Book Image

Building a Cyber Resilient Business

By : Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran
Book Image

Building a Cyber Resilient Business

By: Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran

Overview of this book

With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business’s cyber resilience due to its complex nature and the lack of a clear return on investment. This book demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO). The book equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The book also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required. With this book, you’ll have a deeper appreciation of the various ways all executives can contribute to the organization’s cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business.

Related Content you might be interested in

Current Title:

Small book image
Building a Cyber Resilient Business
Dr. Magda Lilia Chelly | Shamane Tan | Hai Tran
Nov, 2022 | 232 pages
Small book image
Cybersecurity Leadership Demystified
Erdal Ozkaya
Jan, 2022 | 274 pages
Small book image
Cybersecurity Blue Team Strategies
Nikolaos Thymianis | Kunal Sehgal
Feb, 2023 | 208 pages
Small book image
Cybersecurity and Privacy Law Handbook
Walter Rocchi
Dec, 2022 | 230 pages
Table of Contents (14 chapters)
Preface
Preface
Who this book is for
What this book covers
Download the color images
Get in touch
Share your thoughts
1
Chapter 1: The CEO Cyber Manual
Chapter 1: The CEO Cyber Manual
Why cybersecurity should be a CEO’s priority
Understanding cyber risks and their implications for businesses
Understanding cybersecurity challenges, organization, and reporting
Quantifying cyber costs versus return on investment
Building a culture of cybersecurity
Preparing a business for cyberattacks
Cybersecurity considerations for a CEO’s first month
Questions to ask yourself as a CEO when considering your cyber risk coverage
Summary
Free Chapter
2
Chapter 2: A Modern Cyber-Responsible CFO
Chapter 2: A Modern Cyber-Responsible CFO
Why the CFO should care about cybersecurity
The CFO’s understanding of cybersecurity
The aspects of cybersecurity the CFO should consider
Defining the CFO’s role in building cyber resilience
Communicating with the CFO about cyber risks
Questions to ask your CFO
Summary
3
Chapter 3: The Role of the CRO in Cyber Resilience
Chapter 3: The Role of the CRO in Cyber Resilience
Understanding the role of the CRO and its key focus areas
Analyzing the CRO’s key priorities
Identifying the CRO’s challenges
Developing the right mindset as a CRO
Understanding the collaboration potential between the CRO and CISO
Questions to ask your CRO
Summary
4
Chapter 4: Your CIO—Your Cyber Enabler
Chapter 4: Your CIO—Your Cyber Enabler
Understanding the CIO’s role and the impacts their decisions have on cybersecurity
Differences and commonalities between the CIO and CISO roles
Getting ahead of cybercriminals
How the CIO supports your security
Questions to ask your CIO
Summary
5
Chapter 5: Working with Your CISO
Chapter 5: Working with Your CISO
Understanding the role of the CISO
Your CISO’s understanding of your business
Priorities for a new CISO
Addressing cybersecurity challenges
Questions to ask your CISO
A Bonus Segment for Our CISOs—Decoding Your CxOs’ Expectations
A Bonus Segment for Our CISOs—Purchasing Cyber Insurance
A Bonus Segment for Our CISOs—Reporting to the Board of Directors
Summary
6
Chapter 6: The Role of the CHRO in Reducing Cyber Risk
Chapter 6: The Role of the CHRO in Reducing Cyber Risk
Why the CHRO should care about cybersecurity
The transitioning role of the CHRO
How the CHRO supports cyber resilience
The challenges CHROs face with cybersecurity
Questions to ask your CHRO
A bonus segment for our CISOs—recruiting and building your cybersecurity team
Summary
7
Chapter 7: The COO and Their Critical Role in Cyber Resilience
Chapter 7: The COO and Their Critical Role in Cyber Resilience
Understanding the role of the COO
Why the COO should care about cybersecurity
Where the line is between the COO and the CISO in terms of responsibility for business continuity
Operational technology and cybersecurity—a necessity in today’s world
Business continuity plan management—the dos and don’ts
Questions to ask your COO
Summary
8
Chapter 8: The CTO and Security by Design
Chapter 8: The CTO and Security by Design
The role of the CTO
Why the CTO should care about cybersecurity
How the CTO becomes a security ally
Secure coding and secure software development
Conflicts of interest and collaboration between the CTO and the CISO
Questions to ask your CTO
Summary
9
Chapter 9: The CMO and CPO—Convergence Between Privacy and Security
Chapter 9: The CMO and CPO—Convergence Between Privacy and Security
What the CMO and CPO roles have in common
The role of marketing and privacy in cybersecurity
The intersection of privacy and security
The role of marketing and communication following a cyber incident
Questions to ask your CMO and CPO
Summary
10
Chapter 10: The World of the Board
Chapter 10: The World of the Board
Understanding the world of the board
The board’s structure
The board’s interests in cybersecurity
The CISO’s seat at the table
Speaking the board’s language
What not to do in the boardroom
Reporting to the board (an add-on for CISOs and a reference for CEOs)
Boards and mergers and acquisitions
Asking the board the right questions and setting up your CISO for success
Summary
11
Chapter 11: The Recipe for Building a Strong Security Culture—Bringing It All Together
Chapter 11: The Recipe for Building a Strong Security Culture—Bringing It All Together
Building a robust security culture
Bringing it all together
CISO add-on—building a cybersecurity culture
The different building blocks
Varying your training
Cloud-sharing responsibility
A hands-on cyber-awareness program
What kind of community are you building?
Questions to ask yourself about building a culture
Summary
12
Index
Index
Why subscribe?
13
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts

A Modern Cyber-Responsible CFO

A Chief Financial Officer (CFO) is the senior executive in charge of a company’s financial operations. A traditional CFO will typically act as a financial controller, which is more detail-oriented, and even if they are not from a financial background, they manage just the numbers and focus on transactions. A more modern CFO will be very forward-thinking. They manage risks and the future of the business.

While the Chief Executive Officer (CEO) sets the direction, culture, and budget for the company, the CFO is the agent of change, supporting that direction, implementing the company culture, and preparing the budget for the CEO.

Enterprise Risk Management (ERM) is a strategy across an enterprise, designed to identify potential events that may affect the company’s finances, operations, and objectives and keep risk within the parameters of the company’s risk appetite. The CEO’s commitment and that of every management team member, including the CFO, are critical to the success of ERM adoption and execution.

The executive team’s contributions, particularly in risk management, are required to meet the organization’s strategic goals. Nowadays, this requires considering cyber risk and integrating it into ERM.

The CFO’s job description is straightforward: cash flow management, financial planning, and financial reporting. Furthermore, their responsibilities include determining the firm’s financial capability and taking remedial actions to effectively and efficiently manage the firm’s risk. Each company has its own set of financial modules, and ERM is implemented using these modules. ERM can be an important tool for the CFO in helping them understand the potential impact of business risks on the business’s financial standing. This means that if cyber threats pose a risk to the business, then the CFO needs to understand what this means and how it can impact the organization’s financial position.

CFOs have a big say in implementing enterprise risk management, which should include cyber risk; they control the implementation of the ERM strategy. The adoption of ERM requires financial and operational resources and a thorough assessment of the likelihood of success.

This chapter discusses the main priorities for a CEO to consider when talking about the CFO’s financial strategy and involvement in ERM. In this chapter, we’re going to cover the following topics:

  • Why the CFO should care about cybersecurity
  • The CFO’s understanding of cybersecurity
  • The aspects of cybersecurity the CFO should consider
  • Defining the CFO’s role in building cyber resilience
  • Communicating with the CFO about cyber risks
  • Questions to ask your CFO

The following section provides further details on specific areas where the CFO remains an indispensable stakeholder in cyber risk management.

Previous Section
End of Section 1
Next Section