購物比價找書網找車網
FindBook  
 有 1 項符合

Program Architecture: Fight the Good Fight

的圖書
Program Architecture: Fight the Good Fight Program Architecture: Fight the Good Fight

作者:Rasmussen 
出版社:CRC Press
出版日期:2025-11-06
語言:英文   規格:平裝 / 216頁 / 普通級/ 初版
圖書選購
型式價格供應商所屬目錄
 
$ 2474
博客來 博客來
財務金融
圖書介紹 - 資料來源:博客來   評分:
圖書名稱:Program Architecture: Fight the Good Fight

內容簡介

Business executives consider what is necessary to protect the company. It comes down to people, process and technology, organized within an information security program. Everything has its place within the program, including business processes, assets and the right blend of controls to protect them.

This book describes program architecture, the discipline of designing, implementing and leading information security programs.

- Prove Yourself Ready Now

- Team Development and Retention

- Program Maturity

- Influence Support and Funding

- Cyber Threat Intelligence

- Third Party Risk Management

- Metrics and Reporting

- Insider Risk Monitoring and Response

- Threat Landscape and Controls Analysis

- Conduct an Assessment

- Crisis Communications

- Control by Governance

This book provides practical advice in the areas of cybersecurity and operational risk management. The goal is to provide readers with practical advice they can use upon return to work.

Chapter abstracts:

Chapter 1

Prove yourself ready now

This chapter provides practical advice to prove yourself ’ready now’ for a cybersecurity management role. The journey begins with a view from the executive’s side of the table and how to speak in terms of risk. There is an overview of risk management, with tips for influencing risk mitigation. Focus transitions to how a communications plan can make you more effective as a leader. There is practical advice for developing presentation skills with limited stress and anxiety through a four-step approach. With that skill in-place you can communicate program statuses to executives. Professional development and C-Level presentation round out the chapter.

Chapter 2

Team development and retention

This chapter provides leaders with practical advice for developing employees in their current role, with tips to help them move laterally or to pursue promotion to management. The focus shifts to management routines throughout a calendar year, including performance and development plans, communications, financial acumen, talent review and program architecture. The chapter begins to conclude with performance calibration, succession planning, promotions and retention risk.

If you are an individual contributor with a goal of being promoted to leadership, there is a significant value in this chapter. There are also activities behind the scenes that you should know about in your current role.

Chapter 3

Program maturity

Information security professionals must focus on maturity within cybersecurity and operational risk contexts. This chapter provides guidance to improve program maturity within four levels. It starts by establishing a foundation with a control framework, laws, regulations and contractual obligations. Next are common controls, necessary and common sense from an information security perspective. Active risk management includes types of analysis, assessment and mitigation. Strong risk management is conducted by organizations that have a very low risk tolerance. This risk-prioritized approach can be used to influence funding. So that’s part of the strategy, you need support and funding to mature the program over years.

Chapter 4

Influence support and funding

Influencing change with business and IT executives is a learned skill. This chapter begins with five areas of focus to influence support and funding. The concept of ’bring friends’ solicits the support of other operational risk functions. Management routines are provided as effective ways to mitigate risk, including a risk register process, a cybersecurity committee, tabletop exercises and a cybersecurity risk management framework. Three risk analysis methodologies are provided as practical advice to communicate security risk. Tips to develop financial acumen include two budget slide examples. The chapter concludes with emphasis on the need to be a change agent and to close on projects, initiatives and risk mitigation.

Chapter 5

Cyber threat intelligence

A Cyber Threat Intelligence (CTI) Program drives change to adapt to emerging threats and new technology. That change reduces incident occurrence, with a goal of preventing an incident from becoming a data breach. The chapter provides practical advice to establish a CTI program that generates system hardening, threat hunting, monitoring and incident response. CTI inputs are detailed within advisory subscriptions and six other categories. CTI activities continue with an intake process, processing an advisory, taking action and CTI meetings. CTI program architecture continues with security monitoring alerts and tips to establish a threat hunting program. The chapter concludes with adversarial tactics and CTI program indicators.

Chapter 6

Third party risk management

This chapter describes designing a Third Party Risk Management (TPRM) program. It details the end-to-end process: identify, risk rank, assess, risk treatment, monitor, oversight, escalations and decommissioning. A framework is provided as a program outline, with decision points to select from. Options presented will help mitigate third party risk, whether you have an existing TPRM program or if you need to establish one. This chapter is also an example of program architecture in practice. These concepts can be used to design, implement and lead other risk management programs. The goal of this chapter and this book is to provide you with practical advice you can use upon return to work.

Chapter 7

Metrics and reporting

This chapter provides practical advice to establish information security metrics, Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs). It begins with an explanation of the differences between them and why each is necessary. Mid-level details of the end-to-end process are provided, from cre

 

作者簡介

Gideon Rasmussen is a Cybersecurity Executive with over 20 years of experience in corporate and military organizations. Gideon has designed and led programs including Information Security (CISO), PCI - Payment Card Security, Third Party Risk Management, Application Security and Information Risk Management. Has diverse cybersecurity industry experience within banking, startups, insurance, pharmaceuticals, DoD/USAF, state government, advertising and talent management.

Gideon has authored over 30 information security articles. He is a veteran of the United States Air Force and a graduate of the FBI Citizens Academy. Gideon has also completed the Bataan Memorial Death March (4 occurrences).

Gideon T. Rasmussen
Cybersecurity Executive Program Architect
CISSP, CRISC, CISA, CISM, CIPP

 

詳細資料

  • ISBN:9781032896007
  • 規格:平裝 / 216頁 / 普通級 / 初版
  • 出版地:美國
贊助商廣告
 
金石堂 - 今日66折
《腹黑退婚夫》全3冊
作者:聆月
出版社:藍海製作有限公司
出版日期:2024-03-13
66折: $ 554 
金石堂 - 今日66折
【妻奴】套組贈「謝謝你,我愛你」香氛片
作者:風光、步流年、簡薰、吟星
出版社:藍海製作有限公司
出版日期:2023-03-29
66折: $ 759 
金石堂 - 今日66折
庶女成鳳《全3冊》
作者:木子蘇
出版社:藍海製作有限公司
出版日期:2025-06-25
66折: $ 693 
金石堂 - 今日66折
《換夫記》書衣版
作者:雀喜
出版社:藍海製作有限公司
出版日期:2024-09-25
66折: $ 594 
 
金石堂 - 暢銷排行榜
機器人能算入經驗人數嗎?? (首刷附錄版) 01
作者:焼肉定食
出版社:東立出版社
出版日期:2026-06-25
$ 128 
Taaze 讀冊生活 - 暢銷排行榜
煙火(凱迪克金牌獎,作繪者印簽版,首刷贈夜空綻放限量收藏卡)
作者:馬修.博吉斯
出版社:小天下
出版日期:2026-07-01
$ 410 
Taaze 讀冊生活 - 暢銷排行榜
業餘愛好的力量:過度努力時代的快樂指南
作者:凱倫.沃朗
出版社:悅知文化
出版日期:2026-07-09
$ 355 
金石堂 - 暢銷排行榜
小侑,我愛你!(全)特典版
作者:千年藍乃
出版社:青文出版社股份有限公司
出版日期:2026-07-02
$ 142 
 
金石堂 - 新書排行榜
超級能幹的少女們 特裝版
作者:エノキドォ
出版社:未來數位有限公司
出版日期:2026-07-17
$ 316 
金石堂 - 新書排行榜
女兒不在的空檔、與她女兒的朋友中出SEX暗地做了個爽。
作者:ことら
出版社:未來數位有限公司
出版日期:2026-07-17
$ 442 
金石堂 - 新書排行榜
GRAND BLUE碧藍之海 25
作者:吉岡公威
出版社:東立出版社
出版日期:2026-07-09
$ 119 
Taaze 讀冊生活 - 新書排行榜
極簡邏輯學
作者:李艾倫
出版社:聯合讀創
出版日期:2026-04-23
$ 210 
 

©2026 FindBook.com.tw -  購物比價  找書網  找車網  服務條款  隱私權政策