Cybersecurity Risk Management

In Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, veteran technology analyst Cynthia Brumfield, with contributions from cybersecurity expert Brian Haugli, delivers a straightforward and up-to-date exploration of the fundamentals of cybersecurity risk planning and management. The book offers readers easy-to-understand overviews of cybersecurity risk management principles, user, and network infrastructure planning, as well as the tools and techniques for detecting cyberattacks. The book also provides a roadmap to the development of a continuity of operations plan in the event of a cyberattack.

With incisive insights into the Framework for Improving Cybersecurity of Critical Infrastructure produced by the United States National Institute of Standards and Technology (NIST), Cybersecurity Risk Management presents the gold standard in practical guidance for the implementation of risk management best practices.

Table of Contents

CHAPTER 1 Cybersecurity Risk Planning and Management

CHAPTER 2 User and Network Infrastructure Planning and Management

CHAPTER 3 Tools and Techniques for Detecting Cyber Incidents

CHAPTER 4 Developing a Continuity of Operations Plan

CHAPTER 5 Supply Chain Risk Management

CHAPTER 6 Manufacturing and Industrial Control Systems Security

Appendix A: Helpful Advice for Small Organizations Seeking to Implement Some of the Book's Recommendations

Appendix B: Critical Security Controls Version 8.0 Mapped to NIST CSF v1.1

Filled with clear and easy-to-follow advice, this book also offers readers:

• A concise introduction to the principles of cybersecurity risk management and the steps necessary to manage digital risk to systems, assets, data, and capabilities
• A valuable exploration of modern tools that can improve an organization’s network infrastructure protection
• A practical discussion of the challenges involved in detecting and responding to a cyberattack and the importance of continuous security monitoring
• A helpful examination of the recovery from cybersecurity incidents

Perfect for undergraduate and graduate students studying cybersecurity, Cybersecurity Risk Management is also an ideal resource for IT professionals working in private sector and government organizations worldwide who are considering implementing, or who may be required to implement, the NIST Framework at their organization.

About the Author

Cynthia Brumfield is the President of DCT Associates and a veteran media, communications, and technology analyst who is now focused on cybersecurity. Backed by executive-level experience at top-tier U.S. communications trade associations, a premier investment analysis firm, and her own successful publication and consulting businesses, she has spearheaded research, analysis, consulting, publishing, and education initiatives for major organizations, including Fortune 500 corporations, security organizations, and federal government clients. In addition, she is an award-winning writer who currently runs a pioneering cybersecurity news destination, Metacurity, and writes regularly for top news outlets, including ongoing columns for CSO Online.

Brian Haugli is the Managing Partner and Founder of SideChannel. He has been driving security programs for two decades and brings a true practitioner’s approach to the industry. He has led programs for the DoD, Pentagon, Intelligence Community, Fortune 500, and many others. In addition, Brian is a renowned speaker and expert on NIST guidance, threat intelligence implementations, and strategic organizational initiatives.