Home Page Icon
Home Page
Table of Contents for
Beyond Cybersecurity
Close
Beyond Cybersecurity
by Chris Rezek, Alan Marcus, Derek O'Halloran, Tucker Bailey, James M. Kaplan
Beyond Cybersecurity: Protecting Your Digital Business
Foreword
Preface
SETTING THE CONTEXT FOR DIGITAL RESILIENCE
BACKGROUND AND APPROACH
NOTES
Executive Summary
$3 TRILLION AT RISK
DIGITAL RESILIENCE PROTECTS THE BUSINESS AND ENABLES INNOVATION
BUSINESS LEADERS MUST DRIVE CHANGE
THE BROADER ECOSYSTEM MUST ENABLE DIGITAL RESILIENCE
1 Cyber-attacks Jeopardize Companies’ Pace of Innovation
RISK OF CYBER-ATTACKS REDUCES THE VALUE OF TECHNOLOGY FOR BUSINESS
THE RISKS ARE HIGH FOR EVERYONE, EVERYWHERE
DEFENDERS ARE FALLING BEHIND ATTACKERS
NOTES
2 It Could Get Better— or $3 Trillion Worse
SCENARIO PLANNING AND CYBERSECURITY
SCENARIO 1: MUDDLING INTO THE FUTURE
SCENARIO 2: DIGITAL BACKLASH
SCENARIO 3: DIGITAL RESILIENCE
NOTES
3 Prioritize Risks and Target Protections
UNTARGETED SECURITY MEASURES SERVE ONLY ATTACKERS
PRIORITIZE INFORMATION ASSETS AND RISKS IN A WAY THAT ENGAGES BUSINESS LEADERS
PROVIDE DIFFERENTIATED PROTECTION FOR THE MOST IMPORTANT ASSETS
USE FULL RANGE OF CONTROLS BUT ORGANIZE INTO TIERS
DELIVERING TARGETED PROTECTION OF PRIORITY ASSETS IN PRACTICE
NOTE
4 Do Business in a Digitally Resilient Way
BUILD DIGITAL RESILIENCE INTO ALL BUSINESS PROCESSES
ENLIST FRONTLINE PERSONNEL TO PROTECT THE ASSETS THEY USE
NOTES
5 Modernize IT to Secure IT
SIX WAYS TO EMBED CYBERSECURITY INTO THE IT ENVIRONMENT
ENGAGE WITH IT LEADERS TO IMPLEMENT REQUIRED CHANGES
NOTES
6 Engage Attackers with Active Defense
THE LIMITATIONS OF PASSIVE DEFENSE
KNOW THE ENEMY AND ACT ACCORDINGLY
NOTES
7 After the Breach: Improve Incident Response across Business Functions
DRAW UP AN INCIDENT RESPONSE PLAN
TEST THE PLAN USING WAR GAMES
CONDUCT POSTMORTEMS ON REAL BREACHES TO IMPROVE IR PLAN
NOTES
8 Build a Program that Drives toward Digital Resilience
WHAT IT TAKES TO GET TO DIGITAL RESILIENCE
SIX STEPS TO LAUNCH A DIGITAL RESILIENCE PROGRAM
NOTES
9 Creating a Resilient Digital Ecosystem
THE DIGITAL ECOSYSTEM
THE POWER OF A RESILIENT DIGITAL ECOSYSTEM
WHAT’S REQUIRED TO CREATE A RESILIENT DIGITAL ECOSYSTEM
COLLABORATION FOR A RESILIENT ECOSYSTEM
NOTES
Conclusion
NOTE
Acknowledgments
About the Authors
JAMES M. KAPLAN
TUCKER BAILEY
CHRIS REZEK
DEREK O’HALLORAN
ALAN MARCUS
Index
EULA
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Beyond Cybersecurity
Next
Next Chapter
Foreword
Contents
Foreword
Preface
SETTING THE CONTEXT FOR DIGITAL RESILIENCE
BACKGROUND AND APPROACH
NOTES
Executive Summary
$3 TRILLION AT RISK
DIGITAL RESILIENCE PROTECTS THE BUSINESS AND ENABLES INNOVATION
BUSINESS LEADERS MUST DRIVE CHANGE
THE BROADER ECOSYSTEM MUST ENABLE DIGITAL RESILIENCE
1 Cyber-attacks Jeopardize Companies’ Pace of Innovation
RISK OF CYBER-ATTACKS REDUCES THE VALUE OF TECHNOLOGY FOR BUSINESS
THE RISKS ARE HIGH FOR EVERYONE, EVERYWHERE
DEFENDERS ARE FALLING BEHIND ATTACKERS
NOTES
2 It Could Get Better— or $3 Trillion Worse
SCENARIO PLANNING AND CYBERSECURITY
SCENARIO 1: MUDDLING INTO THE FUTURE
SCENARIO 2: DIGITAL BACKLASH
SCENARIO 3: DIGITAL RESILIENCE
NOTES
3 Prioritize Risks and Target Protections
UNTARGETED SECURITY MEASURES SERVE ONLY ATTACKERS
PRIORITIZE INFORMATION ASSETS AND RISKS IN A WAY THAT ENGAGES BUSINESS LEADERS
PROVIDE DIFFERENTIATED PROTECTION FOR THE MOST IMPORTANT ASSETS
USE FULL RANGE OF CONTROLS BUT ORGANIZE INTO TIERS
DELIVERING TARGETED PROTECTION OF PRIORITY ASSETS IN PRACTICE
NOTE
4 Do Business in a Digitally Resilient Way
BUILD DIGITAL RESILIENCE INTO ALL BUSINESS PROCESSES
ENLIST FRONTLINE PERSONNEL TO PROTECT THE ASSETS THEY USE
NOTES
5 Modernize IT to Secure IT
SIX WAYS TO EMBED CYBERSECURITY INTO THE IT ENVIRONMENT
ENGAGE WITH IT LEADERS TO IMPLEMENT REQUIRED CHANGES
NOTES
6 Engage Attackers with Active Defense
THE LIMITATIONS OF PASSIVE DEFENSE
KNOW THE ENEMY AND ACT ACCORDINGLY
NOTES
7 After the Breach: Improve Incident Response across Business Functions
DRAW UP AN INCIDENT RESPONSE PLAN
