We dedicate Volume 2 to the cybersecurity program. Now we can begin to describe how to prepare the organization to be the resilient organization we believe will be necessary to succeed in the digital world we compete in today. Section 3: Resilience covers tools and techniques, emerging technology, cyber awareness training, monitoring your environment, threat intelligence, and continuity planning. Section 4: Recovery addresses incident response, recovering and resuming operations, and forensics and post-mortem. In the final chapter, we walk through building a strategic plan.
After we address the basics and governance in Volume 1, we begin to explore the tactical requirements for any cybersecurity program. We dedicate six chapters in Volume 2 to resilience. We do a deep dive into tools and techniques, both from the perspective of which business processes to prioritize and how to construct a toolkit that allows the cybersecurity team to meet those needs. The technologies used at your organization and throughout today’s interconnected networks typically don’t have a fully defined perimeter. Instead, they are designed for the mobile worker and geo-dispersed teams with numerous third-party connections to vendors and trusted partners. We address educating the staff and the organization, monitoring the health and security of the organization’s digital assets, and using threat intelligence to help the organization stay ahead of (or at least keep up with) the changing threat landscape.
It is these new network infrastructures that exist in the cloud, in shared data centers, and on mobile devices that force CISOs to revisit their strategic plans frequently so they can implement the cybersecurity program that appropriately addresses and reduces the organization’s risks while helping the business unlock opportunity.
Finally, we discuss using this focus on health, monitoring, and threats to inform the backups and recovery planning, which are essential to helping the organization rebound from any disrupting event, not just a cyber event.
All of this sets the stage for dealing with the inevitable flood of incidents, significant and minor. We believe that by treating the minor incidents with the same formal process applied to more significant incidents, the organization can stay sharp and respond with more agility to the existential threats that are becoming all too common. Key to that preparedness is the communication program that keeps the organization informed and responding as one. And finally, wrapping up the program, we discuss recovery and resuming operations along with a deep dive into what went wrong and what we can learn from the entire episode through an exploration of forensics and the post-mortem process.
Praise for the Book
“This book, and its volume one companion, will provide any CISO, newbie or ragged veteran, the reference material to build and improve their security programs.”
CSO – Palo Alto Networks
“In this, the second instalment of The CISO Desk Reference Guide, Stamper, Hayslip and Bonney team up once again to deliver a seamless continuation of its predecessor. Each author gives us a revealing lens through which to view the remit of a CISO… they challenge the reader to operate to a much higher standard, explaining exactly how to do so. The book’s power resides in each author’s ability to synthesize and to present this in pragmatic prose, conveying the importance of the role of a CISO.”
Founder of Cyber Security Capital, Board Advisor ClubCISO, U.K.
“The best disposition I have read on how to, in practical terms, address the cyber talent scarcity issue. We’ve been talking about the problem for years…the authors give actionable steps for how CISOs can build a “blended capability” program – FTE hiring, cross- and up-skilling existing talent, creating security evangelists across the organization, and leveraging MSSPs for commodity functions. This scarcity of skills is not going away, so it’s crucial we take pragmatic steps to address it.”
Chief Security Office – Barclays Africa Group Ltd.
“This is how it’s done, plain and simple. This is the Rosetta Stone of security, connecting the technology, the business and the people. The devil is in the details, and this book details it in a way that is personal, usable and, above all, practical.”
CSO – Cybereason
“Volume 2 applies the very original and effective Desk Reference approach to more key CISO concerns, from the cybersecurity skills gap to incident response and crisis management.”
Stephen Cobb, CISSP
Senior Security Researcher, ESET North America
“This CISO Desk Reference, Volume 2, is by far the best CISO reference available today…. If you are aspiring to become a CISO, this book will help you design a comprehensive security program… If you are currently a CISO, this book will provide you unique guidance about the strategic and operational intricacies of a modern security program!”
CISO – Ellie Mae
“The second volume of the CISO Desk Reference Guide is a perfect continuation of the definitive first volume. Volume 2 provides insights, best practices and utility in useful and practical chapters. I am grateful to the authors for generously sharing their years of hard-earned experience and knowledge. They are raising the bar for security professionals everywhere.”
Chief Information Security Officer – ResMed
“AMAZING! I JUST LOVED THE BOOK! Being a new CISO, I have got to be learning every day… The authors have only emphasised that, promoting continuous learning for the CISOs. They did an amazingly great job.”
Magda Lilia Chelly, CISSP, PhD
Managing Director | CISO As A Service
Responsible Cyber Pte. Ltd., Singapore