Edwards, Jason (Cybersecurity expert),
The cybersecurity guide to governance, risk, and compliance / Dr. Jason Edwards, Griffin Weaver. - 1 online resource (xxviii, 638 pages) -
Includes index.
Table of Contents
Purpose of the Book xvii
Target Audience xix
Structure of the Book xxi
Foreword by Wil Bennett xxiii
Foreword by Gary McAlum xxv
Chapter 1 Governance, Risk Management, and Compliance 1
Chapter 2 The Landscape of Cybersecurity 19
Chapter 3 Cybersecurity Leadership: Insights and Best Practices 33
Chapter 4 Cybersecurity Program and Project Management 53
Chapter 5 Cybersecurity for Business Executives 69
Chapter 6 Cybersecurity and the Board of Directors 87
Chapter 7 Risk Management 109
Chapter 8 The NIST Risk Management Framework 131
Chapter 9 Cybersecurity Metrics 151
Chapter 10 Risk Assessments 171
Chapter 11 NIST Cybersecurity Framework 191
Chapter 12 Cybersecurity Frameworks 209
Chapter 13 NIST SP 800-53: Security and Privacy Controls Framework 231
Chapter 14 The FFIEC: An Introduction 245
Chapter 15 U.S. Federal Cybersecurity Regulations 267
Chapter 16 State-level Cybersecurity Regulations 287
Chapter 17 International Cybersecurity Laws and Regulations 299
Chapter 18 Privacy Laws and Their Intersection with Cybersecurity 315
Chapter 19 Auditing Cybersecurity: Guides for Auditors and the Audited 333
Chapter 20 The Challenging Role of the Regulator 355
Chapter 21 Understanding US Regulatory Bodies 377
Chapter 22 Managing Regulatory Visits and Requests for Information 395
Chapter 23 Understanding Regulatory Penalties 409
Chapter 24 Addressing and Remediating Regulatory Findings 429
Chapter 25 Cybersecurity Architecture 445
Chapter 26 Risk Mitigation 463
Chapter 27 Cloud Security 481
Chapter 28 Artificial Intelligence in Cybersecurity 497
Chapter 29 Quantum Computing: A New Frontier 511
Chapter 30 Incident Response and Recovery 521
Chapter 31 Navigating the Cyber Insurance Maze 541
Glossary 549
Cybersecurity Resources 555
Ready to Use KPI Examples 567
Ready to Use KRI Examples 599
The End 631
Index 633
"Cyber Security Governance & Risk Management is the monitoring of compliance with agreed cyber security policies and the assessment and management of relevant risks. Cybersecurity is a critical concern for modern businesses, and understanding how to navigate it is vital"--
About the Author
Dr. Jason Edwards, DM, CISSP, CRISC, is an esteemed cybersecurity expert and accomplished industry leader with over 25 years in cybersecurity, risk, and compliance, backed by a specialized doctorate in Cybersecurity Regulatory Risk and Compliance. A prolific educator and influencer, Dr. Edwards contributes as an Adjunct Cyber Professor at multiple universities and is recognized as a leading cybersecurity voice on LinkedIn. His portfolio includes many publications, including the notable Cyber Spear educational newsletter. In addition to his remarkable professional achievements, Dr. Edwards proudly served as a distinguished combat veteran and premier military cyber officer.
Griffin Weaver, JD, serves as the Managing Legal Director at a renowned technology company and is also a respected Adjunct Professor specializing in Cybersecurity Law. With a rich background encompassing various technical and managerial roles in IT, Griffin seamlessly transitioned into a flourishing legal career after earning his law degree from the University of Utah. As an acknowledged thought leader, Griffin has enhanced the domain with his scholarly contributions through numerous articles. He is a sought-after speaker renowned for his insightful presentations at cybersecurity conferences.
9781394250202 1394250207 9781394250219 1394250215 9781394250226 1394250223
10.1002/9781394250226 doi
9781394250196 O'Reilly Media 10494574 IEEE
Business enterprises--Computer networks--Security measures.
Computer security.
Computer crimes--Prevention.
Electronic books.
HD30.38 / .E34 2024
005.8
The cybersecurity guide to governance, risk, and compliance / Dr. Jason Edwards, Griffin Weaver. - 1 online resource (xxviii, 638 pages) -
Includes index.
Table of Contents
Purpose of the Book xvii
Target Audience xix
Structure of the Book xxi
Foreword by Wil Bennett xxiii
Foreword by Gary McAlum xxv
Chapter 1 Governance, Risk Management, and Compliance 1
Chapter 2 The Landscape of Cybersecurity 19
Chapter 3 Cybersecurity Leadership: Insights and Best Practices 33
Chapter 4 Cybersecurity Program and Project Management 53
Chapter 5 Cybersecurity for Business Executives 69
Chapter 6 Cybersecurity and the Board of Directors 87
Chapter 7 Risk Management 109
Chapter 8 The NIST Risk Management Framework 131
Chapter 9 Cybersecurity Metrics 151
Chapter 10 Risk Assessments 171
Chapter 11 NIST Cybersecurity Framework 191
Chapter 12 Cybersecurity Frameworks 209
Chapter 13 NIST SP 800-53: Security and Privacy Controls Framework 231
Chapter 14 The FFIEC: An Introduction 245
Chapter 15 U.S. Federal Cybersecurity Regulations 267
Chapter 16 State-level Cybersecurity Regulations 287
Chapter 17 International Cybersecurity Laws and Regulations 299
Chapter 18 Privacy Laws and Their Intersection with Cybersecurity 315
Chapter 19 Auditing Cybersecurity: Guides for Auditors and the Audited 333
Chapter 20 The Challenging Role of the Regulator 355
Chapter 21 Understanding US Regulatory Bodies 377
Chapter 22 Managing Regulatory Visits and Requests for Information 395
Chapter 23 Understanding Regulatory Penalties 409
Chapter 24 Addressing and Remediating Regulatory Findings 429
Chapter 25 Cybersecurity Architecture 445
Chapter 26 Risk Mitigation 463
Chapter 27 Cloud Security 481
Chapter 28 Artificial Intelligence in Cybersecurity 497
Chapter 29 Quantum Computing: A New Frontier 511
Chapter 30 Incident Response and Recovery 521
Chapter 31 Navigating the Cyber Insurance Maze 541
Glossary 549
Cybersecurity Resources 555
Ready to Use KPI Examples 567
Ready to Use KRI Examples 599
The End 631
Index 633
"Cyber Security Governance & Risk Management is the monitoring of compliance with agreed cyber security policies and the assessment and management of relevant risks. Cybersecurity is a critical concern for modern businesses, and understanding how to navigate it is vital"--
About the Author
Dr. Jason Edwards, DM, CISSP, CRISC, is an esteemed cybersecurity expert and accomplished industry leader with over 25 years in cybersecurity, risk, and compliance, backed by a specialized doctorate in Cybersecurity Regulatory Risk and Compliance. A prolific educator and influencer, Dr. Edwards contributes as an Adjunct Cyber Professor at multiple universities and is recognized as a leading cybersecurity voice on LinkedIn. His portfolio includes many publications, including the notable Cyber Spear educational newsletter. In addition to his remarkable professional achievements, Dr. Edwards proudly served as a distinguished combat veteran and premier military cyber officer.
Griffin Weaver, JD, serves as the Managing Legal Director at a renowned technology company and is also a respected Adjunct Professor specializing in Cybersecurity Law. With a rich background encompassing various technical and managerial roles in IT, Griffin seamlessly transitioned into a flourishing legal career after earning his law degree from the University of Utah. As an acknowledged thought leader, Griffin has enhanced the domain with his scholarly contributions through numerous articles. He is a sought-after speaker renowned for his insightful presentations at cybersecurity conferences.
9781394250202 1394250207 9781394250219 1394250215 9781394250226 1394250223
10.1002/9781394250226 doi
9781394250196 O'Reilly Media 10494574 IEEE
Business enterprises--Computer networks--Security measures.
Computer security.
Computer crimes--Prevention.
Electronic books.
HD30.38 / .E34 2024
005.8