Book Image

Building a Cyber Resilient Business

By : Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran
Book Image

Building a Cyber Resilient Business

By: Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran

Overview of this book

With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business’s cyber resilience due to its complex nature and the lack of a clear return on investment. This book demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO). The book equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The book also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required. With this book, you’ll have a deeper appreciation of the various ways all executives can contribute to the organization’s cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business.
Table of Contents (14 chapters)

Addressing cybersecurity challenges

Organizations tend to underestimate the challenges cybersecurity presents. It is not something that can be addressed as a one-time exercise. A high focus remains on addressing cybersecurity challenges with a technology-based solution. However, cybersecurity challenges require a holistic approach across people, processes, and technology, and involve a continual journey of refactoring and improvements, and communication across the organization of what each person’s responsibilities are.

This is best illustrated by how an organization handles the risk of a ransomware threat. Ransomware threats will never be zero, as the business needs an internet presence and can’t avoid using email communication. Applying technology-based controls is often the very first step an organization takes to address this risk: implementing malware protection, firewalls, and even intrusion-detection systems. But these are just the first step. These solutions...