TEST THE PLAN USING WAR GAMES
CONDUCT POSTMORTEMS ON REAL BREACHES TO IMPROVE IR PLAN
NOTES
8 Build a Program that Drives toward Digital Resilience
WHAT IT TAKES TO GET TO DIGITAL RESILIENCE
SIX STEPS TO LAUNCH A DIGITAL RESILIENCE PROGRAM
NOTES
9 Creating a Resilient Digital Ecosystem
THE DIGITAL ECOSYSTEM
THE POWER OF A RESILIENT DIGITAL ECOSYSTEM
WHAT’S REQUIRED TO CREATE A RESILIENT DIGITAL ECOSYSTEM
COLLABORATION FOR A RESILIENT ECOSYSTEM
NOTES
Conclusion
NOTE
Acknowledgments
About the Authors
JAMES M. KAPLAN
TUCKER BAILEY
CHRIS REZEK
DEREK O’HALLORAN
ALAN MARCUS
Index
EULA
List of Tables
Preface
TABLE P.1
TABLE P.2
Chapter 3
TABLE 3.1
TABLE 3.2
Chapter 7
TABLE 7.1
Chapter 8
TABLE 8.1
TABLE 8.2
TABLE 8.3
TABLE 8.4
Chapter 9
TABLE 9.1
TABLE 9.2
List of Illustrations
Preface
FIGURE P.1
Companies Face a Wide Range of Cybersecurity Risks
Executive Summary
FIGURE E.1
Existing Cybersecurity Models Become Less Tenable as Threats Increase
Chapter 1
FIGURE 1.1
Cybersecurity’s Share of the Overall IT Budget Can Vary Widely—Even within One Sector
FIGURE 1.2
Cybersecurity Spend Is Less than $100 Billion of Total Business IT Spend of $2 Trillion
FIGURE 1.3
Half of Technology Executives Believe They Spend Enough on Cybersecurity
FIGURE 1.4
Companies Are Most Concerned about Security Implications of Mobile and Cloud Computing
FIGURE 1.5
External Connectivity Is Integral to Most Businesses—Auto Insurance Example
FIGURE 1.6
Cyber-attacks Pose a Greater Risk than Other Technology Risks
FIGURE 1.7
All Companies Are Worried about Customer Data Theft, but Their Next Priority Varies by Sector
FIGURE 1.8
Executives Believe Attackers Will Increase Their Lead
FIGURE 1.9
Cyber Risk Maturity Survey: Fact-Based Questions Lead to Maturity Rating
FIGURE 1.10
Cybersecurity Risk Management Maturity Is Low
FIGURE 1.11
Only One Practice Rates as “Mature” on Average across All Companies
FIGURE 1.12
Higher Maturity in Practices that Require Less Collaboration beyond Cybersecurity
FIGURE 1.13
Spending Big Doesn’t Lead to Risk Management Maturity
Chapter 2
FIGURE 2.1
The Change in Intensity of Threat and Quality of Response Leads to Different Scenarios
FIGURE 2.2
Nine Technologies Could Create $8 Trillion to $18 Trillion in Value by 2020
FIGURE 2.3
Muddling into the Future Scenario Puts $1 Trillion at Risk
FIGURE 2.4
Digital Backlash Scenario Puts More than $3 Trillion at Risk
FIGURE 2.5
Technology Executives Realize They Have Substantial Room for Improvement in Addressing Digital Resilience Levers
Chapter 3
FIGURE 3.1
Rank Types of Risk across the Value Chain to Help Engage Business Leaders
FIGURE 3.2
Plotting Risk Likelihood against Impact Helps Drive Decisions about Cybersecurity Investments
FIGURE 3.3
The Same Controls Can Be Retuned for Optimal Protection
Chapter 4
FIGURE 4.1
Hardwire the Mind-Set and Behavior Changes into the Organization
Chapter 5
FIGURE 5.1
Broad Set of Components in Technology Environment Contribute to Vulnerabilities
FIGURE 5.2
Private Cloud Hosting Will Become Dominant Model by 2019
FIGURE 5.3
How to Assess Public Cloud Services versus Other Options
Chapter 6
FIGURE 6.1
Integrate a Proactive Cyber-Intelligence Function with the Security Operations Team
Chapter 7
FIGURE 7.1
Base War-Game Scenario on High-Risk Events for the Business
Chapter 8
FIGURE 8.1
Phased Rollout Plan to Protect the Most Critical Areas First
Chapter 9
FIGURE 9.1
Executives’ Perspective on Cybersecurity Regulation Varies Widely by Sector, with Banking Most Skeptical
FIGURE 9.2
OECD Countries Are Starting to Put Cybersecurity Strategies in Place
FIGURE 9.3
Maturity Curve for the Pillars of a Digital Resilience Ecosystem
Guide
Cover
Table of Contents
Preface
Pages
vii
viii
ix
xi
xii
xiii
xiv
xv
xvi
xvii
xviii
xix
xx
xxi
xxii
xxiii
xxiv
xxv
xxvi
xxvii
xxviii
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
178
179
180
181
182
183
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
209
210
211
213
215
216
217
218
219
220
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset