Author: Barak Engel
Publisher: CRC Press
ISBN: 1003836909
Category : Computers
Languages : en
Pages : 222
Book Description
Released in 2017, the first edition of Why CISOs Fail reimagined the role of the Chief Information Security Officer in a new and powerful way. Written to be easily consumable by both security pros as well as everyone who must deal with them, the book explores the different realms in which security leaders fail to deliver meaningful impact to their organizations, and why this happens. Its central thesis—that security is primarily a human behavioral discipline rather than a technology one—has been gaining increased attention as a core tenet of the field, and the book was ultimately inducted into the cybersecurity canon as a leading book on security management. In this freshly updated edition, Barak Engel adds new sections that correspond with the chapters of the original book: security as a discipline; as a business enabler; in sales; in legal; in compliance; in technology; and as an executive function. He explores new ideas in each operational area, providing essential insights into emerging aspects of the discipline. He then proposes two critical concepts for security management—the concept of "digital shrinkage" and the transition from CISO to CI/SO—that together offer a new paradigm for any organization that wants to become truly successful in its security journey. Why CISOs (Still) Fail is delivered in Barak's conversational, humoristic style, that has attracted a global audience to this and his other book, The Security Hippie. As he notes, the book's goal is to entertain as much as to inform, and he dearly hopes that you have fun reading it.
Why CISOs Fail
Author: Barak Engel
Publisher: CRC Press
ISBN: 1003836909
Category : Computers
Languages : en
Pages : 222
Book Description
Released in 2017, the first edition of Why CISOs Fail reimagined the role of the Chief Information Security Officer in a new and powerful way. Written to be easily consumable by both security pros as well as everyone who must deal with them, the book explores the different realms in which security leaders fail to deliver meaningful impact to their organizations, and why this happens. Its central thesis—that security is primarily a human behavioral discipline rather than a technology one—has been gaining increased attention as a core tenet of the field, and the book was ultimately inducted into the cybersecurity canon as a leading book on security management. In this freshly updated edition, Barak Engel adds new sections that correspond with the chapters of the original book: security as a discipline; as a business enabler; in sales; in legal; in compliance; in technology; and as an executive function. He explores new ideas in each operational area, providing essential insights into emerging aspects of the discipline. He then proposes two critical concepts for security management—the concept of "digital shrinkage" and the transition from CISO to CI/SO—that together offer a new paradigm for any organization that wants to become truly successful in its security journey. Why CISOs (Still) Fail is delivered in Barak's conversational, humoristic style, that has attracted a global audience to this and his other book, The Security Hippie. As he notes, the book's goal is to entertain as much as to inform, and he dearly hopes that you have fun reading it.
Publisher: CRC Press
ISBN: 1003836909
Category : Computers
Languages : en
Pages : 222
Book Description
Released in 2017, the first edition of Why CISOs Fail reimagined the role of the Chief Information Security Officer in a new and powerful way. Written to be easily consumable by both security pros as well as everyone who must deal with them, the book explores the different realms in which security leaders fail to deliver meaningful impact to their organizations, and why this happens. Its central thesis—that security is primarily a human behavioral discipline rather than a technology one—has been gaining increased attention as a core tenet of the field, and the book was ultimately inducted into the cybersecurity canon as a leading book on security management. In this freshly updated edition, Barak Engel adds new sections that correspond with the chapters of the original book: security as a discipline; as a business enabler; in sales; in legal; in compliance; in technology; and as an executive function. He explores new ideas in each operational area, providing essential insights into emerging aspects of the discipline. He then proposes two critical concepts for security management—the concept of "digital shrinkage" and the transition from CISO to CI/SO—that together offer a new paradigm for any organization that wants to become truly successful in its security journey. Why CISOs (Still) Fail is delivered in Barak's conversational, humoristic style, that has attracted a global audience to this and his other book, The Security Hippie. As he notes, the book's goal is to entertain as much as to inform, and he dearly hopes that you have fun reading it.
Why CISOs Fail
Author: Barak Engel
Publisher:
ISBN: 9781032299259
Category : Chief information officers
Languages : en
Pages : 0
Book Description
In this freshly updated edition, Barak Engel adds new sections that correspond with the chapters of the original book: security as a discipline; as a business enabler; in sales; in legal; in compliance; in technology; and as an executive function. The book's goal is to entertain as much as to inform.
