Read more
This book enables security professionals to build a cybersecurity program from the ground up, regardless of the size of their organization. The book includes a high-level, comprehensive overview of all of the capabilities that go into a cybersecurity program (e.g., threat management, incident management, vulnerability management) and helps readers to determine which capabilities must be matured first and to what maturity level based on the risks that their organization faces. The book addresses methods for performing rapid risk assessments at early stages of cybersecurity program development. It also discusses key capabilities that should form the foundation to any cybersecurity program.
List of contents
Context Setting.
Anatomy of a Cybersecurity Leader.
Step 1: Perform Initial Discovery.
Step 2: Assess Your Risk and Your Maturity.
Step 3: Plan Your Future State.
Step 4: Build Your Team.
Step 5: Build and Run Your Capabilities.
About the author
Chris Houlder is the CISO of Autodesk. He has over 15 years of experience building and leading information security programs. Chris is a Board member of the Bay Area CSO Council (BACC). He holds a BS in Information Systems and the following certifications: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); and Certified in Risk and Information Systems Control (CRISC). Ahsan Mir is a Senior Manager of Information Security Autodesk. He has post graduate degrees in computer science and Information security and over 12 years of experience building and leading information security programs. He has worked as security practitioner the roles of pen tester, incident responder, threat analyst, system and network administrator and security engineer. He holds the following certifications: Certified Information Systems Security Professional (CISSP); Certified Information Security Auditor (CISA); and number of technical certifications.
Summary
This book enables security professionals to build a cybersecurity program from the ground up, regardless of the size of their organization. The book includes a high-level, comprehensive overview of all of the capabilities that go into a cybersecurity program (e.g., threat management, incident management, vulnerability management) and helps readers to determine which capabilities must be matured first and to what maturity level based on the risks that their organization faces. The book addresses methods for performing rapid risk assessments at early stages of cybersecurity program development. It also discusses key capabilities that should form the foundation to any cybersecurity program.
