Book Image

Building a Cyber Resilient Business

By : Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran
Book Image

Building a Cyber Resilient Business

By: Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran

Overview of this book

With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business’s cyber resilience due to its complex nature and the lack of a clear return on investment. This book demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO). The book equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The book also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required. With this book, you’ll have a deeper appreciation of the various ways all executives can contribute to the organization’s cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business.
Table of Contents (14 chapters)

Building a culture of cybersecurity

The CEO needs to lead in promoting a culture that reinforces the idea that cybersecurity is an organizational capability rather than just a problem for IT to solve.

A strong cybersecurity culture drives the members of the organization to behave in unison when faced with security challenges. An established, well-thought-out cybersecurity plan approved by the board of directors is only helpful if every staff member understands their role and responsibilities before, during, and after an event, appreciates the significance of cyber threats, complies with security measures and guidelines, and understands what it means to remain cyber-vigilant.

A cybersecurity plan needs to be approached holistically to be successful. Every part of the organization must understand that processes and technology play a critical role in developing and maintaining a robust cybersecurity culture. Cyber risk must be taken as seriously as risks such as natural disasters...