Program Architecture: Fight the Good Fight (1) (Security, Audit and Leadership Series)

Synopsis

Business executives consider what is necessary to protect the company. It comes down to people, process and technology, organized within an information security program. Everything has its place within the program, including business processes, assets and the right blend of controls to protect them.This book describes program architecture, the discipline of designing, implementing and leading information security programs.• Prove Yourself Ready Now• Team Development and Retention• Program Maturity• Influence Support and Funding• Cyber Threat Intelligence• Third Party Risk Management • Metrics and Reporting• Insider Risk Monitoring and Response• Threat Landscape and Controls Analysis• Conduct an Assessment• Crisis Communications• Control by GovernanceThis book provides practical advice in the areas of cybersecurity and operational risk management. The goal is to provide readers with practical advice they can use upon return to work.Chapter abstracts:Chapter 1Prove yourself ready nowThis chapter provides practical advice to prove yourself 'ready now' for a cybersecurity management role. The journey begins with a view from the executive’s side of the table and how to speak in terms of risk. There is an overview of risk management, with tips for influencing risk mitigation. Focus transitions to how a communications plan can make you more effective as a leader. There is practical advice for developing presentation skills with limited stress and anxiety through a four-step approach. With that skill in-place you can communicate program statuses to executives. Professional development and C-Level presentation round out the chapter.Chapter 2Team development and retentionThis chapter provides leaders with practical advice for developing employees in their current role, with tips to help them move laterally or to pursue promotion to management. The focus shifts to management routines throughout a calendar year, including performance and development plans, communications, financial acumen, talent review and program architecture. The chapter begins to conclude with performance calibration, succession planning, promotions and retention risk.If you are an individual contributor with a goal of being promoted to leadership, there is a significant value in this chapter. There are also activities behind the scenes that you should know about in your current role.Chapter 3Program maturityInformation security professionals must focus on maturity within cybersecurity and operational risk contexts. This chapter provides guidance to improve program maturity within four levels. It starts by establishing a foundation with a control framework, laws, regulations and contractual obligations. Next are common controls, necessary and common sense from an information security perspective. Active risk management includes types of analysis, assessment and mitigation. Strong risk management is conducted by organizations that have a very low risk tolerance. This risk-prioritized approach can be used to influence funding. So that's part of the strategy, you need support and funding to mature the program over years.Chapter 4Influence support and fundingInfluencing change with business and IT executives is a learned skill. This chapter begins with five areas of focus to influence support and funding. The concept of ‘bring friends’ solicits the support of other operational risk functions. Management routines are provided as effective ways to mitigate risk, including a risk register process, a cybersecurity committee, tabletop exercises and a cybersecurity risk management framework. Three risk analysis methodologies are provided as practical advice to communicate security risk. Tips to develop financial acumen include two budget slide examples. The chapter concludes with emphasis on the need to be a change agent and to close on projects, initiatives and risk mi

Copyright:

2026

Book Details

Book Quality:

Publisher Quality

Book Size:

188 Pages

ISBN-13:

9781040452202

Related ISBNs:

9781003543619, 9781032842332, 9781032896007, 9781040452189

Publisher:

CRC Press

Date of Addition:

11/07/25

Copyrighted By:

Gideon T. Rasmussen

Adult content:

No

Language:

English

Has Image Descriptions:

No

Categories:

Nonfiction, Art and Architecture, Computers and Internet, Business and Finance

Submitted By:

Bookshare Staff

Usage Restrictions:

This is a copyrighted book.