eBook - ePub
The CISO Evolution
Business Knowledge for Cybersecurity Executives
Matthew K. Sharp,Kyriakos Lambros
This is a test
Partager le livre
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
The CISO Evolution
Business Knowledge for Cybersecurity Executives
Matthew K. Sharp,Kyriakos Lambros
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
Learn to effectivelydeliver businessaligned cybersecurityoutcomes
In TheCISO Evolution: Business Knowledge for Cybersecurity Executives, information security experts Matthew K. Sharp and Kyriakos "Rock" Lambros deliveran insightful and practicalresource to help cybersecurity professionalsdevelop the skills they need to effectively communicatewithsenior management and boards.Theyassertbusiness aligned cybersecurityiscrucialand demonstratehowbusiness acumen is being put into actionto delivermeaningful business outcomes.
The authors use illustrative storiesto show professionals how to establish an executive presence and avoid the most common pitfallsexperienced by technology experts when speaking and presenting to executives. The book will show you how to:
- Inspire trust in senior business leaders by properly aligning and setting expectations around risk appetite and capital allocation
- Properly characterize the indispensable role of cybersecurity in your company's overall strategic plan
- Acquire the necessary funding and resources for your company's cybersecurity programand avoid the stress and anxiety that comes with underfunding
Perfect forsecurity and risk professionals, IT auditors, and risk managers looking for effective strategies to communicate cybersecurity concepts and ideas to business professionals without a background intechnology. The CISO Evolution is also a must-read resource forbusinessexecutives, managers, and leadershoping to improvethe quality of dialogue with their cybersecurity leaders.
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que The CISO Evolution est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă The CISO Evolution par Matthew K. Sharp,Kyriakos Lambros en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Informatique et Cryptographie. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
PART I
Foundational Business Knowledge
CHAPTER 1
Financial Principles
Embrace Reality and Deal with It.â Ray Dalio
Opportunity
It's easy to get distracted by how you think things should be. Yet, it is critical to understand how they really are. Early in my career, I often identified ways that would make my work more efficient. When there was a dependency on resources I didn't have, I usually stewed in frustration about how stupid the people were who designed such a flawed system in the first place.
It wasn't until years later that I learned optimizing all parts of a system does not necessarily optimize the system itself. You see, every organization has a mission and limited resources. Today, nearly all organizations in the modern economy deliver value through technology. However, not all organizations and leaders agree upon the importance of cybersecurity.
As a cybersecurity leader, it's your job to educate, build consensus, and secure necessary resources. Organizational mission and cybersecurity goals must be aligned. I think Malcolm Harkins said it best: âWe provide protection that enables information to flow through the organization, our partners, and our customers. We protect the technology that our organizations create to provide new experiences and opportunities for our customers.â1
Now, imagine for a moment you are on vacation and you've decided to travel internationally. The country you're visiting speaks another language. You've done your part to learn a few keywords before your arrival, so you have the basic vocabulary. You can count to 10, you can ask about the time, and you know different words that indicate modes of transportation.
There you sit in the terminal at the bus station, and the time comes for your bus to leave. You make your way to the platform and discover â no bus. Of course, you don't know if you missed the bus, if it is late, or if they simply changed the platform. When you turn to ask a passerby, they don't speak your language. You go back to the information desk and ask for help. The attendant offers hints at what to do through gestures, but you remain a bit uncertain. The attendant tells you what you can only make out to mean âThe bus will come 8.â
What does that mean? Bus #8, platform 8, at 8 p.m., in 8 minutes â there's no way to be sure because neither of you possesses adequate language.
It is precisely this experience that happens worldwide as companies decide how much they should invest in cybersecurity. Without a foundational understanding of accounting and financial principles you are unlikely to succeed in securing the appropriate resources required so that you may effectively protect and enable your organization.
What is also true is that business leaders speak the language of business. They are dependent upon you to communicate about your topic of expertise, cybersecurity, in a language they can understand.
This concept isn't new â we've been hearing about it for several decades now. You'll encounter the phrase âspeak in business languageâ in professional journals and conferences alike. Yet, there seems to be very little information available to outline the critical vocabulary and concepts that cybersecurity practitioners need to secure their âseat at the table.â
Principle
The focus of this first chapter is to establish critical vocabulary and fundamental business knowledge. We will briefly overview several terms only to the extent required to understand their application. Naturally, these terms have been covered in detail elsewhere. When possible, we will point to our favorite resources. These resources emphasize cheap or free, easy to consume, and available in a convenient format. That should help you dig into various topics that pique your interest or prove weak points in your knowledge base. We think you'll pick up a few of the most valuable nuggets right here in this very first chapter, so resist your temptation to skip forward.
To get you started, I'll share the approach I used to structure my pursuit of business acumen. At the time, I was a consultant, and a high percentage of my work weeks included commuting by plane to a customer site.
That's where I learned about Josh Kaufman's The Personal MBA (https://personalmba.com/), which touts âA world-class business education in a single volume.â Since I am perhaps the slowest reader in the world, I decided to expedite my knowledge acquisition by leveraging getAbstract (https://www.getabstract.com/), which as of this writing, claims to contain âthe key insights of 20,000+ nonfiction books summarized into compelling 10-minute reads.â These were a great start, but ultimately, I obtained an MBA because I wasn't confident that my cursory review was sufficient. We hope this book can be an alternative, serving as a shortcut to the long nights and imbalance that a master's degree can impose on your personal life.
Conceptually there are relatively few things you need to master from this chapter. You need to know a handful of vocabulary words, how to read and understand financial statements, and how to apply them to your role as a cybersecurity leader. The good news is â that's it â from an accounting and finance perspective!
It is worth mentioning that later in the book, we'll continue to infuse these foundational business concepts with other topics intended to develop more complete business acumen, including Part II â Communication and Education and Part III â Cyber Security Leadership. So let's dive in with our first topic.
Financial Statements
There are three financial statements. The Income Statement offers a window into profit performance on a specific date. Th...