相關主題
商品描述
This book aims to demonstrate the use of business-driven risk assessments to address government regulations and guidelines specific to the management of risks related to all third-party arrangements and emphasises that organisations retain accountability for business activities, functions and services outsourced to a third party.
This book introduces the cyber risk investment model and the cybersecurity risk management framework used within business-driven risk assessments to address government regulations, industry standards and applicable laws. This can be used by various stakeholders who are involved in the implementation of cybersecurity measures to safeguard sensitive data. This framework facilitates an organisation's risk management decision-making process to demonstrate the mechanisms in place to fund cybersecurity measures and demonstrates the application of the process showcasing three case studies. This book also discusses the elements used within the cybersecurity risk management process and defines a strategic approach to minimise cybersecurity risks.
Features:
- Aims to strengthen the reader's understanding of industry governance, risk and compliance practices.
- Incorporates an innovative approach to assess business risk management.
- Explores the strategic decisions made by organisations when implementing cybersecurity measures and leverages an integrated approach to include risk management elements.
商品描述(中文翻譯)
本書旨在展示以業務驅動的風險評估來應對特定於政府法規和指導方針的風險管理,這些風險與所有第三方安排相關,並強調組織對外包給第三方的業務活動、功能和服務保持責任。
本書介紹了網絡風險投資模型和在業務驅動的風險評估中使用的網絡安全風險管理框架,以應對政府法規、行業標準和適用法律。這可以被各種利益相關者使用,這些利益相關者參與實施網絡安全措施以保護敏感數據。該框架促進了組織的風險管理決策過程,以展示資助網絡安全措施的機制,並展示了該過程的應用,展示了三個案例研究。本書還討論了在網絡安全風險管理過程中使用的要素,並定義了一種戰略方法以最小化網絡安全風險。
特色:
- 旨在加強讀者對行業治理、風險和合規實踐的理解。
- 融入創新的方法來評估業務風險管理。
- 探討組織在實施網絡安全措施時所做的戰略決策,並利用綜合方法來包含風險管理要素。
作者簡介
Sherita-Tara (Tara) Kissoon, MSc, MBA, CISSP, CISA, is a multi-certified I.T. Risk & Security Leader with twenty-five years of technology experience, twenty years of experience in the financial services industry focusing on technology, cybersecurity, governance, risk and compliance, along with professional and community volunteering. Tare actively volunteering at ISACA, ISC2, University of London and St. Patrick's Parish in Markham, and have attained my Enhanced Police Information Check (E-PIC), Vulnerable Sector Check, NEXUS, Biometrics, Bail Verification and maintain medical records for identity verification, to volunteer/work in high-risk communities, and cross borders as a trusted traveler.
Tara Kissoon is a multi-certified I.T. Risk & Security Leader with 25+ years of technology experience, 20 years of executive experience in the financial services industry. She brings continued success on leading Technology, I.T. Risk and Information Security projects and programs within large organizations. She is acknowledged as a leader and trusted advisor with a talent for effective resource management, steering traditional and diverse cross-functional staff to achieve short and long-term business objectives. Relevant Publication include (ORCID: 0000-0001-6903-1938) - 1) Book (2024): Routledge (Taylor & Francis) Optimal Spending on Cybersecurity Measures: Protecting Health Information 2) Book (2024): Routledge (Taylor & Francis) Optimal Spending on Cybersecurity Measures: Digital Privacy and Data Protection 3) Book (2024): Routledge (Taylor & Francis) Optimal Spending on Cybersecurity Measures: DevOps, 4) Book (2022): Routledge (Taylor & Francis) Optimal Spending on Cybersecurity Measures: Risk Management, 5) Article (2021): Journal of Information Security (Vol.12 No.1, Jan 2021) - Optimum Spending on Cybersecurity Measures Part II, 6) Article (2020): Emerald Publishing Limited - Optimum Spending on Cybersecurity Measures, 7) ISACA TIPs column (2012 - 2014), and 8) ISACA Online Journal (2008): Strengthening Access using Smart Cards. CV is enclosed.
作者簡介(中文翻譯)
Sherita-Tara (Tara) Kissoon,碩士(MSc)、工商管理碩士(MBA)、CISSP、CISA,是一位多重認證的資訊科技風險與安全領導者,擁有二十五年的技術經驗,以及二十年專注於金融服務業的經驗,涵蓋技術、網路安全、治理、風險與合規,並積極參與專業及社區志願服務。Tara 在 ISACA、ISC2、倫敦大學及馬克漢的聖帕特里克教區積極志願服務,並取得增強型警察資訊檢查(E-PIC)、弱勢族群檢查、NEXUS、生物識別、保釋驗證,並維護身份驗證的醫療記錄,以便在高風險社區志願服務/工作,並作為受信任的旅行者跨境行動。
Tara Kissoon 是一位多重認證的資訊科技風險與安全領導者,擁有超過 25 年的技術經驗,以及 20 年在金融服務業的高層經驗。她在大型組織中領導技術、資訊科技風險和資訊安全項目及計劃方面持續取得成功。她被認可為領導者和受信任的顧問,擅長有效的資源管理,能夠引導傳統及多元的跨功能團隊達成短期和長期的商業目標。相關出版物包括(ORCID: 0000-0001-6903-1938)- 1) 書籍(2024):Routledge(Taylor & Francis)《網路安全措施的最佳支出:保護健康資訊》 2) 書籍(2024):Routledge(Taylor & Francis)《網路安全措施的最佳支出:數位隱私與數據保護》 3) 書籍(2024):Routledge(Taylor & Francis)《網路安全措施的最佳支出:DevOps》 4) 書籍(2022):Routledge(Taylor & Francis)《網路安全措施的最佳支出:風險管理》 5) 文章(2021):《資訊安全期刊》(第12卷第1期,2021年1月)- 《網路安全措施的最佳支出第二部分》 6) 文章(2020):Emerald Publishing Limited - 《網路安全措施的最佳支出》 7) ISACA TIPs 專欄(2012 - 2014),以及 8) ISACA 在線期刊(2008):《使用智能卡加強訪問控制》。簡歷隨附。