Publisher:
ISBN: 9781032299259
Category : Chief information officers
Languages : en
Pages : 0
Book Description
In this freshly updated edition, Barak Engel adds new sections that correspond with the chapters of the original book: security as a discipline; as a business enabler; in sales; in legal; in compliance; in technology; and as an executive function. The book's goal is to entertain as much as to inform.
Why CISOs Fail
Author: Barak Engel
Publisher: CRC Press
ISBN: 1351986686
Category : Computers
Languages : en
Pages : 169
Book Description
This book serves as an introduction into the world of security and provides insight into why and how current security management practices fail, resulting in overall dissatisfaction by practitioners and lack of success in the corporate environment. The author examines the reasons and suggests how to fix them. The resulting improvement is highly beneficial to any corporation that chooses to pursue this approach or strategy and from a bottom-line and business operations perspective, not just in technical operations. This book transforms the understanding of the role of the CISO, the selection process for a CISO, and the financial impact that security plays in any organization.
Publisher: CRC Press
ISBN: 1351986686
Category : Computers
Languages : en
Pages : 169
Book Description
This book serves as an introduction into the world of security and provides insight into why and how current security management practices fail, resulting in overall dissatisfaction by practitioners and lack of success in the corporate environment. The author examines the reasons and suggests how to fix them. The resulting improvement is highly beneficial to any corporation that chooses to pursue this approach or strategy and from a bottom-line and business operations perspective, not just in technical operations. This book transforms the understanding of the role of the CISO, the selection process for a CISO, and the financial impact that security plays in any organization.
The Security Hippie
Author: Barak Engel
Publisher: CRC Press
ISBN: 1000530310
Category : Computers
Languages : en
Pages : 177
Book Description
The Security Hippie is Barak Engel’s second book. As the originator of the “Virtual CISO” (fractional security chief) concept, he has served as security leader in dozens of notable organizations, such as Mulesoft, Stubhub, Amplitude Analytics, and many others. The Security Hippie follows his previous book, Why CISOs Fail, which became a sleeper hit, earning a spot in the Cybercannon project as a leading text on the topic of information security management. In this new book, Barak looks at security purely through the lens of story-telling, sharing many and varied experiences from his long and accomplished career as organizational and thought leader, and visionary in the information security field. Instead of instructing, this book teaches by example, sharing many real situations in the field and actual events from real companies, as well as Barak’s related takes and thought processes. An out-of-the-mainstream, counterculture thinker – Hippie – in the world of information security, Barak’s rich background and unusual approach to the field come forth in this book in vivid color and detail, allowing the reader to sit back and enjoy these experiences, and perhaps gain insights when faced with similar issues themselves or within their organizations. The author works hard to avoid technical terms as much as possible, and instead focus on the human and behavioral side of security, finding the humor inherent in every anecdote and using it to demystify the field and connect with the reader. Importantly, these are not the stories that made the news; yet they are the ones that happen all the time. If you’ve ever wondered about the field of information security, but have been intimidated by it, or simply wished for more shared experiences, then The Security Hippie is the perfect way to open that window by accompanying Barak on some of his many travels into the land of security.
Publisher: CRC Press
ISBN: 1000530310
Category : Computers
Languages : en
Pages : 177
Book Description
The Security Hippie is Barak Engel’s second book. As the originator of the “Virtual CISO” (fractional security chief) concept, he has served as security leader in dozens of notable organizations, such as Mulesoft, Stubhub, Amplitude Analytics, and many others. The Security Hippie follows his previous book, Why CISOs Fail, which became a sleeper hit, earning a spot in the Cybercannon project as a leading text on the topic of information security management. In this new book, Barak looks at security purely through the lens of story-telling, sharing many and varied experiences from his long and accomplished career as organizational and thought leader, and visionary in the information security field. Instead of instructing, this book teaches by example, sharing many real situations in the field and actual events from real companies, as well as Barak’s related takes and thought processes. An out-of-the-mainstream, counterculture thinker – Hippie – in the world of information security, Barak’s rich background and unusual approach to the field come forth in this book in vivid color and detail, allowing the reader to sit back and enjoy these experiences, and perhaps gain insights when faced with similar issues themselves or within their organizations. The author works hard to avoid technical terms as much as possible, and instead focus on the human and behavioral side of security, finding the humor inherent in every anecdote and using it to demystify the field and connect with the reader. Importantly, these are not the stories that made the news; yet they are the ones that happen all the time. If you’ve ever wondered about the field of information security, but have been intimidated by it, or simply wished for more shared experiences, then The Security Hippie is the perfect way to open that window by accompanying Barak on some of his many travels into the land of security.
