Confronting Cyber Risk: An Embedded Endurance Strategy for Cybersecurity

  • 3h 17m
  • Eric Rosenbach, Gregory J. Falco
  • Oxford University Press (UK)
  • 2022

An adaptive cyber risk management guide from MIT scientist and Johns Hopkins professor Gregory Falco and "Cyber Czar" Eric Rosenbach

Cyberattacks continue to grow in number, intensity, and sophistication. While attackers persistently adapt, business leaders have suffered from employing the same cyber risk management strategies for decades. Organizations must learn how to move past temporary solutions and invest in long-term resiliency measures to thrive in the future cyber economy.

Confronting Cyber Risk: An Embedded Endurance Strategy for Cybersecurity is a practical leadership guidebook outlining a new strategy for improving organizational cybersecurity and mitigating cyber risk. Veteran cybersecurity experts Falco and Rosenbach introduce the Embedded Endurance strategy as a systems-level approach to cyber risk management which addresses interdependent components of organizational risk and prepares organizations for the inevitability of cyber threats over the long-term. Using real world examples from SolarWinds to the Colonial Pipeline attack, the authors extend beyond hardware and software to provide a thoughtful ten-step process for organizations to address the simultaneous operational, reputational, and litigation risks common to cyberattacks. They conclude with helpful "cryptograms" from the future, in which business leaders are confronted with the next generation of cyber risk challenges.

Clear and informative, Confronting Cyber Risk provides CEOs and cyber newcomers alike with concrete guidance on how to implement a cutting-edge strategy to mitigate an organization's overall risk to malicious cyberattacks in an evolving cyber risk landscape.

About the Author

Gregory J. Falco, Assistant Professor, Department of Civil and Systems Engineering and the Institute for Assured Autonomy, Johns Hopkins University, and Eric Rosenbach, Co-Director and Lecturer, Belfer Center for Science and International Affairs, Harvard Kennedy School

Gregory Falco is an Assistant Professor at Johns Hopkins University's Department of Civil & Systems Engineering and the Institute for Assured Autonomy. He has been listed in Forbes 30 Under 30 for Enterprise Technology for his contributions to internet of things (IoT) security. Dr. Falco has invented and holds patents for embedded system security and explainable AI technology. He has researched and lectured at Stanford, the Massachusetts Institute of Technology, Harvard, and Columbia Universities. He has consulted for a wide variety of organizations such as the World Bank, NASA Jet Propulsion Laboratory, the US Department of Defense, the UN Foundation, the National Academy of Sciences, and in the insurance and energy sectors. Prior to academia, Dr. Falco co-founded and led Accenture's IoT Smart City division. An NSF-Fulbright Scholar in Critical Infrastructure Cybersecurity, he holds a BS from Cornell University, MS from Columbia University and PhD from the Massachusetts Institute of

Technology. Eric Rosenbach is Co-Director and Lecturer at the Harvard Kennedy School's Belfer Center for Science and International Affairs. He has more than two decades of experience working on cybersecurity issues in senior executive positions in government, industry, and academia. In the Department of Defense, he served as the "Cyber Czar," Pentagon Chief of Staff, and Assistant Secretary of Defense. In the private sector, he was Chief Security Officer for a large European telecommunications firm and led cybersecurity efforts for a global management consulting firm that advised Fortune 500 executives on cyber risk mitigation. He is also a former Army Intelligence Officer who commanded a telecommunications intelligence unit. A Fulbright Scholar with a JD from Georgetown, MPP from Harvard, and BA from Davidson College, Mr. Rosenbach has written several books on national security.

In this Book

  • Why is Cyber Risk an Issue?
  • Who is Attacking Us?
  • How Do I assess Our Cyber Risk?
  • What Do I Need to Know about Cyber Frameworks, Standards, and Laws?
  • Who is Responsible for Cybersecurity?
  • What Risk Prevention Measures can I Use?
  • What Risk Resilience Measures Can I Use?
  • How Do I Embed Cyber Risk Management in all Aspects of the Organization?
  • Conclusion
  • Notes

YOU MIGHT ALSO LIKE