- Broschiertes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
Cyber Risk Management in Practice: A Guide to Real-World Solutions is your companion in the ever-changing landscape of cybersecurity.
Cyber Risk Management in Practice: A Guide to Real-World Solutions is your companion in the ever-changing landscape of cybersecurity.
Produktdetails
- Produktdetails
- Security, Audit and Leadership Series
- Verlag: Taylor & Francis Ltd
- Seitenzahl: 340
- Erscheinungstermin: 29. Juni 2025
- Englisch
- Abmessung: 233mm x 160mm x 23mm
- Gewicht: 552g
- ISBN-13: 9781032901138
- ISBN-10: 1032901136
- Artikelnr.: 72700517
- Herstellerkennzeichnung
- Libri GmbH
- Europaallee 1
- 36244 Bad Hersfeld
- gpsr@libri.de
- Security, Audit and Leadership Series
- Verlag: Taylor & Francis Ltd
- Seitenzahl: 340
- Erscheinungstermin: 29. Juni 2025
- Englisch
- Abmessung: 233mm x 160mm x 23mm
- Gewicht: 552g
- ISBN-13: 9781032901138
- ISBN-10: 1032901136
- Artikelnr.: 72700517
- Herstellerkennzeichnung
- Libri GmbH
- Europaallee 1
- 36244 Bad Hersfeld
- gpsr@libri.de
Carlos Morales, MBA, A. CCISO, CISM, GRCP, GRCA, CRISC, IRMP, CDPSE, IDPP, IPMP, IAAP, ICEP, is a cybersecurity professional with over 18 years of experience in risk management, privacy, and information security across diverse global landscapes. An advocate for cybersecurity as a business enabler, Carlos is recognized for developing pragmatic, risk-based models that align security initiatives with organizational objectives. His international expertise is marked by his active participation in initiatives that bridge the gap between the private sector, public institutions, and academia. Carlos has worked with organizations of all sizes around the globe, from multinational conglomerates to startups, bringing a broad, practical perspective across industries. This experience allows him to tailor cybersecurity strategies that are effective and scalable, regardless of organizational size or sector. He served as an advisor on cybersecurity matters to the Executive Office of the President of Mexico for the National Cybersecurity Plan and was a member of the first Cybersecurity Innovation Council led by the Organization of American States (OAS), where he fostered collaboration among participating countries. At the Instituto Tecnológico y de Estudios Superiores de Monterrey (ITESM), Carlos played an active role in shaping the design of the Cybersecurity HUB and the master's degree in cybersecurity. He continues to share his expertise as a professor in the ITESM Master's program in cybersecurity, guiding the next generation of professionals. Carlos is also an active participant in international forums, where he shares practical insights and connects with diverse audiences, bridging technical and non-technical perspectives with clarity and impact.
INTRODUCTION
SECTION 1: MASTERING RISK MANAGEMENT ESSENTIALS.