The CISO Playbook
Author: Andres Andreu
Publisher: CRC Press
ISBN: 1040164609
Category : Computers
Languages : en
Pages : 337
Book Description
A CISO is the ultimate guardian of an organization's digital assets. As a cybersecurity leader ,a CISO must possess a unique balance of executive leadership, technical knowledge, strategic vision, and effective communication skills. The ever-evolving cyberthreat landscape demands a resilient, proactive approach coupled with a keen ability to anticipate attack angles and implement protective security mechanisms. Simultaneously, a cybersecurity leader must navigate the complexities of balancing security requirements with business objectives, fostering a culture of cybersecurity awareness, and ensuring compliance with regulatory frameworks. The CISO Playbook aims to provide nothing but real-world advice and perspectives to both up-and-coming cybersecurity leaders as well as existing ones looking to grow. The book does not approach cybersecurity leadership from the perspective of the academic, or what it should be, but more from that which it really is. Moreover, it focuses on the many things a cybersecurity leader needs to “be” given that the role is dynamic and ever-evolving, requiring a high level of adaptability. A CISO's career is touched from many differing angles, by many different people and roles. A healthy selection of these entities, from executive recruiters to salespeople to venture capitalists, is included to provide real-world value to the reader. To augment these, the book covers many areas that a cybersecurity leader needs to understand, from the pre-interview stage to the first quarter and from security operations to the softer skills such as storytelling and communications. The book wraps up with a focus on techniques and knowledge areas, such as financial literacy, that are essential for a CISO to be effective. Other important areas, such as understanding the adversaries' mindset and self-preservation, are covered as well. A credo is provided as an example of the documented commitment a cybersecurity leader must make and remain true to.
Publisher: CRC Press
ISBN: 1040164609
Category : Computers
Languages : en
Pages : 337
Book Description
A CISO is the ultimate guardian of an organization's digital assets. As a cybersecurity leader ,a CISO must possess a unique balance of executive leadership, technical knowledge, strategic vision, and effective communication skills. The ever-evolving cyberthreat landscape demands a resilient, proactive approach coupled with a keen ability to anticipate attack angles and implement protective security mechanisms. Simultaneously, a cybersecurity leader must navigate the complexities of balancing security requirements with business objectives, fostering a culture of cybersecurity awareness, and ensuring compliance with regulatory frameworks. The CISO Playbook aims to provide nothing but real-world advice and perspectives to both up-and-coming cybersecurity leaders as well as existing ones looking to grow. The book does not approach cybersecurity leadership from the perspective of the academic, or what it should be, but more from that which it really is. Moreover, it focuses on the many things a cybersecurity leader needs to “be” given that the role is dynamic and ever-evolving, requiring a high level of adaptability. A CISO's career is touched from many differing angles, by many different people and roles. A healthy selection of these entities, from executive recruiters to salespeople to venture capitalists, is included to provide real-world value to the reader. To augment these, the book covers many areas that a cybersecurity leader needs to understand, from the pre-interview stage to the first quarter and from security operations to the softer skills such as storytelling and communications. The book wraps up with a focus on techniques and knowledge areas, such as financial literacy, that are essential for a CISO to be effective. Other important areas, such as understanding the adversaries' mindset and self-preservation, are covered as well. A credo is provided as an example of the documented commitment a cybersecurity leader must make and remain true to.
