Cybersecurity: A Business Solution: An executive perspective on managing cyber risk

Front Cover
Threat Sketch, LLC, Sep 26, 2017 - Business & Economics - 100 pages

 As a business leader, you might think you have cybersecurity under control because you have a great IT team. But managing cyber risk requires more than firewalls and good passwords. Cash flow, insurance, relationships, and legal affairs for an organization all play major roles in managing cyber risk. Treating cybersecurity as “just an IT problem” leaves an organization exposed and unprepared. Therefore, executives must take charge of the big picture.

Cybersecurity: A Business Solution is a concise guide to managing cybersecurity from a business perspective, written specifically for the leaders of small and medium businesses. In this book you will find a step-by-step approach to managing the financial impact of cybersecurity. The strategy provides the knowledge you need to steer technical experts toward solutions that fit your organization’s business mission. The book also covers common pitfalls that lead to a false sense of security. And, to help offset the cost of higher security, it explains how you can leverage investments in cybersecurity to capture market share and realize more profits.

The book’s companion material also includes an executive guide to The National Institute of Standards and Technology (NIST) Cybersecurity Framework. It offers a business level overview of the following key terms and concepts, which are central to managing its adoption.

- Tiers

- Profiles

- Functions

- Informative References



Strategic Cyber Risk Management
Objectives and Risk Assessments
Prevention and Preparedness
Regulatory Pressures on Prevention and Preparedness
Budget Planning
Implementation and Beyond
About the Author

Common terms and phrases

About the author (2017)

Rob Arnold is a retired Senior Advisor for Cybersecurity and Risk Management to the National Risk Management Center, which is a division of Homeland Security’s Cybersecurity and Infrastructure Security Agency.  Among other projects, he spearheaded the establishment of the first National Critical Functions Risk Register to help senior government leaders prioritize and coordinate risk management objectives across the entire government ecosystem.  Prior to joining the National Risk Management Center, Mr. Arnold served as the CEO of Threat Sketch, a data and analytics firm specializing in solutions for large scale cyber risk management problems. He completed his graduate studies in information security at East Carolina University and is certified in risk and information systems control by ISACA. He is the author of Cybersecurity: A Business Solution, a definitive guide to managing cyber risk in small organizations.  Before joining the National Risk Management Center, he represented the interests of small organizations before Congress and through participation in key Homeland Security events.  Mr. Arnold is a founding member of the ICT Supply Chain Task Force Executive Council. He served as the first chairman of the North Carolina Center for Cybersecurity and sat on advisory boards for the University of North Carolina at Greensboro, Forsyth Technology Community College and the University of North Carolina at Wilmington. 

Bibliographic information