Description
Taylor & Francis Cyber Strategy Risk-Driven Security And Resiliency by Carol A. Siegel and Mark Sweeney
Cyber Strategy: Risk-Driven Security and Resiliency provides a process and roadmap for any company to develop its unified Cybersecurity and Cyber Resiliency strategies. It demonstrates a methodology for companies to combine their disassociated efforts into one corporate plan with buy-in from senior management that will efficiently utilize resources, target high risk threats, and evaluate risk assessment methodologies and the efficacy of resultant risk mitigations. The book discusses all the steps required from conception of the plan from preplanning (mission/vision, principles, strategic objectives, new initiatives derivation), project management directives, cyber threat and vulnerability analysis, cyber risk and controls assessment to reporting and measurement techniques for plan success and overall strategic plan performance. In addition, a methodology is presented to aid in new initiative selection for the following year by identifying all relevant inputs.Tools utilized include:Key Risk Indicators (KRI) and Key Performance Indicators (KPI)National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) Target State Maturity interval mapping per initiativeComparisons of current and target state business goals and critical success factorsA quantitative NIST-based risk assessment of initiative technology components Responsible, Accountable, Consulted, Informed (RACI) diagrams for Cyber Steering Committee tasks and Governance Boards' approval processesSwimlanes, timelines, data flow diagrams (inputs, resources, outputs), progress report templates, and Gantt charts for project management The last chapter provides downloadable checklists, tables, data flow diagrams, figures, and assessment tools to help develop your company's cybersecurity and cyber resiliency strategic plan. Chapter 1 Why Cybersecurity and Cyber Resiliency Strategies Are Mandatory for Organizations TodayChapter 2 The 6 Steps in Developing and Maintaining a Cybersecurity and Cyber Resiliency StrategyChapter 3 Strategy Project ManagementChapter 4 Cyber Threats, Vulnerabilities, and Intelligence AnalysisChapter 5 Cyber Risks and ControlsChapter 6 Current and Target State AssessmentsChapter 7 Measuring Strategic Plan Performance and End of Year (EoY) TasksChapter 8 Checklists and Templates to Help Create an Enterprise-wide Cybersecurity and Cyber Resiliency Strategy