The Security Leader’s Communication Playbook
Author: Jeffrey W. Brown
Publisher: CRC Press
ISBN: 1000440273
Category : Business & Economics
Languages : en
Pages : 395
Book Description
This book is for cybersecurity leaders across all industries and organizations. It is intended to bridge the gap between the data center and the board room. This book examines the multitude of communication challenges that CISOs are faced with every day and provides practical tools to identify your audience, tailor your message and master the art of communicating. Poor communication is one of the top reasons that CISOs fail in their roles. By taking the step to work on your communication and soft skills (the two go hand-in-hand), you will hopefully never join their ranks. This is not a “communication theory” book. It provides just enough practical skills and techniques for security leaders to get the job done. Learn fundamental communication skills and how to apply them to day-to-day challenges like communicating with your peers, your team, business leaders and the board of directors. Learn how to produce meaningful metrics and communicate before, during and after an incident. Regardless of your role in Tech, you will find something of value somewhere along the way in this book.
Publisher: CRC Press
ISBN: 1000440273
Category : Business & Economics
Languages : en
Pages : 395
Book Description
This book is for cybersecurity leaders across all industries and organizations. It is intended to bridge the gap between the data center and the board room. This book examines the multitude of communication challenges that CISOs are faced with every day and provides practical tools to identify your audience, tailor your message and master the art of communicating. Poor communication is one of the top reasons that CISOs fail in their roles. By taking the step to work on your communication and soft skills (the two go hand-in-hand), you will hopefully never join their ranks. This is not a “communication theory” book. It provides just enough practical skills and techniques for security leaders to get the job done. Learn fundamental communication skills and how to apply them to day-to-day challenges like communicating with your peers, your team, business leaders and the board of directors. Learn how to produce meaningful metrics and communicate before, during and after an incident. Regardless of your role in Tech, you will find something of value somewhere along the way in this book.
How to Start Your Own Cybersecurity Consulting Business
Author: Ravi Das
Publisher: CRC Press
ISBN: 1000625656
Category : Business & Economics
Languages : en
Pages : 103
Book Description
The burnout rate of a Chief Information Security Officer (CISO) is pegged at about 16 months. In other words, that is what the average tenure of a CISO is at a business. At the end of their stay, many CISOs look for totally different avenues of work, or they try something else – namely starting their own Cybersecurity Consulting business. Although a CISO might have the skill and knowledge set to go it alone, it takes careful planning to launch a successful Cyber Consulting business. This ranges all the way from developing a business plan to choosing the specific area in Cybersecurity that they want to serve. How to Start Your Own Cybersecurity Consulting Business: First-Hand Lessons from a Burned-Out Ex-CISO is written by an author who has real-world experience in launching a Cyber Consulting company. It is all-encompassing, with coverage spanning from selecting which legal formation is most suitable to which segment of the Cybersecurity industry should be targeted. The book is geared specifically towards the CISO that is on the verge of a total burnout or career change. It explains how CISOs can market their experience and services to win and retain key customers. It includes a chapter on how certification can give a Cybersecurity consultant a competitive edge and covers the five top certifications in information security: CISSP, CompTIA Security+, CompTIA CySA+, CSSP, and CISM. The book’s author has been in the IT world for more than 20 years and has worked for numerous companies in corporate America. He has experienced CISO burnout. He has also started two successful Cybersecurity companies. This book offers his own unique perspective based on his hard-earned lessons learned and shows how to apply them in creating a successful venture. It also covers the pitfalls of starting a consultancy, how to avoid them, and how to bounce back from any that prove unavoidable. This is the book for burned-out former CISOs to rejuvenate themselves and their careers by launching their own consultancies.
