You know by now that your company could not survive without the Internet. Not in today’s market. You are either part of the digital economy or reliant upon it. With critical information assets at risk, your company requires a state-of-the-art cybersecurity program. But how do you achieve the best possible program? Tari Schreider, in Building Effective Cybersecurity Programs: A Security Manager’s Handbook, lays out the step-by-step roadmap to follow as you build or enhance your cybersecurity program.
Security practitioners now have a comprehensive blueprint to build their cybersecurity programs. Building an Effective Cybersecurity Program (2nd Edition) instructs professionals such as, security architects, security managers, and security engineers on how to properly construct effective cybersecurity programs. The book further details how using contemporary architectures, frameworks, and models helps professionals in the field construct more efficient programs. This comprehensive book is also the result of the author’s professional experience and involvement in designing and deploying hundreds of cybersecurity programs. The extensive content includes:
- Recommended design approaches
- Program structure
- Cybersecurity technologies
- Threat and intelligence capabilities
- Risk management
- Service management
- …and much more!
The book is presented as a practical roadmap detailing each step required for you to build your effective cybersecurity program. For instance, it provides many design templates to assist in program builds and all chapters also include self-study questions to gauge your progress. Building An Effective Cybersecurity Program (2nd Edition) is your single source reference for building effective cybersecurity programs!
Building an Effective Cybersecurity Program: 2nd Edition is also organized around the six main steps on the roadmap that will put your cybersecurity program in place:
- Design a Cybersecurity Program
- Establish a Foundation of Governance
- Build a Threat, Vulnerability Detection, and Intelligence Capability
- Build a Cyber Risk Management Capability
- Implement a Defense-in-Depth Strategy
- Apply Service Management to Cybersecurity Programs
Because Schreider has researched and analyzed over 150 cybersecurity architectures, frameworks, and models he has saved you hundreds of hours of research. He sets you up for success by talking to you directly as a friend and colleague and then uses practical examples that are clear and concise. For example, his book lays out specific instructions that will help you to:
- Identify the proper cybersecurity program roles and responsibilities.
- Classify assets and identify vulnerabilities.
- Define an effective cybersecurity governance foundation.
- Evaluate the top governance frameworks and models.
- Automate your governance program to make it more effective.
- Integrate security into your application development process.
- Apply defense-in-depth as a multi-dimensional strategy.
- Implement a service management approach to implementing countermeasures.
With this new 2nd edition of this handbook, you can move forward confidently, trusting that Schreider is recommending the best and most important components of a cybersecurity program for you. In addition, the book provides hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies
An IT security program that is effective for your organization
Whether you are a new manager or current manager involved in your organization’s cybersecurity program, this book will answer many questions you have on what is involved in building a program. You will also be able to get up to speed quickly on program development practices and have a roadmap to follow in building or improving your organization’s cybersecurity program. If you are new to cybersecurity in the short period of time it will take you to read this book, you can be the smartest person in the room grasping the complexities of your organization’s cybersecurity program. If you are a manager already involved in your organization’s cybersecurity program, you have much to gain from reading this book. This book will become your go to field manual guide to further enhance your program decisions.