Stepping Through Cybersecurity Risk Management : A Systems Thinking Approach 9781394213979, 9781394213955

Stepping Through Cybersecurity Risk Management Authoritative resource delivering the professional practice of cybersecur

113 53 18MB

English Year 2024

Table of contents :
Cover
Title Page
Copyright Page
Contents
Foreword
Preface
Acknowledgements
About the Companion Website
Chapter 1 Framework Elements
References
Chapter 2 Threats
2.1 Threat Actors
2.1.1 Hackivists
2.1.2 Insiders
2.1.3 Hacker
2.1.4 Competitors
2.1.5 Lone Wolf
2.2 Threat Networks
2.2.1 Example: Identity Theft
2.2.2 Zero-Day Threats
2.3 Threat Vectors
References
Chapter 3 Events
3.1 Event Classification
3.2 Event Prevention
3.3 Detection and Response
3.4 Event Scenarios
References
Chapter 4 Controls
4.1 Risk Appetite
4.2 Policy
4.2.1 Security Principles
4.2.2 Formality
4.3 Process
4.4 Standards
4.4.1 Internal Standards
4.4.2 External Standards
4.4.3 Security Architecture
4.5 Procedures
4.6 Guidelines
References
Chapter 5 Assessments
5.1 Standards Adherence
5.2 Risk and Control Self Assessment
5.3 Pentests and Vulnscans
5.4 Audits
5.5 Spot Checks
References
Chapter 6 Issues
6.1 Issue Identification
6.2 Classification
6.3 Criteria and Remediation
References
Chapter 7 Metrics
7.1 Measuring Cybersecurity
7.2 From Measures to Metrics
7.3 Key Risk Indicators
References
Chapter 8 People
8.1 Three Lines of Defense
8.2 The Cybersecurity Team
8.3 Enterprise Management
8.4 Framework Element Owners
References
Chapter 9 Risks
9.1 Risk Categories
9.2 Risk Treatment
9.2.1 Controls
9.2.2 Transfer
9.2.3 Avoidance
9.2.4 Acceptance
9.3 Risk Appetite
9.4 Risk Tolerance
9.5 Probability Measurement
References
Chapter 10 Analysis
10.1 Reports and Studies
10.2 Safety Analogies
10.3 Decision Support
10.4 Conclusion
References
Appendix: Exercises in FrameCyber
Chapter 1 Framework Elements
A True/False Questions
B Multiple Choice
C Essay
Chapter 2 Threats
A True/False Questions
B Multiple Choice
C Essay
Chapter 3 Events
A True/False Questions
B Multiple Choice
C Essay
Chapter 4 Controls
A True/False Questions
B Multiple Choice
C Essay
Chapter 5 Assessments
A True/False Questions
B Multiple Choice
C Essay
Chapter 6 Issues
A True/False Questions
B Multiple Choice
C Essay
Chapter 7 Metrics
A True/False Questions
B Multiple Choice
C Essay
Chapter 8 People
A True/False Questions
B Multiple Choice
C Essay
Chapter 9 Risks
A True/False Questions
B Multiple Choice
C Essay
Chapter 10 Analysis
A True/False Questions
B Multiple Choice
C Essay
Index
EULA

Stepping Through Cybersecurity Risk Management : A Systems Thinking Approach
9781394213979, 9781394213955

Author / Uploaded
Jennifer L. Bayuk

0 0 0
Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up

Recommend Papers

Stepping Through Cybersecurity Risk Management: A Systems Thinking Approach [1 ed.] 1394213956, 9781394213955

Stepping Through Cybersecurity Risk Management Authoritative resource delivering the professional practice of cybersecur

124 56 10MB Read more

Cybersecurity Risk Management: An ERM Approach 1685074286, 9781685074289

The motivation for writing this book is to share our knowledge, analyses, and conclusions about cybersecurity in particu

170 11 6MB Read more

Thinking Through Systems Thinking [1 ed.] 041540519X, 9780415405195

Systemicity is receiving wider attention thanks to its evident paradox. On the one hand, it occurs as a problem with com

112 103 2MB Read more

Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework 9781119816287, 9781119816294, 9781119816300, 9781119816348, 1119816289

Cybersecurity Risk Management In Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity

198 53 9MB Read more

Thinking about Cybersecurity

641 57 4MB Read more

The Magic Ring: Systems Thinking Approach to Control Systems (Contemporary Systems Thinking) 9783030641948, 9783030641931, 3030641945

166 67 95MB Read more

Extreme and Systemic Risk Analysis: A Loss Distribution Approach (Integrated Disaster Risk Management) 9811526885, 9789811526886

This book is about how extreme and systemic risk can be analyzed in an integrated way. Risk analysis is understood to in

103 54 5MB Read more

Managing Cybersecurity in the Process Industries: A Risk-based Approach 9781119861782, 1119861780

The chemical process industry is a rich target for cyber attackers who are intent on causing harm. Current risk managem

99 79 Read more

Enterprise Cyber Risk Management as a Value Creator : Leverage Cybersecurity for Competitive Advantage 9798868800948, 9798868800931

This book will help you learn the importance of organizations treating enterprise cyber risk management (ECRM) as a valu

109 93 4MB Read more

Data Analytics: Systems Engineering - Cybersecurity - Project Management 9781683926481, 168392648X

Data analytics is creeping into the lexicon of our daily language. This book gives the reader a perspective as to the ov

113 112 2MB Read more