FUNDAMENTALS OF RISK MANAGEMENT
CYBER RISK MANAGEMENT FRAMEWORKS
OVERVIEW OF THE 5 STEPS OF RISK MANAGEMENT
Risk Context
Risk Assessment
Risk Treatment Planning
Risk Treatment Plans implementation
Risk Monitoring
RISK REGISTER
GOVERNANCE AND CYBERSECURITY CULTURE
Starting with Cyber Risk Management
Aligning Corporate Governance and Security Culture
SECTION 2: EXECUTING RISK MANAGEMENT, A STEP-BY-STEP GUIDE
STARTING THE PROCESS: SCOPE AND INFORMATION GATHERING
Understanding Your Environment
Defining the Scope
Gathering Essential Information
RISK ASSESSMENT: FROM IDENTIFICATION TO CHARACTERIZATION
The Art of Risk Identification
Assessing the Impact and Likelihood of Risks
Risk Characterization: Aggregation of Risks Above the Risk Appetite
RISK TREATMENT STRATEGIES
Exploring Risk Treatment Options
Selecting the Optimal Path Forward
MAKING THINGS HAPPEN: SECURITY INITIATIVES IMPLEMENTATION
EPective Risk Communication Strategies
Putting Plans into Action: Implementation of Risk Treatment Measures
RISK MONITORING AND METRICS
Ongoing Monitoring Practices
Utilizing KPIs and KRIs for Insight and Oversight
SECTION 3: BEYOND BASICS, ELEVATING TO CYBER RESILIENCE
BUILDING CYBER RESILIENCE
Principles of Cyber Resilience
Strategies for Enhancing Organizational Resilience
Case Studies on Recovering from Cyber Incidents
THIRD-PARTY RISK MANAGEMENT
Understanding Third-Party Risks in the Supply Chain
Due Diligence and Assurance Processes for Third Parties
ADVANCING TOWARDS RISK QUANTIFICATION
Current Challenges in Cyber Risk Management
Transitioning to Risk Quantification: Approaches and Tools
CONCLUSION
SUMMARY OF KEY LEARNINGS
NEXT STEPS FOR EFFECTIVE RISK MANAGEMENT IMPLEMENTATION
SECTION 1: MASTERING RISK MANAGEMENT ESSENTIALS.
FUNDAMENTALS OF RISK MANAGEMENT
CYBER RISK MANAGEMENT FRAMEWORKS
OVERVIEW OF THE 5 STEPS OF RISK MANAGEMENT
Risk Context
Risk Assessment
Risk Treatment Planning
Risk Treatment Plans implementation
Risk Monitoring
RISK REGISTER
GOVERNANCE AND CYBERSECURITY CULTURE
Starting with Cyber Risk Management
Aligning Corporate Governance and Security Culture
SECTION 2: EXECUTING RISK MANAGEMENT, A STEP-BY-STEP GUIDE
STARTING THE PROCESS: SCOPE AND INFORMATION GATHERING
Understanding Your Environment
Defining the Scope
Gathering Essential Information
RISK ASSESSMENT: FROM IDENTIFICATION TO CHARACTERIZATION
The Art of Risk Identification
Assessing the Impact and Likelihood of Risks
Risk Characterization: Aggregation of Risks Above the Risk Appetite
RISK TREATMENT STRATEGIES
Exploring Risk Treatment Options
Selecting the Optimal Path Forward
MAKING THINGS HAPPEN: SECURITY INITIATIVES IMPLEMENTATION
EPective Risk Communication Strategies
Putting Plans into Action: Implementation of Risk Treatment Measures
RISK MONITORING AND METRICS
Ongoing Monitoring Practices
Utilizing KPIs and KRIs for Insight and Oversight
SECTION 3: BEYOND BASICS, ELEVATING TO CYBER RESILIENCE
BUILDING CYBER RESILIENCE
Principles of Cyber Resilience
Strategies for Enhancing Organizational Resilience
Case Studies on Recovering from Cyber Incidents
THIRD-PARTY RISK MANAGEMENT
Understanding Third-Party Risks in the Supply Chain
Due Diligence and Assurance Processes for Third Parties
ADVANCING TOWARDS RISK QUANTIFICATION
Current Challenges in Cyber Risk Management
Transitioning to Risk Quantification: Approaches and Tools
CONCLUSION
SUMMARY OF KEY LEARNINGS
NEXT STEPS FOR EFFECTIVE RISK MANAGEMENT IMPLEMENTATION
INTRODUCTION
SECTION 1: MASTERING RISK MANAGEMENT ESSENTIALS.
