CISO DRG Publishing is proud to announce the publication of two new books in the Small Business Series. These are successor books to Bring Your Own Cyber, originally published in 2020. Protect Your Business: A Small Business Guide to Basic Cybersecurity is written for small businesses and Protect Your Practice: Basic Cybersecurity for Healthcare, Legal and Financial Professionals is tailored specifically to small independent offices is professional services.

The eight chapters in these books teach readers the basics. They use plain language to small owners and independent professionals how to become more secure. They include prudent steps readers can take right away to be more secure and every chapter comes with “Pro Steps” to take it to the next level.

Available for immediate sale, Matt, Gary, and Bill congratulate Bill and David. Good work, guys!

CISO DRG Publishing is proud to announce the publication of Cyber Crisis Response:  Leveraging the SONAR Method to Accelerate Response and Recovery, by Andrew Gorecki and Christopher Scott.

In Cyber Crisis Response, Andrew and Chris introduce The SONAR Method™, a proven, proprietary framework they developed through years of being on the front line, responding to cyber crises as the unfold. Andrew and Chris have lived in the trenches of crisis response, this book describes many of the common pitfalls and their battle-tested solutions. There is no better way to learn than to do it yourself, but understanding the lessons others have learned is essential to help you prepare.

Crisis response is a complex undertaking that requires the coordination of multiple, often conflicting, activities. No playbook replaces experience and critical thinking. Using The SONAR Method will help any practitioner:

• Understand how to stabilize an environment during a cyber attack
• Learn how to organize the team and resources needed to resolve the situation
• Facilitate negotiations across a wide variety of stakeholders involved in the crisis
• Discover how to effectively articulate and communicate the situation and resolution to a broad range of stakeholders
• Develop the specific action plan required to remediate and recover from the incident

With a foreword written by George Kurtz, President/CEO and co-founder of CrowdStrike, Cyber Crisis Response is the essential resource for you to up your game and respond with confidence when the inevitable cyber crisis strikes.

Available for immediate sale, Matt, Gary, and Bill congratulate Andrew and Chris. Well done, gentlemen!

In this episode, Host Ron Eddings catches up with repeat guest, Gary Hayslip, CISO at SoftBank Investment Advisors and co-author of CISO Desk Reference guide. Gary explains that the varied nature of his current CISO role contrasts with the broader industry trends. He discusses how that nature plays into the CISO hiring process and career path, as well as how his books are helping to bridge the gap among professionals. 

Impactful Moments:

00:00 – Welcome 

00:59 – Introducing guest, Gary Hayslip 

01:38 – The Path to Becoming a CISO 

08:04 – CSO vs CISO 

10:47 – “I’m firing you…” 

15:03 – Interviewing for the CISO role 

17:56 – Join Our Mastermind 

18:39 – Being ‘Mr. Maybe’ 

21:41 – CISO- A Day in the Life 

24:50 – Using Books to Pave the Way 

Links:

• Connect with Gary on LinkedIn: https://www.linkedin.com/in/ghayslip/
• Check out Gary’s Books on Amazon

CISO DRG Publishing is pleased to announce publication of the second edition of The Essential Guide to Cybersecurity for SMBs: Practical Advice for CISOs at Small and Medium Size Businesses, by Gary Hayslip, co-founder of CISO DRG Publishing.

Gary wrote the first edition of The Essential Guide to Cybersecurity for SMBs in February of 2020, and this book has been a wonderful resource to cybersecurity professions and small and medium size businesses. If the three years since the first edition came out have taught us anything, it’s that smaller firms now have just as big a target and the experience Gary shares has never been timelier.

The second edition has been updated with new insights and updated references. Congratulations, Gary, and thank you for updating this important work.

InfraGard National Members Alliance is pleased to announce our instructors and speakers for Cyber Defenders, presented in partnership with RSA Conference.

During this immersive two-day workshop, receive briefings from the FBI’s cyber and counterintelligence divisions, explore cyber laws shaping the regulatory environment, and discuss what constitutes ‘reasonable security’ with two experts who literally wrote the book on the subject. Sessions focused on leveraging threat intelligence and implementing effective insider-threat programs will provide attendees with practical steps they can take to manage risk in their organizations. #InfraGard

View the agenda at https://lnkd.in/gAhzbaRj

Register by the March 10 deadline at https://lnkd.in/gaKiiJZG

Information Governance Leadership Summit:
March 30 & 31
San Diego, California

Attendance includes: 2 Workshops, breakfasts, lunches, breaks, 2 signed books & a networking reception

Click here to register!

About the Agenda

Day 1: Drafting Effective IG Policies
Effective Policy Writing has been cited by IG pros in recent research as a top priority and key to successful IG programs. Day One of the 2nd Annual CIGO Association “Information Governance Leadership Summit” will bring together IG leaders from around the world for a deep dive with renowned policy expert Lewis Eisen, author of, “Respectful Policies and Directives: How to Write Rules People Want to Follow.”

Networking Reception

To close the first day, we will hold a Networking Reception at the hotel, with appetizers and an open bar. We want to encourage forming bonds and long-term business relationships to help advance careers, and the field of IG.

Day 2: Privacy Program Management and Info Risk Management

Privacy & Cybersecurity expert, Justine Phillips, Partner at the major law firm DLA Piper, along with Cybersecurity expert Matt Stamper, CIPP/US, CISA, CISM, CRISC, CDPSE, QTE, the “CISO to CISOs” will present a two-part workshop on Privacy Program Management, and Information Risk Management, based on their book, “Data Privacy Program Guide: How to Build a Privacy Program the Inspires Trust.”

We will also have a panel discussion of leading experts in IG and InfoRisk.

Cost: $1495, includes all materials, meals, reception, and breaks.

14 hours of Continuing Education Units approved by CIGO Association

Seating is limited. So register today.

CISO DRG is pleased to announce publication of the second edition of Creating a Small Business Cybersecurity Program: A Non-Technical Guide for Small Business Owners.

After the first edition of this book was initially published in July 2020, using the CIS Controls® version 7.1, the CIS Controls® underwent a major update to version 8, issued in May 2021. The new version emphasizes the three Implementation Groups and expanded Implementation Group 1 (IG1), which applies primarily to small-to-medium businesses (SMBs). Another change in v.8 is having only 18 primary controls rather than 20. The Controls v.7.1 started with 43 Safeguards for IG1, then through revision, realignment, or incorporation into other Safeguards; IG1 v.8 has 56 Safeguards. These Safeguards are the key to achieving the security objectives identified in the overall CIS Controls®.

This Second Edition has incorporated the v.8 Safeguards into the book’s content, so that small business owners can follow simple, step-by-step approach to implementing these new safeguards in their company. Other changes are also included in the edition to bring the information up-to-date and provide new guidance on best industry practices.

(The following is taken from the introduction to the addendum)

After the book was initially published in July 2020, using the CIS Controls^® version 7.1, the CIS Controls^® underwent a major update to version 8, issued in May 2021. The new version emphasizes the three Implementation Groups, including an expanded Implementation Group 1 (IG1), which applies primarily to small-to-medium businesses (SMBs). Another change in v.8 is now having only 18 primary Controls, rather than 20. In addition, the book only focused on 37 Safeguards; however, IG1 started with 43 Safeguards in v.7.1. In v.8, 11 new Safeguards were added to IG1, while others were revised or merged into other Safeguards. This Addendum will address all of the v.8 IG1 Safeguards, even if the v.7.1 equivalent was not provided explicitly in the book.

This Addendum aims to provide businesses with a guide to take you from v.7.1 into the new v.8 Safeguards while maintaining the categorization structure created in the book. This Addendum will walk you through, chapter-by-chapter, first the changed Safeguards and then the newly added Safeguards within the categories for each chapter. The four chapters that identify key Safeguards will continue to address the same groupings of control measures, as listed below.

• Chapter 11—Key Safeguards for SMBs (“The Basics”)
• Chapter 12—Implementing Administrative and Configuration Controls
• Chapter 13—Implementing User Controls and Training
• Chapter 14—Implementing Incident and Breach Controls

In addition to the changes to the Safeguards in the CIS Controls, in July 2022, we updated the governance documents associated with the book and made them available at: Version 8 Addendum to Creating a Small Business Cybersecurity Program Control

CISO DRG Publishing is pleased to announce the availability of the Data Privacy Program Guide: How to Build a Privacy Program that Inspires Trust, the first book in the CISO Desk Reference Guide® Governance Series. This book was written by David Goodman, Justine Phillips, and Matt Stamper and is intended for Chief Privacy Officers and privacy professionals at all levels of the organization. This book focuses on building and managing privacy programs. From the author’s extensive and varied backgrounds, readers will gain unique insights, practical advice, and inspiration. Privacy professionals will learn how to create a privacy program that will help you improve your relationship with your customers while giving you the foundation for complying with the dizzying maze of privacy regulations. This is a groundbreaking book in the privacy space.

Congratulations David, Justine, and Matt, well done!