Cybersecurity Program Development for Businesses : The Essential Planning Guide

Intro -- TITLE PAGE -- TABLE OF CONTENTS -- FOREWORD -- PREFACE -- Something Completely Different -- ABOUT THE AUTHOR -- ACKNOWLEDGMENTS -- CHAPTER 1: Understanding Risk -- How Much Is It Worth to You? -- Risk! Not Just a Board Game -- CHAPTER 2: Everything You Always Wanted to Know About Tech (But Were Afraid to Ask Your Kids) -- In the Beginning… -- Key Definitions -- Note -- CHAPTER 3: A Cybersecurity Primer -- Cybersecurity Defined -- The Meaning of Security -- Measuring Cybersecurity's Success -- Deter, Identify, Protect, Detect, Respond -- Cybersecurity Controls and Defense in Depth -- Defense in Depth -- The Threats -- Threat Agents -- Key Trends Influencing Threat Agents -- The Nature of Hackers -- Attack Process -- Types of Attacks -- A Brief Cyberglossary of Terms -- CHAPTER 4: Management, Governance, and Alignment -- Why Governance Matters -- Strategy, Steering, and Standards -- Critical Success Factors -- CHAPTER 5: Your Cybersecurity Program: A High‐Level Overview -- Vision and Mission Statements -- Culture and Strategy -- Off to See the Wizard -- What's at Risk? -- Threat Assessment -- At the Club House Turn! -- Mitigating Risk -- Incident‐Response Planning -- CHAPTER 6: Assets -- Asset Classification -- Asset Metadata -- Business‐Impact Analysis -- One Spreadsheet to Rule Them All -- CHAPTER 7: Threats -- Types of Threats -- Threat Rankings -- Threat Intelligence -- Threat Modeling -- CHAPTER 8: Vulnerabilities -- Who Is Who in Vulnerabilities Tracking -- Zero‐Day Exploits -- Vulnerabilities Mapping -- Vulnerability Testing -- Prioritizing Vulnerability Remediation -- CHAPTER 9: Environments -- On‐Premises (Onsite) Computing Environments -- Private‐Cloud Computing Environments -- Public‐Cloud Computing Environments -- Hybrid‐Cloud Computing Environments -- The Internet of Things (IoT) -- Distributed Workforces