FUNDAMENTALS OF RISK MANAGEMENT
CYBER RISK MANAGEMENT FRAMEWORKS
OVERVIEW OF THE 5 STEPS OF RISK MANAGEMENT
Risk Context
Risk Assessment
Risk Treatment Planning
Risk Treatment Plans implementation
Risk Monitoring
RISK REGISTER
GOVERNANCE AND CYBERSECURITY CULTURE
Starting with Cyber Risk Management
Aligning Corporate Governance and Security Culture
SECTION 2: EXECUTING RISK MANAGEMENT, A STEP-BY-STEP GUIDE
STARTING THE PROCESS: SCOPE AND INFORMATION GATHERING
Understanding Your Environment
Defining the Scope
Gathering Essential Information
RISK ASSESSMENT: FROM IDENTIFICATION TO CHARACTERIZATION
The Art of Risk Identification
Assessing the Impact and Likelihood of Risks
Risk Characterization: Aggregation of Risks Above the Risk Appetite
RISK TREATMENT STRATEGIES
Exploring Risk Treatment Options
Selecting the Optimal Path Forward
MAKING THINGS HAPPEN: SECURITY INITIATIVES IMPLEMENTATION
EPective Risk Communication Strategies
Putting Plans into Action: Implementation of Risk Treatment Measures
RISK MONITORING AND METRICS
Ongoing Monitoring Practices
Utilizing KPIs and KRIs for Insight and Oversight
SECTION 3: BEYOND BASICS, ELEVATING TO CYBER RESILIENCE
BUILDING CYBER RESILIENCE
Principles of Cyber Resilience
Strategies for Enhancing Organizational Resilience
Case Studies on Recovering from Cyber Incidents
THIRD-PARTY RISK MANAGEMENT
Understanding Third-Party Risks in the Supply Chain
Due Diligence and Assurance Processes for Third Parties
ADVANCING TOWARDS RISK QUANTIFICATION
Current Challenges in Cyber Risk Management
Transitioning to Risk Quantification: Approaches and Tools
CONCLUSION
SUMMARY OF KEY LEARNINGS
NEXT STEPS FOR EFFECTIVE RISK MANAGEMENT IMPLEMENTATION
SECTION 1: MASTERING RISK MANAGEMENT ESSENTIALS.
FUNDAMENTALS OF RISK MANAGEMENT
CYBER RISK MANAGEMENT FRAMEWORKS
OVERVIEW OF THE 5 STEPS OF RISK MANAGEMENT
Risk Context
Risk Assessment
Risk Treatment Planning
Risk Treatment Plans implementation
Risk Monitoring
RISK REGISTER
GOVERNANCE AND CYBERSECURITY CULTURE
Starting with Cyber Risk Management
Aligning Corporate Governance and Security Culture
SECTION 2: EXECUTING RISK MANAGEMENT, A STEP-BY-STEP GUIDE
STARTING THE PROCESS: SCOPE AND INFORMATION GATHERING
Understanding Your Environment
Defining the Scope
Gathering Essential Information
RISK ASSESSMENT: FROM IDENTIFICATION TO CHARACTERIZATION
The Art of Risk Identification
Assessing the Impact and Likelihood of Risks
Risk Characterization: Aggregation of Risks Above the Risk Appetite
RISK TREATMENT STRATEGIES
Exploring Risk Treatment Options
Selecting the Optimal Path Forward
MAKING THINGS HAPPEN: SECURITY INITIATIVES IMPLEMENTATION
EPective Risk Communication Strategies
Putting Plans into Action: Implementation of Risk Treatment Measures
RISK MONITORING AND METRICS
Ongoing Monitoring Practices
Utilizing KPIs and KRIs for Insight and Oversight
SECTION 3: BEYOND BASICS, ELEVATING TO CYBER RESILIENCE
BUILDING CYBER RESILIENCE
Principles of Cyber Resilience
Strategies for Enhancing Organizational Resilience
Case Studies on Recovering from Cyber Incidents
THIRD-PARTY RISK MANAGEMENT
Understanding Third-Party Risks in the Supply Chain
Due Diligence and Assurance Processes for Third Parties
ADVANCING TOWARDS RISK QUANTIFICATION
Current Challenges in Cyber Risk Management
Transitioning to Risk Quantification: Approaches and Tools
CONCLUSION
SUMMARY OF KEY LEARNINGS
NEXT STEPS FOR EFFECTIVE RISK MANAGEMENT IMPLEMENTATION