Publisher: CRC Press
ISBN: 1000625656
Category : Business & Economics
Languages : en
Pages : 103
Book Description
The burnout rate of a Chief Information Security Officer (CISO) is pegged at about 16 months. In other words, that is what the average tenure of a CISO is at a business. At the end of their stay, many CISOs look for totally different avenues of work, or they try something else – namely starting their own Cybersecurity Consulting business. Although a CISO might have the skill and knowledge set to go it alone, it takes careful planning to launch a successful Cyber Consulting business. This ranges all the way from developing a business plan to choosing the specific area in Cybersecurity that they want to serve. How to Start Your Own Cybersecurity Consulting Business: First-Hand Lessons from a Burned-Out Ex-CISO is written by an author who has real-world experience in launching a Cyber Consulting company. It is all-encompassing, with coverage spanning from selecting which legal formation is most suitable to which segment of the Cybersecurity industry should be targeted. The book is geared specifically towards the CISO that is on the verge of a total burnout or career change. It explains how CISOs can market their experience and services to win and retain key customers. It includes a chapter on how certification can give a Cybersecurity consultant a competitive edge and covers the five top certifications in information security: CISSP, CompTIA Security+, CompTIA CySA+, CSSP, and CISM. The book’s author has been in the IT world for more than 20 years and has worked for numerous companies in corporate America. He has experienced CISO burnout. He has also started two successful Cybersecurity companies. This book offers his own unique perspective based on his hard-earned lessons learned and shows how to apply them in creating a successful venture. It also covers the pitfalls of starting a consultancy, how to avoid them, and how to bounce back from any that prove unavoidable. This is the book for burned-out former CISOs to rejuvenate themselves and their careers by launching their own consultancies.
Leveraging Blockchain Technology
Author: Shaun Aghili
Publisher: CRC Press
ISBN: 1040165265
Category : Computers
Languages : en
Pages : 234
Book Description
Blockchain technology is a digital ledger system that allows for secure, transparent and tamper-proof transactions. It is essentially an often decentralized, distributed, peer-to-peer database that is maintained by a network of computers instead of a single entity, making it highly resistant to hacking and data breaches. By providing greater security, transparency and efficiency, blockchain technology can help to create a more equitable and sustainable world. Blockchain technology has the potential to help mankind in various ways, some of which include but are not limited to: Decentralization and Transparency: Blockchain technology allows for decentralization of data and transactions, making them more transparent and accountable. This is particularly important in fields such as finance, where trust and transparency are critical. Increased Security: Blockchain technology is inherently secure due to its distributed nature, making it very difficult for hackers to compromise the system. This makes it an ideal solution for data and information storage, particularly in areas such as health and finance, where privacy and security are of utmost importance. Faster Transactions: Blockchain technology eliminates the need for intermediaries, reducing the time and cost associated with transactions. This makes it an ideal solution for international trade, remittances and other types of financial transactions, especially in parts of the world where a great number of individuals do not have access to basic banking services. Immutable Record: One of the fundamental attributes of blockchain is its immutability. Once data is added to the blockchain, it becomes nearly impossible to alter or delete. This feature ensures a tamper-resistant and reliable record of transactions, crucial for maintaining integrity in various industries, including supply chain management and legal documentation. Smart Contracts: Blockchain technology supports the implementation of smart contracts, which are self-executing contracts with the terms of the agreement directly written into code. This automation streamlines processes and reduces the risk of fraud, particularly in sectors like real estate and legal agreements. Interoperability: Blockchain’s ability to facilitate interoperability allows different blockchain networks to communicate and share information seamlessly. This attribute is pivotal for creating a unified and interconnected ecosystem, especially as various industries adopt blockchain independently. Interoperability enhances efficiency, reduces redundancy and fosters collaboration across diverse sectors. Leveraging Blockchain Technology: Governance, Risk, Compliance, Security, and Benevolent Use Cases discusses various governance, risk and control (GRC) and operational risk-related considerations in a comprehensive, yet non-technical, way to enable business leaders, managers and professionals to better understand and appreciate its various potential use cases. This book is also a must-read for leaders of non-profit organizations, allowing them to further democratize needs that we often take for granted in developed countries around the globe, such as access to basic telemedicine, identity management and banking services.
Publisher: CRC Press
ISBN: 1040165265
Category : Computers
Languages : en
Pages : 234
Book Description
Blockchain technology is a digital ledger system that allows for secure, transparent and tamper-proof transactions. It is essentially an often decentralized, distributed, peer-to-peer database that is maintained by a network of computers instead of a single entity, making it highly resistant to hacking and data breaches. By providing greater security, transparency and efficiency, blockchain technology can help to create a more equitable and sustainable world. Blockchain technology has the potential to help mankind in various ways, some of which include but are not limited to: Decentralization and Transparency: Blockchain technology allows for decentralization of data and transactions, making them more transparent and accountable. This is particularly important in fields such as finance, where trust and transparency are critical. Increased Security: Blockchain technology is inherently secure due to its distributed nature, making it very difficult for hackers to compromise the system. This makes it an ideal solution for data and information storage, particularly in areas such as health and finance, where privacy and security are of utmost importance. Faster Transactions: Blockchain technology eliminates the need for intermediaries, reducing the time and cost associated with transactions. This makes it an ideal solution for international trade, remittances and other types of financial transactions, especially in parts of the world where a great number of individuals do not have access to basic banking services. Immutable Record: One of the fundamental attributes of blockchain is its immutability. Once data is added to the blockchain, it becomes nearly impossible to alter or delete. This feature ensures a tamper-resistant and reliable record of transactions, crucial for maintaining integrity in various industries, including supply chain management and legal documentation. Smart Contracts: Blockchain technology supports the implementation of smart contracts, which are self-executing contracts with the terms of the agreement directly written into code. This automation streamlines processes and reduces the risk of fraud, particularly in sectors like real estate and legal agreements. Interoperability: Blockchain’s ability to facilitate interoperability allows different blockchain networks to communicate and share information seamlessly. This attribute is pivotal for creating a unified and interconnected ecosystem, especially as various industries adopt blockchain independently. Interoperability enhances efficiency, reduces redundancy and fosters collaboration across diverse sectors. Leveraging Blockchain Technology: Governance, Risk, Compliance, Security, and Benevolent Use Cases discusses various governance, risk and control (GRC) and operational risk-related considerations in a comprehensive, yet non-technical, way to enable business leaders, managers and professionals to better understand and appreciate its various potential use cases. This book is also a must-read for leaders of non-profit organizations, allowing them to further democratize needs that we often take for granted in developed countries around the globe, such as access to basic telemedicine, identity management and banking services.
Managing IoT Systems for Institutions and Cities
Author: Chuck Benson
Publisher: CRC Press
ISBN: 0429956568
Category : Business & Economics
Languages : en
Pages : 212
Book Description
This book defines what IoT Systems manageability looks like and what the associated resources and costs are of that manageability. It identifies IoT Systems performance expectations and addresses the difficult challenges of determining actual costs of IoT Systems implementation, operation, and management across multiple institutional organizations. It details the unique challenges that cities and institutions have in implementing and operating IoT Systems.
Publisher: CRC Press
ISBN: 0429956568
Category : Business & Economics
Languages : en
Pages : 212
Book Description
This book defines what IoT Systems manageability looks like and what the associated resources and costs are of that manageability. It identifies IoT Systems performance expectations and addresses the difficult challenges of determining actual costs of IoT Systems implementation, operation, and management across multiple institutional organizations. It details the unique challenges that cities and institutions have in implementing and operating IoT Systems.
Auditor Essentials
Author: Hernan Murdock
Publisher: CRC Press
ISBN: 1351712527
Category : Business & Economics
Languages : en
Pages : 485
Book Description
Internal auditors must know many concepts, techniques, control frameworks, and remain knowledgeable despite the many changes occurring in the marketplace and their profession. This easy to use reference makes this process easier and ensures auditors can obtain needed information quickly and accurately. This book consists of 100 topics, concepts, tips, tools and techniques that relate to how internal auditors interact with internal constitutencies and addresses a variety of technical and non-technical subjects. Non-auditors have an easy-to-use guide that increases their understanding of what internal auditors do and how, making it easier for them to partner with them more effectively.
Publisher: CRC Press
ISBN: 1351712527
Category : Business & Economics
Languages : en
Pages : 485
Book Description
Internal auditors must know many concepts, techniques, control frameworks, and remain knowledgeable despite the many changes occurring in the marketplace and their profession. This easy to use reference makes this process easier and ensures auditors can obtain needed information quickly and accurately. This book consists of 100 topics, concepts, tips, tools and techniques that relate to how internal auditors interact with internal constitutencies and addresses a variety of technical and non-technical subjects. Non-auditors have an easy-to-use guide that increases their understanding of what internal auditors do and how, making it easier for them to partner with them more effectively.