Ben's Book of the Month: Review of "Take Back Control of Your Cybersecurity Now: Game Changing Concepts on AI and Cyber Governance Solutions for Executives"

Posted on by Ben Rothke

Mark Twain said that “if you don't like the weather in New England now, just wait a few minutes.” With that, one of the challenges of working in the information security field is staying current. If an information security professional were to go on sabbatical (what a thought); by the time they came back from their escape, the information security world would be a very different place. And for such a person, they’d find their level of professional development somewhat diminished.

In Take Back Control of Your Cybersecurity Now: Game Changing Concepts on AI and Cyber Governance Solutions for Executives (ISBN-13: 978-1520658728), authors Christophe Veltsos and Paul Ferrillo have written a practical guide to help information security and IT professionals understand and manage the ever-changing environment of information security and data risk.

The following are the 11 chapters in the book, and they provide the reader with an easy to read overview of the current status of information security and risk:

  1. Time to Take Back Control of your Cybersecurity Now
  2. Federal Regulation and Oversight — Today and Tomorrow
  3. Understanding and Implementing the NIST Cybersecurity Framework
  4. Spear Phishing Attacks — Don’t Take the Bait! Don’t Click on the Link!
  5. Incident Response — Plans, Reality, and Lessons Learned
  6. Using Cyber Intelligent Solutions to Defeat Hackers (or at least level the playing field)
  7. Cybersecurity Fiduciary Duties of Directors and Officers
  8. Insurance for Cyber Exposures; Critical Considerations for Effective Insurance Purchasing
  9. Cyber Risk Reporting and Governance
  10. Trust But Verify — Asking the Tough Questions
  11. The Great Miracles and Challenges of Cloud Computing

The book lays out the tasks that need to be done to ensure the entire lifecycle of information security tasks are dealt with. The many suggestions are strategic and tactical, to which the reader can ensure the items are appropriately tasked.

The word control in the title is intentional. With the problem of shadow IT, where systems (and often very large ones) are deployed outside the purview of the CIO, CTO and CISO; IT quickly becomes and out of control area. The book is meant to regain control from a security perspective.

This is a handy read for anyone who wants to know about the current state of information security, and what the best practices are to ensure their enterprise is effectively dealing with the most challenging threats. The book provides just enough information and data to be used as good starting point. What it lacks in depth, it makes up in breadth.

The authors write in a clear and easy to read style that is both elucidating and an interesting read. While meant for those tasked with information security duties; anyone involved in security, information technology or data management will certainly find a lot of value in Take Back Control of Your Cybersecurity Now.

Ben Rothke

Senior Information Security Manager, Tapad

professional development & workforce

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs