A comprehensive overview for directors aiming to meet their cybersecurity responsibilities
In Cyber Guardians: Empowering Board Members for Effective Cybersecurity, veteran cybersecurity advisor Bart McDonough delivers a comprehensive and hands-on roadmap to effective cybersecurity oversight for directors and board members at organizations of all sizes. The author includes real-world case studies, examples, frameworks, and blueprints that address relevant cybersecurity risks, including the industrialized ransomware attacks so commonly found in today's headlines.
In the book, you'll explore the modern cybersecurity landscape, legal and regulatory requirements, risk management and assessment techniques, and the specific role played by board members in developing and promoting a culture of cybersecurity. You'll also find:
Examples of cases in which board members failed to adhere to regulatory and legal requirements to notify the victims of data breaches...
Author(s): Bart R. McDonough
Publisher: Wiley
Year: 2023
Language: English
Pages: 174
Cover
Table of Contents
Title Page
Preface: What to Expect from This Book
Chapter 1: Introduction
Summary of a Board's Incident Response
Checklist for a Board's Incident Response
Chapter 2: Cybersecurity Basics
CIA Framework
Key Cybersecurity Concepts and Terminology for Board Members
Common Cyber Threats and Risks Faced by Companies
Key Technologies and Defense Strategies
Threat Intelligence
Threat Actors
MITRE ATT&CK Framework
Chapter 2 Summary
Chapter 3: Legal and Regulatory Landscape
Overview of Relevant Cybersecurity Regulations and Laws
Discussion of Compliance Requirements and Industry Standards
Individual Director Liability
Chapter 3 Summary
Chapter 4: Board Oversight of Cybersecurity
The Board's Role in Overseeing Cybersecurity Strategy
Developing an Effective Cybersecurity Governance Framework
Best Practices for Board Engagement and Reporting
Overcoming Objections to Effective Cybersecurity Oversight
Promoting a Cybersecurity Culture
Chapter 4 Summary
Chapter 5: Board Oversight of Cybersecurity: Ensuring Effective Governance
The Role of the Board in Overseeing Cybersecurity
Developing an Effective Cybersecurity Governance Framework
Strategies for Identifying, Assessing, and Prioritizing Cyber Risks
Conducting Cybersecurity Risk Assessments
How to Develop and Promote a Culture of Cybersecurity
Chapter 5 Summary
Chapter 6: Incident Response and Business Continuity Planning
Implementing Cybersecurity Policies and Procedures
Incident Response and Business Continuity Planning
Incident Response Planning
Defining the Types of Assessments
Chapter 6 Summary
Chapter 7: Vendor Management and Third-Party Risk
The Importance of Third-Party Risk Management for Board Members
Best Practices for Managing Third-Party Cyber Risk
Legal and Regulatory Considerations in Third-Party Risk Management
Sample Questions to ask Third-Party Vendors
Chapter 7 Summary
Chapter 8: Cybersecurity Training and Awareness
Importance of Cybersecurity Awareness for All Employees
Strategies for Providing Effective Training and Awareness Programs
More Detail on Effective Training Strategies
Chapter 8 Summary
Chapter 9: Cyber Insurance
Understanding Cyber Insurance
Key Components of Cyber Insurance
Evaluating and Purchasing Cyber Insurance
Managing and Reviewing the Cyber Insurance Policy
Chapter 9 Summary
Chapter 10: Conclusion: Moving Forward with Cybersecurity Governance
The Board's Role in Cybersecurity Governance
Key Takeaways and Action Items for Board Members
Chapter 10 Summary
Appendix A: Checklist of Key Considerations for Board Members
Appendix B: Sample Questions
Appendix C: Sample Board Meeting Agenda
Appendix D: List of Key Vendors
Appendix E: Cybersecurity Resources
Appendix F: Cybersecurity Books
Appendix G: Cybersecurity Podcasts
Appendix H: Cybersecurity Websites and Blogs
Appendix I: Tabletop Exercise: Cybersecurity Incident Response
Appendix J: Articles
About the Author
Acknowledgments
Index
Copyright
Dedication
End User License Agreement
