相關主題
商品描述
This isn't just a book. It is a roadmap for the next generation of cybersecurity leadership. In an era where cyber threats are more sophisticated and the stakes are higher than ever, Chief Information Security Officers (CISOs) can no longer rely solely on technical expertise. They must evolve into strategic business leaders who can seamlessly integrate cybersecurity into the fabric of their organizations.
This book challenges the traditional perception of CISOs as technical leaders, advocating for a strategic shift toward business alignment, quantitative risk management, and the embrace of emerging technologies like artificial intelligence (AI) and machine learning. It empowers CISOs to transcend their technical expertise and evolve into business-savvy leaders who are fully equipped to meet the rising expectations from boards, executives, and regulators. This book directly addresses the increasing demands from boards and regulators in the wake of recent high-profile cyber events, providing CISOs with the necessary skills and knowledge to navigate this new landscape.
This book isn't just about theory but also action. It delves into the practicalities of business-aligned cybersecurity through real-life stories and illustrative examples that showcase the triumphs and tribulations of CISOs in the field. This book offers unparalleled insights gleaned from the author's extensive experience in advising hundreds of successful programs, including in-depth discussions on risk quantification, cyber insurance strategies, and defining materiality for risks and incidents. This book fills the gap left by other resources, providing clear guidance on translating business alignment concepts into practice.
If you're a cybersecurity professional aspiring to a CISO role or an existing CISO seeking to enhance your strategic leadership skills and business acumen, this book is your roadmap. It is designed to bridge the gap between the technical and business worlds and empower you to become a strategic leader who drives value and protects your organization's most critical assets.
商品描述(中文翻譯)
這不僅僅是一本書。它是下一代網路安全領導力的藍圖。在網路威脅日益複雜、風險比以往任何時候都高的時代,首席資訊安全官(CISO)不能再僅僅依賴技術專業知識。他們必須演變成能夠將網路安全無縫整合進組織運作的戰略商業領導者。
本書挑戰了傳統對CISO作為技術領導者的看法,倡導向商業對齊、定量風險管理的戰略轉變,並擁抱人工智慧(AI)和機器學習等新興技術。它使CISO能夠超越技術專業,演變成具備商業敏銳度的領導者,充分準備應對董事會、高層管理人員和監管機構日益提高的期望。本書直接針對近期高調網路事件後,董事會和監管機構日益增加的要求,為CISO提供必要的技能和知識,以應對這一新環境。
本書不僅僅是理論,還包括行動。它通過真實故事和示例深入探討與商業對齊的網路安全的實際操作,展示CISO在現場的成功與挑戰。本書提供了無與倫比的見解,這些見解來自作者在諮詢數百個成功計劃中的豐富經驗,包括對風險量化、網路保險策略以及風險和事件的重大性定義的深入討論。本書填補了其他資源留下的空白,提供了將商業對齊概念轉化為實踐的明確指導。
如果你是一位渴望成為CISO的網路安全專業人士,或是一位希望提升戰略領導技能和商業敏銳度的現任CISO,本書就是你的藍圖。它旨在彌合技術與商業世界之間的鴻溝,並使你成為一位推動價值並保護組織最關鍵資產的戰略領導者。
作者簡介
Walt Powell is an experienced executive coach and CISO advisor who has extensive experience working with countless CISOs and developing cybersecurity programs. Walt helped pioneer the role of Field CISO and is a founding member of the Global Security Strategy Office at CDW. Walt now leads a team of Field CISOs, composed entirely of former executives, who bring a wealth of experience and knowledge to their clients, underpinned by unique insights gained from contributing to and learning from the strategies of hundreds of chief information security officers (CISOs) and chief information officers (CIOs) across every size of organization and vertical. Walt and his team leverage this wealth of knowledge and experience to provide executive coaching, support, and mentorship to elevate other CISOs, their programs, and organizations, sharing lessons and providing strategic guidance that would typically take several careers to acquire.
Prior to his role at CDW, Walt was the owner and vCISO at Left Brain Security, which is now Left Brain Security Media. He has served as an award-winning cybersecurity leader, advisor, architect, and pre-sales engineer and has also served as a professor of networking and security at Wright College. Walt firmly believes in the importance of giving back to the industry, which is why he taught in CISSP and CISM boot camps and contributes as a certification exam development committee member for numerous organizations. He holds an impressive array of professional certifications, including CISSP, CISM, CCISO, Carnegie Mellon CISO, and the Stanford Advanced Cybersecurity Certificate, and numerous technical and sales certifications from leading cybersecurity firms. Walt also leads a cybersecurity book club, which is being launched as a podcast.
A proud Mensa member and futurist, Walt is deeply invested in exploring the implications of emerging technologies on cybersecurity. He actively contributes to the cybersecurity community by writing and speaking at industry conferences such as BSides, CypherCon, and CrowdStrike Fal.Con; sharing white papers; and authoring articles on critical security topics. Beyond his professional life, Walt is a former professional musician and multi-instrumentalist who cherishes spending quality time with his children, traveling, and learning new languages.
作者簡介(中文翻譯)
沃爾特·鮑威爾是一位經驗豐富的執行教練和CISO顧問,擁有與無數CISO合作及開發網路安全計畫的豐富經驗。沃爾特幫助開創了現場CISO的角色,並且是CDW全球安全策略辦公室的創始成員。沃爾特現在領導一支由前高管組成的現場CISO團隊,這些成員帶來了豐富的經驗和知識,並基於從數百位首席資訊安全官(CISO)和首席資訊官(CIO)在各種規模和行業的策略中獲得的獨特見解。沃爾特和他的團隊利用這些豐富的知識和經驗,提供執行教練、支持和指導,以提升其他CISO及其計畫和組織,分享經驗教訓並提供通常需要數個職業生涯才能獲得的戰略指導。
在CDW任職之前,沃爾特是Left Brain Security的擁有者和虛擬CISO,該公司現在名為Left Brain Security Media。他曾擔任獲獎的網路安全領導者、顧問、架構師和售前工程師,並且曾在懷特學院擔任網路和安全的教授。沃爾特堅信回饋行業的重要性,因此他在CISSP和CISM訓練營中授課,並作為多個組織的認證考試開發委員會成員進行貢獻。他擁有一系列令人印象深刻的專業認證,包括CISSP、CISM、CCISO、卡內基梅隆CISO和斯坦福高級網路安全證書,以及來自領先網路安全公司的多項技術和銷售認證。沃爾特還領導一個網路安全讀書會,該讀書會正以播客的形式推出。
作為自豪的Mensa會員和未來學家,沃爾特深度投入於探索新興技術對網路安全的影響。他積極通過撰寫和在BSides、CypherCon和CrowdStrike Fal.Con等行業會議上演講來貢獻網路安全社群;分享白皮書;以及撰寫關鍵安全主題的文章。除了他的專業生活,沃爾特還是一位前專業音樂家和多樂器演奏者,珍惜與孩子們共度美好時光、旅行和學習新語言。
