Enterprise Cybersecurity Study Guide - Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams & Abdul Aslam

Enterprise Cybersecurity Study Guide

By Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams & Abdul Aslam

  • Release Date: 2018-03-22
  • Genre: Computers


Use the methodology in this study guide to design, manage, and operate a balanced enterprise cybersecurity program that is pragmatic and realistic in the face of resource constraints and other real-world limitations. This guide is an instructional companion to the book Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats. The study guide will help you understand the book’s ideas and put them to work. The guide can be used for self-study or in the classroom.

Enterprise cybersecurity is about implementing a cyberdefense program that will succeed in defending against real-world attacks. While we often know what should be done, the resources to do it often are not sufficient. The reality is that the Cybersecurity Conundrum—what the defenders request, what the frameworks specify, and what the budget allows versus what the attackers exploit—gets in the way of what needs to be done. Cyberattacks in the headlines affecting millions of people show that this conundrum fails more often than we would prefer.

Cybersecurity professionals want to implement more than what control frameworks specify, and more than what the budget allows. Ironically, another challenge is that even when defenders get everything that they want, clever attackers are extremely effective at finding and exploiting the gaps in those defenses, regardless of their comprehensiveness. Therefore, the cybersecurity challenge is to spend the available budget on the right protections, so that real-world attacks can be thwarted without breaking the bank.

People involved in or interested in successful enterprise cybersecurity can use this study guide to gain insight into a comprehensive framework for coordinating an entire enterprise cyberdefense program.
What You’ll Learn:
Know the methodology of targeted attacks and why they succeedMaster the cybersecurity risk management processUnderstand why cybersecurity capabilities are the foundation of effective cyberdefensesOrganize a cybersecurity program's policy, people, budget, technology, and assessmentAssess and score a cybersecurity programReport cybersecurity program status against compliance and regulatory frameworksUse the operational processes and supporting information systems of a successful cybersecurity programCreate a data-driven and objectively managed cybersecurity programDiscover how cybersecurity is evolving and will continue to evolve over the next decade