The book will give you a good understanding of the fundamentals of cybersecurity and resilience, without tying them to specific standards, frameworks, or solutions, and provide an excellent starting point for any cyber resilience implementation project.
Technology and vast quantities of data play a considerable role in everyday life, both personal and professional.
For the foreseeable future (and perhaps beyond), the growth and prominence of data in business shows no signs of slowing down, even if the technology in question will likely change in ways perhaps unimaginable today. Naturally, all this innovation brings huge opportunities and benefits to organizations and people alike. However, these come at more than just a financial cost.
In the world as we know it, you can be attacked both physically and virtually. For today’s organizations, which rely so heavily on technology – particularly the Internet – to do business, being attacked virtually is the far more threatening of the two. The cyber threat landscape is complex and constantly changing. For every vulnerability fixed, another pops up, ripe for exploitation. Worse, when a vulnerability is identified, a tool that can exploit it is often developed and used within hours – faster than the time it normally takes for the vendor to release a patch, and certainly quicker than the time many organisations take to install that patch.
This book is divided into two parts:
Part 1 is designed to give you a concise but solid grounding in the principles of good security, covering key terms, risk management, different aspects of security, defense in depth, implementation tips, and more. This part is best read from beginning to end.
Part 2 is intended as a useful reference, discussing a wide range of good-practice controls (in alphabetical order) you may want to consider implementing. Each control is discussed at a high level, focusing on the broader principles, concepts, and points to consider, rather than specific solutions. Each control has also been written as a standalone chapter, so you can just read the controls that interest you, in an order that suits you.
Together, the book will give you a good understanding of the fundamentals of cybersecurity and resilience, without tying them to specific standards, frameworks, or solutions, and provide an excellent starting point for any cyber resilience implementation project.
Alan Calder is the Group CEO of GRC International Group PLC, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international cybersecurity guru, and a leading author on information security and IT governance issues. He has been involved in the development of a wide range of information security management training courses that have been accredited by IBITGQ (International Board for IT Governance Qualifications). Alan has consulted for clients across the globe and is a regular media commentator and speaker.