We've all read the cybersecurity horror stories: a prominent company exposes the private information of their customers only to scramble after the fact to apologize and safeguard the data. Cybersecurity is often an afterthought, a much lower priority than profit--until a data breach threatens the bottom line anyway. In The Cyber-Elephant in the Boardroom, data security expert and CEO Mathieu Gorge, along with a host of guests, shows why protecting a company's data should be top of mind for C-suites and corporate boards. With the innovative 5 Pillars of Security Framework, any C-level executive can understand their organization's cyber risk and the steps they need to take to protect their information. There's a cyber-elephant in the boardroom and it needs to be addressed!
Over the years we’ve seen the digital security profession transformed into an overhyped and fuzzy domain that is often referred to as cybersecurity. Over the years we've seen the digital security profession transformed into an overhyped and fuzzy domain that is often referred to as cybersecurity. Since many authors have written a great deal on this subject in books, journals, and social media blogs, our aim here is to enrich this field with our opinions, -viewpoints, and expertise. Thanks to a combined total of forty-five years of experience - experience from our academic back grounds as well as from our work as security and tech leaders we are able to focus on things that should work in theory but fail in practice due to all kinds of intangible, "silent" factors. Our intention is not to be exhaustive, nor to criticize others, but to shed fresh light on crucial cyber-related allies, enemies, and issue that are rarely taken into account and talked about, but we believe you should know to help you combat the silent enemy of digital security.
Digital transformation is not about technology--it's about change. In the rapidly changing digital economy, you can't succeed by merely tweaking management practices that led to past success. And yet, while many leaders and managers recognize the threat from digital--and the potential opportunity--they lack a common language and compelling framework to help them assess it and guide them in responding. They don't know how to think about their digital business model. In this concise, practical book, MIT digital research leaders Peter Weill and Stephanie Woerner provide a powerful yet straightforward framework that has been field-tested globally with dozens of senior management teams. Based on years of study at the MIT Center for Information Systems Research (CISR), the authors find that digitization is moving companies' business models on two dimensions: from value chains to digital ecosystems, and from a fuzzy understanding of the needs of end customers to a sharper one. Looking at these dimensions in combination results in four distinct business models, each with different capabilities. The book then sets out six driving questions, in separate chapters, that help managers and executives clarify where they are currently in an increasingly digital business landscape and highlight what's needed to move toward a higher-value digital business model. Filled with straightforward self-assessments, motivating examples, and sharp financial analyses of where profits are made, this smart book will help you tackle the threats, leverage the opportunities, and create winning digital strategies.
A ground shaking exposé on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current "risk management" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. Discover the shortcomings of cybersecurity's "best practices" Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.
Cybersecurity threats are on the rise. As a leader, you need to be prepared to keep your organization safe. Companies are investing an unprecedented amount of money to keep their data and assets safe, yet cyberattacks are on the rise--and the problem is worsening. No amount of technology, resources, or policies will reverse this trend. Only sound governance, originating with the board, can turn the tide. Protection against cyberattacks can't be treated as a problem solely belonging to an IT or cybersecurity department. It needs to cast a wide and impenetrable net that covers everything an organization does--from its business operations, models, and strategies to its products and intellectual property. And boards are in the best position to oversee the needed changes to strategy and hold their companies accountable. Not surprisingly, many boards aren't prepared to assume this responsibility. In A Leader's Guide to Cybersecurity, Thomas Parenty and Jack Domet, who have spent over three decades in the field, present a timely, clear-eyed, and actionable framework that will empower senior executives and board members to become stewards of their companies' cybersecurity activities. This includes: Understanding cyber risks and how best to control them Planning and preparing for a crisis--and leading in its aftermath Making cybersecurity a companywide initiative and responsibility Drawing attention to the nontechnical dynamics that influence the effectiveness of cybersecurity measures Aligning the board, executive leadership, and cybersecurity teams on priorities Filled with tools, best practices, and strategies, A Leader's Guide to Cybersecurity will help boards navigate this seemingly daunting but extremely necessary transition.
"With the nuance of a reporter and the pace of a thriller writer, Andy Greenberg gives us a glimpse of the cyberwars of the future while at the same time placing his story in the long arc of Russian and Ukrainian history." —Anne Applebaum, bestselling author of Twilight of Democracy The true story of the most devastating act of cyberwarfare in history and the desperate hunt to identify and track the elite Russian agents behind it: "[A] chilling account of a Kremlin-led cyberattack, a new front in global conflict" (Financial Times). In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark. NotPetya spread around the world, inflicting an unprecedented ten billion dollars in damage—the largest, most destructive cyberattack the world had ever seen. The hackers behind these attacks are quickly gaining a reputation as the most dangerous team of cyberwarriors in history: a group known as Sandworm. Working in the service of Russia's military intelligence agency, they represent a persistent, highly skilled force, one whose talents are matched by their willingness to launch broad, unrestrained attacks on the most critical infrastructure of their adversaries. They target government and private sector, military and civilians alike. A chilling, globe-spanning detective story, Sandworm considers the danger this force poses to our national security and stability. As the Kremlin's role in foreign government manipulation comes into greater focus, Sandworm exposes the realities not just of Russia's global digital offensive, but of an era where warfare ceases to be waged on the battlefield. It reveals how the lines between digital and physical conflict, between wartime and peacetime, have begun to blur—with world-shaking implications.
The authoritative account of the rise of Amazon and its intensely driven founder, Jeff Bezos, praised by the Seattle Times as "the definitive account of how a tech icon came to life." Amazon.com started off delivering books through the mail. But its visionary founder, Jeff Bezos, wasn't content with being a bookseller. He wanted Amazon to become the everything store, offering limitless selection and seductive convenience at disruptively low prices. To do so, he developed a corporate culture of relentless ambition and secrecy that's never been cracked. Until now. Brad Stone enjoyed unprecedented access to current and former Amazon employees and Bezos family members, giving readers the first in-depth, fly-on-the-wall account of life at Amazon. Compared to tech's other elite innovators -- Jobs, Gates, Zuckerberg -- Bezos is a private man. But he stands out for his restless pursuit of new markets, leading Amazon into risky new ventures like the Kindle and cloud computing, and transforming retail in the same way Henry Ford revolutionized manufacturing. The Everything Store is the revealing, definitive biography of the company that placed one of the first and largest bets on the Internet and forever changed the way we shop and read.
Stopping Losses from Accidental and Malicious Actions Around the world, users cost organizations billions of dollars due to simple errors and malicious actions. They believe that there is some deficiency in the users. In response, organizations believe that they have to improve their awareness efforts and making more secure users. This is like saying that coalmines should get healthier canaries. The reality is that it takes a multilayered approach that acknowledges that users will inevitably make mistakes or have malicious intent, and the failure is in not planning for that. It takes a holistic approach to assessing risk combined with technical defenses and countermeasures layered with a security culture and continuous improvement. Only with this kind of defense in depth can organizations hope to prevent the worst of the cybersecurity breaches and other user-initiated losses. Using lessons from tested and proven disciplines like military kill-chain analysis, counterterrorism analysis, industrial safety programs, and more, Ira Winkler and Dr. Tracy Celaya's You CAN Stop Stupid provides a methodology to analyze potential losses and determine appropriate countermeasures to implement. Minimize business losses associated with user failings Proactively plan to prevent and mitigate data breaches Optimize your security spending Cost justify your security and loss reduction efforts Improve your organization’s culture Business technology and security professionals will benefit from the information provided by these two well-known and influential cybersecurity speakers and experts.
#1 New York Times Bestseller now in paperback with new material The inspiration for The Comey Rule, the Showtime limited series starring Jeff Daniels premiering September 2020 In his book, former FBI director James Comey shares his never-before-told experiences from some of the highest-stakes situations of his career in the past two decades of American government, exploring what good, ethical leadership looks like, and how it drives sound decisions. His journey provides an unprecedented entry into the corridors of power, and a remarkable lesson in what makes an effective leader. Mr. Comey served as director of the FBI from 2013 to 2017, appointed to the post by President Barack Obama. He previously served as U.S. attorney for the Southern District of New York, and the U.S. deputy attorney general in the administration of President George W. Bush. From prosecuting the Mafia and Martha Stewart to helping change the Bush administration's policies on torture and electronic surveillance, overseeing the Hillary Clinton e-mail investigation as well as ties between the Trump campaign and Russia, Comey has been involved in some of the most consequential cases and policies of recent history.
The Financial Crisis Inquiry Report, published by the U.S. Government and the Financial Crisis Inquiry Commission in early 2011, is the official government report on the United States financial collapse and the review of major financial institutions that bankrupted and failed, or would have without help from the government. The commission and the report were implemented after Congress passed an act in 2009 to review and prevent fraudulent activity. The report details, among other things, the periods before, during, and after the crisis, what led up to it, and analyses of subprime mortgage lending, credit expansion and banking policies, the collapse of companies like Fannie Mae and Freddie Mac, and the federal bailouts of Lehman and AIG. It also discusses the aftermath of the fallout and our current state. This report should be of interest to anyone concerned about the financial situation in the U.S. and around the world.THE FINANCIAL CRISIS INQUIRY COMMISSION is an independent, bi-partisan, government-appointed panel of 10 people that was created to "examine the causes, domestic and global, of the current financial and economic crisis in the United States." It was established as part of the Fraud Enforcement and Recovery Act of 2009. The commission consisted of private citizens with expertise in economics and finance, banking, housing, market regulation, and consumer protection. They examined and reported on "the collapse of major financial institutions that failed or would have failed if not for exceptional assistance from the government."News Dissector DANNY SCHECHTER is a journalist, blogger and filmmaker. He has been reporting on economic crises since the 1980's when he was with ABC News. His film In Debt We Trust warned of the economic meltdown in 2006. He has since written three books on the subject including Plunder: Investigating Our Economic Calamity (Cosimo Books, 2008), and The Crime Of Our Time: Why Wall Street Is Not Too Big to Jail (Disinfo Books, 2011), a companion to his latest film Plunder The Crime Of Our Time. He can be reached online at www.newsdissector.com.
