Building a Cyber Risk Management Program: Evolving Security for the Digital Age

Cyber risk management is one of the most urgent issues facing enterprises today. This book presents a detailed framework for designing, developing, and implementing a cyber risk management program that addresses your company's specific needs. Ideal for corporate directors, senior executives, security risk practitioners, and auditors at many levels, this guide offers both the strategic insight and tactical guidance you're looking for.

You'll learn how to define and establish a sustainable, defendable, cyber risk management program, and the benefits associated with proper implementation. Cyber risk management experts Brian Allen and Brandon Bapst, working with writer Terry Allan Hicks, also provide advice that goes beyond risk management. You'll discover ways to address your company's oversight obligations as defined by international standards, case law, regulation, and board-level guidance.

This book helps you:

• Understand the transformational changes digitalization is introducing, and new cyber risks that come with it
• Learn the key legal and regulatory drivers that make cyber risk management a mission-critical priority for enterprises
• Gain a complete understanding of four components that make up a formal cyber risk management program
• Implement or provide guidance for a cyber risk management program within your enterprise

數位風險管理是當今企業面臨的最迫切問題之一。本書提供了一個詳細的框架，用於設計、開發和實施一個能夠滿足貴公司特定需求的數位風險管理計劃。這本指南非常適合企業董事、高級主管、安全風險從業人員和審計師等多個層級的人士，為您提供了戰略洞察和戰術指導。

您將學習如何定義和建立一個可持續、可辯護的數位風險管理計劃，以及正確實施所帶來的好處。數位風險管理專家Brian Allen和Brandon Bapst與作家Terry Allan Hicks合作，還提供了超越風險管理的建議。您將發現如何滿足國際標準、案例法、法規和董事會層面指導所定義的公司監督義務的方法。

本書幫助您：
- 瞭解數位化引入的轉型變革以及相應的新數位風險
- 瞭解使數位風險管理成為企業使命至關重要的主要法律和監管驅動因素
- 全面了解構成正式數位風險管理計劃的四個組成部分
- 在貴企業內實施或提供數位風險管理計劃的指導