a great addition to any executive's library of practical, how-to books on a cutting-edge (even bleeding-edge) topic how to secure your organization's cyber resilience.

The book acts not only as a primer but as a deeply knowledgeable and even entertaining resource full of useful examples and guidance. In this age of simultaneous hyper-transparency and hyper-opacity, it is critical that all executives and boards become at least conversant in what is going on in cyber this book gives them that helpful roadmap."

Dr. Andrea Bonime-Blanc, CEO and Founder, GEC Risk Advisory, Co-Author of The Artificial Intelligence Imperative: A Practical Roadmap for Business (Praeger 2018)

"An amazing, holistic, practical, accessible and enlightening view on cybersecurity acting as a business enabler. For those who believe that stakeholder trust is a must for their business in today's data-driven world. For security and technology professionals who need to talk business. And, for executives that need to talk cyber. An essential guide for both.

Dr. Christos K. Dimitriadis, ISACA Board Chair 2015-2017, CISO Intralot

Cybersecurity Program Development for Business offers executives a rare look into the cybersecurity world in a pragmatic and jargon-free manner. Chris Moschovitis shows us how cyber enables rather than constrains business. It's refreshing to find a book on this subject that could easily become the must-have for an executive's desk!

Jo Stewart-Rattray, CISM CGEIT CISA CRISC CP, Director of Information Security & IT Assurance, BRM Holdich, Director, International Board of Directors, ISACA

A must-read book by an experienced practitioner and respected cyber security strategist. Chris Moschovitis provides an extraordinarily clear-eyed and concise perspective on the challenges of developing and executing cyber-security strategies in complex real-world environments. His deep understanding and keen insight create a valuable book that is both practical and actionable. Cyber-attacks have become ubiquitous; buy this book if you want to avoid becoming an easy target.

Mike Barlow, Author of Learning to Love Data Science, Co-author of Partnering with the CIO and Smart Cities, Smart Future

Chris Moschovitis provides relief to business leaders from cybersecurity-in...

Inhalt

Foreword vii

Preface xi

About The Author xiii

Acknowledgments xv

CHAPTER 1 Understanding Risk 1

CHAPTER 2 Everything You Always Wanted to Know About Tech (But Were Afraid to Ask Your Kids) 9

CHAPTER 3 A Cybersecurity Primer 15

CHAPTER 4 Management, Governance, and Alignment 47

CHAPTER 5 Your Cybersecurity Program: A High-Level Overview 67

CHAPTER 6 Assets 81

CHAPTER 7 Threats 95

CHAPTER 8 Vulnerabilities 105

CHAPTER 9 …