Stepping Through Cybersecurity Risk Management : A Systems Thinking Approach 9781394213979, 9781394213955

Stepping Through Cybersecurity Risk Management Authoritative resource delivering the professional practice of cybersecur

140 57 18MB

English Year 2024

Report DMCA / Copyright

DOWNLOAD EPUB FILE

Table of contents :
Cover
Title Page
Copyright Page
Contents
Foreword
Preface
Acknowledgements
About the Companion Website
Chapter 1 Framework Elements
References
Chapter 2 Threats
2.1 Threat Actors
2.1.1 Hackivists
2.1.2 Insiders
2.1.3 Hacker
2.1.4 Competitors
2.1.5 Lone Wolf
2.2 Threat Networks
2.2.1 Example: Identity Theft
2.2.2 Zero-Day Threats
2.3 Threat Vectors
References
Chapter 3 Events
3.1 Event Classification
3.2 Event Prevention
3.3 Detection and Response
3.4 Event Scenarios
References
Chapter 4 Controls
4.1 Risk Appetite
4.2 Policy
4.2.1 Security Principles
4.2.2 Formality
4.3 Process
4.4 Standards
4.4.1 Internal Standards
4.4.2 External Standards
4.4.3 Security Architecture
4.5 Procedures
4.6 Guidelines
References
Chapter 5 Assessments
5.1 Standards Adherence
5.2 Risk and Control Self Assessment
5.3 Pentests and Vulnscans
5.4 Audits
5.5 Spot Checks
References
Chapter 6 Issues
6.1 Issue Identification
6.2 Classification
6.3 Criteria and Remediation
References
Chapter 7 Metrics
7.1 Measuring Cybersecurity
7.2 From Measures to Metrics
7.3 Key Risk Indicators
References
Chapter 8 People
8.1 Three Lines of Defense
8.2 The Cybersecurity Team
8.3 Enterprise Management
8.4 Framework Element Owners
References
Chapter 9 Risks
9.1 Risk Categories
9.2 Risk Treatment
9.2.1 Controls
9.2.2 Transfer
9.2.3 Avoidance
9.2.4 Acceptance
9.3 Risk Appetite
9.4 Risk Tolerance
9.5 Probability Measurement
References
Chapter 10 Analysis
10.1 Reports and Studies
10.2 Safety Analogies
10.3 Decision Support
10.4 Conclusion
References
Appendix: Exercises in FrameCyber
Chapter 1 Framework Elements
A True/False Questions
B Multiple Choice
C Essay
Chapter 2 Threats
A True/False Questions
B Multiple Choice
C Essay
Chapter 3 Events
A True/False Questions
B Multiple Choice
C Essay
Chapter 4 Controls
A True/False Questions
B Multiple Choice
C Essay
Chapter 5 Assessments
A True/False Questions
B Multiple Choice
C Essay
Chapter 6 Issues
A True/False Questions
B Multiple Choice
C Essay
Chapter 7 Metrics
A True/False Questions
B Multiple Choice
C Essay
Chapter 8 People
A True/False Questions
B Multiple Choice
C Essay
Chapter 9 Risks
A True/False Questions
B Multiple Choice
C Essay
Chapter 10 Analysis
A True/False Questions
B Multiple Choice
C Essay
Index
EULA

Stepping Through Cybersecurity Risk Management : A Systems Thinking Approach
 9781394213979, 9781394213955

  • 0 0 0
  • Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up
Recommend Papers