The Cyber Risk Handbook: Creating and Measuring Effective Cybersecurity Capabilities (Wiley Finance)

The Cyber Risk Handbook: Creating and Measuring Effective Cybersecurity Capabilities (Wiley Finance)

By: Domenic Antonucci (author)Hardback

Only 1 in stock

£42.25 RRP £65.00  You save £22.75 (35%) With FREE Saver Delivery


Actionable guidance and expert perspective for real-world cybersecurity The Cyber Risk Handbook is the practitioner's guide to implementing, measuring and improving the counter-cyber capabilities of the modern enterprise. The first resource of its kind, this book provides authoritative guidance for real-world situations, and cross-functional solutions for enterprise-wide improvement. Beginning with an overview of counter-cyber evolution, the discussion quickly turns practical with design and implementation guidance for the range of capabilities expected of a robust cyber risk management system that is integrated with the enterprise risk management (ERM) system. Expert contributors from around the globe weigh in on specialized topics with tools and techniques to help any type or size of organization create a robust system tailored to its needs. Chapter summaries of required capabilities are aggregated to provide a new cyber risk maturity model used to benchmark capabilities and to road-map gap-improvement. Cyber risk is a fast-growing enterprise risk, not just an IT risk. Yet seldom is guidance provided as to what this means. This book is the first to tackle in detail those enterprise-wide capabilities expected by Board, CEO and Internal Audit, of the diverse executive management functions that need to team up with the Information Security function in order to provide integrated solutions. * Learn how cyber risk management can be integrated to better protect your enterprise * Design and benchmark new and improved practical counter-cyber capabilities * Examine planning and implementation approaches, models, methods, and more * Adopt a new cyber risk maturity model tailored to your enterprise needs The need to manage cyber risk across the enterprise inclusive of the IT operations is a growing concern as massive data breaches make the news on an alarmingly frequent basis. With a cyber risk management system now a business-necessary requirement, practitioners need to assess the effectiveness of their current system, and measure its gap-improvement over time in response to a dynamic and fast-moving threat landscape. The Cyber Risk Handbook brings the world's best thinking to bear on aligning that system to the enterprise and vice-a-versa. Every functional head of any organization must have a copy at-hand to understand their role in achieving that alignment.

About Author

DOMENIC ANTONUCCI is a practicing international chief risk officer overseeing cybersecurity and a former counter-terrorist officer. Based in Dubai, UAE, he specializes in bringing organizations "up the risk maturity curve." He is the content author for the Benchmarker Risk Maturity Model software and author of Risk Maturity Models.


Foreword by Ron Hale xxiii About the Editor xxxi List of Contributors xxxiii Acknowledgments xxxv CHAPTER 1 Introduction 1 Domenic Antonucci, Editor and Chief Risk Officer, Australia CHAPTER 2 Board Cyber Risk Oversight 11 Tim J. Leech, Risk Oversight Solutions Inc., Canada Lauren C. Hanlon, Risk Oversight Solutions Inc., Canada CHAPTER 3 Principles Behind Cyber Risk Management 23 RIMS, the risk management society Carol Fox, Vice President, Strategic Initiatives at RIMS, USA CHAPTER 4 Cybersecurity Policies and Procedures 35 The Institute for Risk Management (IRM) Elliot Bryan, IRM and Willis Towers Watson, UK Alexander Larsen, IRM, and President of Baldwin Global Risk Services Ltd., UK CHAPTER 5 Cyber Strategic Performance Management 67 McKinsey & Company James M. Kaplan, Partner, McKinsey & Company, New York, USA Jim Boehm, Consultant, McKinsey & Company, Washington, USA CHAPTER 6 Standards and Frameworks for Cybersecurity 81 Stefan A. Deutscher, Principal, Boston Consulting Group (BCG), Berlin Germany William Yin, Senior Partner and Managing Director, Boston Consulting Group (BCG), Hong Kong CHAPTER 7 Identifying, Analyzing, and Evaluating Cyber Risks 97 Information Security Forum (ISF) Steve Durbin, Managing Director, Information Security Forum Ltd. CHAPTER 8 Treating Cyber Risks 109 John Hermans, Cyber Lead Partner Europe, Middle East, and Africa at KPMG, The Netherlands Ton Diemont, Senior Manager at KPMG, The Netherlands CHAPTER 9 Treating Cyber Risks Using Process Capabilities 123 ISACA Todd Fitzgerald, CISO and ISACA, USA CHAPTER 10 Treating Cyber Risks Using Insurance and Finance 143 Aon Global Cyber Solutions Kevin Kalinich, Esq., Aon Risk Solutions Global Cyber Insurance Practice Leader, USA CHAPTER 11 Monitoring and Review Using Key Risk Indicators (KRIs) 159 Ann Rodriguez, Managing Partner, Wability, Inc., USA CHAPTER 12 Cybersecurity Incident and Crisis Management 171 CLUSIF Club de la Securite de l Information Francais Gerome Billois, CLUSIF Administrator and Board Member Cybersecurity at Wavestone Consultancy, France CHAPTER 13 Business Continuity Management and Cybersecurity 185 Marsh Sek Seong Lim, Marsh Risk Consulting Business Continuity Leader for Asia, Singapore CHAPTER 14 External Context and Supply Chain 193 Supply Chain Risk Leadership Council (SCRLC) Nick Wildgoose, Board Member and ex-Chairperson of SCRLC, and Zurich Insurance Group, UK CHAPTER 15 Internal Organization Context 207 Domenic Antonucci, Editor and Chief Risk Officer, Australia Bassam Alwarith, Head of the National Digitization Program, Ministry of Economy and Planning, Saudi Arabia CHAPTER 16 Culture and Human Factors 243 Avinash Totade, ISACA Past President UAE Chapter and Management Consultant, UAE Sandeep Godbole, ISACA Past President Pune Chapter, India CHAPTER 17 Legal and Compliance 255 American Bar Association Cybersecurity Legal Task Force Harvey Rishikof, Chair, Advisory Committee to the Standing Committee on Law and National Security, USA Conor Sullivan, Law Clerk for the Standing Committee on National Security, USA CHAPTER 18 Assurance and Cyber Risk Management 271 Stig J. Sunde, Senior Internal Auditor (ICT), Emirates Nuclear Energy Corporation (ENEC), UAE CHAPTER 19 Information Asset Management for Cyber 281 Booz Allen Hamilton Christopher Ling, Executive Vice President, Booz Allen Hamilton, USA CHAPTER 20 Physical Security 289 Radar Risk Group Inge Vandijck, CEO, Radar Risk Group, Belgium Paul Van Lerberghe, CTO, Radar Risk Group, Belgium CHAPTER 21 Cybersecurity for Operations and Communications 309 EY Chad Holmes, Principal, Cybersecurity, Ernst & Young LLP (EY US) James Phillippe, Principal, Cybersecurity, Ernst & Young LLP (EY US) CHAPTER 22 Access Control 321 PwC Sidriaan de Villiers, Partner Africa Cybersecurity Practice, PwC South Africa CHAPTER 23 Cybersecurity Systems: Acquisition, Development, and Maintenance 335 Deloitte Michael Wyatt, Managing Director, Cyber Risk Services, Deloitte Advisory, USA CHAPTER 24 People Risk Management in the Digital Age 347 Airmic Julia Graham, Deputy CEO and Technical Director at Airmic, UK CHAPTER 25 Cyber Competencies and the Cybersecurity Offi cer 359 Ron Hale, PhD, CISM, ISACA, USA CHAPTER 26 Human Resources Security 369 Domenic Antonucci, Editor and Chief Risk Offi cer, Australia Epilogue 375 Becoming CyberSmart TM: a Risk Maturity Road Map for Measuring Capability Gap-Improvement Domenic Antonucci, Editor and Chief Risk Officer (CRO), Australia Didier Verstichel, Chief Information Security Offi cer (CISO) and Chief Risk Officer (CRO), Belgium Background 375 Becoming CyberSmartTM 376 About Domenic Antonucci 392 About Didier Verstichel 392 Glossary 393 Index 399

Product Details

  • ISBN13: 9781119308805
  • Format: Hardback
  • Number Of Pages: 448
  • ID: 9781119308805
  • weight: 686
  • ISBN10: 1119308801

Delivery Information

  • Saver Delivery: Yes
  • 1st Class Delivery: Yes
  • Courier Delivery: Yes
  • Store Delivery: Yes

Prices are for internet purchases only. Prices and availability in WHSmith Stores may vary significantly