Skip to main content
Apress

Understand, Manage, and Measure Cyber Risk®

Practical Solutions for Creating a Sustainable Cyber Program

  • Book
  • © 2023
  • Latest edition

Overview

  • Simplifies the answer to “What is our cybersecurity program all about?”
  • Demystifies the “how to” of cybersecurity risk management and the pitfalls to avoid
  • Pulls together management, technology, and executive understanding using insightful cyber measures and indicators

This is a preview of subscription content, log in via an institution to check access.

Access this book

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

eBook USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

About this book

When it comes to managing cybersecurity in an organization, most tussle with basic foundational components. This practitioner’s guide lays down those foundational components, with real client examples and pitfalls to avoid.

A plethora of cybersecurity management resources are available—many with sound advice, management approaches, and technical solutions—but few with one common theme that pulls together management and technology, with a focus on executive oversight. Author Ryan Leirvik helps solve these common problems by providing a clear, easy-to-understand, and easy-to-deploy "playbook" for a cyber risk management approach applicable to your entire organization.

This second edition provides tools and methods in a straight-forward, practical manner to guide the management of a cybersecurity program. Expanded sections include the critical integration of cyber risk management into enterprise risk management, the important connection between a Software Bill of Materials and Third-party Risk Programs, and additional "how to" tools and material for mapping frameworks to controls.

Praise for Understand, Manage, and Measure Cyber Risk

What lies ahead of you in the pages of this book? Clean practicality, not something that just looks good on paperbrittle and impractical when exposed to the real world. I prize flexibility and simplicity instead of attempting to have answers for everything and the rigidity that results. This simplicity is what I find valuable within Ryan's book. Tim Collyer, Motorola Solutions

It seems that I have found a kindred spirita builder who has worked with a wide variety of client CISOs on their programs, gaining a deep understanding of how a successful and sustainable program should be constructed. Ryan's cyber work in the US Department of Defense, his McKinsey & Company consulting, and his advisory and survey work with IANS give him a unique global view of our shared passion. Nicholas J. Mankovich, PhD, MS, CISPP



Who This Book Is For

CISOs, CROs, CIOs, directors of risk management, and anyone struggling to pull together frameworks or basic metrics to quantify uncertainty and address risk


Similar content being viewed by others

Keywords

Table of contents (11 chapters)

  1. The Problem

  2. The Solution

Authors and Affiliations

  • Arlington, USA

    Ryan Leirvik

About the author

Ryan Leirvik is a cybersecurity professional who has spent the better part of two decades enhancing information security programs at the world's largest institutions. With considerable US government and commercial sector experience, Ryan has employed his professional passion for cybersecurity at almost every level within an organization.

A frequent speaker on the topic of information security, Ryan fields several questions on “How do I make sure I have a sustainable cyber program?” This book was written to help answer that question.

Ryan has been the CEO of a cybersecurity research and development company, Chief of Staff and Associate Director of Cyber for the US Department of Defense, and a cybersecurity strategy consultant with McKinsey & Company. Ryan’s technology career started at IBM, and he has a master of IT degree from Virginia Tech, an MBA from Case Western Reserve University, as well as a bachelor of science from Purdue University. Ryan isalso on the faculty at IANS.

 


Bibliographic Information

Publish with us