Abstract
Cybersecurity risk is ubiquitous and so there is a need to manage it as such, at the enterprise level. Management strategy begins with an understanding of business fundamentals: mission, vision, and core values. These fundamentals are not simply part of management strategy; they comprise the success criteria to which strategy itself is compared. Management strategy lays out detailed business objectives that correspond to goals, and develops plans for how they will be achieved. As an organization makes business plans, risk is a key consideration in evaluating and selecting from alternative management strategies. Decision makers need to recognize the technology associated with any business strategy may be exposed to cyberattack. Cybersecurity risk management at the level of the enterprise therefore begins with understanding and communicating how technology supports strategy. The structure and function of the enterprise governance function provide the key linkage to enable organizations to execute strategy; effective governance guides the movement of the organization toward strategic goals.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2019 Paul Rohmeyer, Jennifer L. Bayuk
About this chapter
Cite this chapter
Rohmeyer, P., Bayuk, J.L. (2019). How Do I Manage This?. In: Financial Cybersecurity Risk Management. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-4194-3_6
Download citation
DOI: https://doi.org/10.1007/978-1-4842-4194-3_6
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-4193-6
Online ISBN: 978-1-4842-4194-3
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books