The Executive's Cybersecurity Advisor: Gain Critical Business Insight in Minutes
()
About this ebook
Today, Prevention and Detection are not 100% effective. Some attacks are not stopped by Prevention measures and go undetected. These attacks succeed; they steal data and disrupt organizations. The fact that attacks succeed makes Response the most business-critical discipline. Prevention and Detection also play crucial roles; you want the best me
Related to The Executive's Cybersecurity Advisor
Related ebooks
Fortify Your Data: A Guide to the Emerging Technologies Rating: 0 out of 5 stars0 ratings8 Steps to Better Security: A Simple Cyber Resilience Guide for Business Rating: 0 out of 5 stars0 ratingsAnti Hacking Security: Fight Data Breach Rating: 0 out of 5 stars0 ratingsCyber Intelligence-Driven Risk: How to Build and Use Cyber Intelligence for Business Risk Decisions Rating: 0 out of 5 stars0 ratingsSecurity Engineering: CISSP, #3 Rating: 0 out of 5 stars0 ratingsManaging Modern Security Operations Center & Building Perfect Career as SOC Analyst Rating: 0 out of 5 stars0 ratingsIT Security Concepts: 1, #1 Rating: 5 out of 5 stars5/5Penetration Testing Fundamentals -1: Penetration Testing Study Guide To Breaking Into Systems Rating: 0 out of 5 stars0 ratingsCyber Security Consultants Playbook Rating: 0 out of 5 stars0 ratings7 Rules To Become Exceptional At Cyber Security Rating: 5 out of 5 stars5/5Software Development Security: CISSP, #8 Rating: 0 out of 5 stars0 ratingsCan. Trust. Will.: Hiring for the Human Element in the New Age of Cybersecurity Rating: 5 out of 5 stars5/5Security Operations Center - SIEM Use Cases and Cyber Threat Intelligence Rating: 0 out of 5 stars0 ratingsIn Depth Security Rating: 0 out of 5 stars0 ratingsAsset Security: CISSP, #2 Rating: 0 out of 5 stars0 ratingsSecuring Social Media in the Enterprise Rating: 0 out of 5 stars0 ratingsCyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5A Practitioner's Guide to Adapting the NIST Cybersecurity Framework Rating: 0 out of 5 stars0 ratingsThe Cybersecurity Mindset: Cultivating a Culture of Vigilance Rating: 0 out of 5 stars0 ratingsBuilding a Practical Information Security Program Rating: 5 out of 5 stars5/5Trends In Cybersecurity: The Insider To Insider Risks Rating: 0 out of 5 stars0 ratingsCyber Security Awareness for CEOs and Management Rating: 2 out of 5 stars2/5Cybersecurity Design Principles: Building Secure Resilient Architecture Rating: 0 out of 5 stars0 ratingsCYBER SECURITY HANDBOOK Part-2: Lock, Stock, and Cyber: A Comprehensive Security Handbook Rating: 0 out of 5 stars0 ratingsAsset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations Rating: 0 out of 5 stars0 ratingsModern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization Rating: 0 out of 5 stars0 ratingsThe Secure CEO: How to Protect Your Computer Systems, Your Company, and Your Job Rating: 0 out of 5 stars0 ratingsTargeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware Rating: 5 out of 5 stars5/5
Information Technology For You
Summary of Super-Intelligence From Nick Bostrom Rating: 5 out of 5 stars5/5Inkscape Beginner’s Guide Rating: 5 out of 5 stars5/5CompTIA A+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1101 Rating: 0 out of 5 stars0 ratingsCreating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5How to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5How To Use Chatgpt: Using Chatgpt To Make Money Online Has Never Been This Simple Rating: 0 out of 5 stars0 ratingsHandbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5Cybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1 Rating: 0 out of 5 stars0 ratingsComputer Science: A Concise Introduction Rating: 4 out of 5 stars4/5Linux Command Line and Shell Scripting Bible Rating: 3 out of 5 stars3/5CompTIA ITF+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsPractical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5ChatGPT: The Future of Intelligent Conversation Rating: 4 out of 5 stars4/5Supercommunicator: Explaining the Complicated So Anyone Can Understand Rating: 3 out of 5 stars3/5CompTIA Network+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam N10-008 Rating: 0 out of 5 stars0 ratingsData Analytics for Beginners: Introduction to Data Analytics Rating: 4 out of 5 stars4/5An Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5Raspberry Pi :Raspberry Pi Guide On Python & Projects Programming In Easy Steps Rating: 3 out of 5 stars3/5Learning Microsoft Endpoint Manager: Unified Endpoint Management with Intune and the Enterprise Mobility + Security Suite Rating: 0 out of 5 stars0 ratingsThe iPadOS 17: The Complete User Manual to Quick Set Up and Mastering the iPadOS 17 with New Features, Pictures, Tips, and Tricks Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner: Study Guide with Practice Questions and Labs Rating: 5 out of 5 stars5/5The Core of Hacking Rating: 0 out of 5 stars0 ratingsCODING INTERVIEW: Advanced Methods to Learn and Excel in Coding Interview Rating: 0 out of 5 stars0 ratingsThe Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5Investigating Child Exploitation and Pornography: The Internet, Law and Forensic Science Rating: 5 out of 5 stars5/5The Programmer's Brain: What every programmer needs to know about cognition Rating: 5 out of 5 stars5/5
Reviews for The Executive's Cybersecurity Advisor
0 ratings0 reviews
Book preview
The Executive's Cybersecurity Advisor - Michael Gable
The Executive’s Cybersecurity Advisor
Gain Critical Business Insight in Minutes
Mike Gable
PICFounded in 2021, Se Methods Press makes complicated technical subjects easy to understand. These subjects include tech sales, sales engineering, IT professional services, and Cybersecurity. The views expressed in its publications are entirely those of the author and do not necessarily reflect the views of the staff, or owners of Se Methods Press.
Full Copyright Text is available at http://www.semethods.com/copyright
The Executive’s Cybersecurity Advisor
Copyright ©2021 by Mike Gable
ISBN: 978-0-9885402-4-8 (e-book)
For My Sharon
Contents
1 Executive Summary
2 Introduction & Primer
3 Core Cyber Disciplines
4 Protecting IT Assets
5 Solutions Primer
6 Cyber Conversations
7 Author’s Postscript
8 About the Author
Chapter 1
Executive Summary
If you’re concerned about spending a fortune on Information Security (Infosec), without any idea what your organization is paying for, this book is for you. Cybersecurity is easy to understand once you know the basics, starting with the big picture:
As you read this, cybercriminals are attacking every organization, including yours.
No solution or combination of solutions will stop every attack.
Noticing successful attacks and stopping them as quickly as possible reduces their costs¹ – possibly all the way to zero.
Cybercriminals have two goals: disruption and theft. They are trying to shut down your business, steal your data, or both.
Effective Cybersecurity defense is about applying three disciplines to your Information Technology assets:
Prevention – Stop as many attacks as possible
Detection – Detect the attacks Prevention missed
Response – Undo the effects of successful attacks
Today, Prevention and Detection are not 100% effective. Some attacks are not stopped by Prevention measures and go undetected. These attacks succeed; they steal data and disrupt organizations. The fact that attacks succeed makes Response the most business-critical discipline. Prevention and Detection also play crucial roles; you want the best measures you can afford. But you need to operate with the assumption that Prevention and Detection will eventually fail. And when they fail, your organization needs a Response plan.
A CEO told me he was concerned about his organization falling victim to Ransomware attacks, since a number of companies have paid millions in Cyber-ransom. He asked his Cybersecurity leader, What are we doing about Ransomware?
The answer was basically, Don’t worry. We have great prevention measures in place.
That answer is likely accurate, but it was the wrong question. The question, What will we do if a Ransomware attack shuts down our organization?
gets to the heart of the issue. Even the best Prevention measures fail, and some attacks move so fast there is little time to detect them and limit their damage.
There are hundreds of Cybersecurity vendors with thousands of competing solutions. This book is not about selecting any particular solution. Instead, it explains the three Core Cybersecurity Disciplines (Prevention, Detection, and Response) and shows how they apply to each information asset type – all without incomprehensible jargon and unexplained acronyms. It then provides questions and talking points for conversations with Cybersecurity leaders that will provide clarity into how they direct your organization’s Cybersecurity budget.
Learn everything you need in the following pages or skip to Chapter 6 and dive into a conversation with your Infosec leader. When you understand the basics, Cybersecurity is manageable.
Chapter 2
Introduction & Primer
This book provides non-technical business leaders with the information needed to understand, review, and approve Cybersecurity investments. To the uninitiated, Cyber is an incomprehensible labyrinth of arcane and expensive solutions, all somehow working to prevent costly breaches.
Introduction
Every month or so, talk of a major breach hits every news outlet. It seems that even organizations with the biggest budgets and the best talent are powerless to stop attackers. In reality, Infosec teams stop attacks every day, but attacks keep coming as attackers get more motivated and sophisticated. Some say Cybersecurity is simply about keeping all the windows and doors to our information systems locked. The statement is true, but it ignores complexity and scale. There are millions of windows and doors in the typical organization, some of them move while others appear and disappear. Cybersecurity practitioners work to find and lock every door and window – a huge job. Attackers only need to find one unlocked door, or one lock they can break before getting caught.
I’ve met with CEOs, CFOs, and CAEs