Résumé
Turn cyber intelligence into meaningful business decisions and reduce losses from cyber events
Cyber Intelligence-Driven Risk provides a solution to one of the most pressing issues that executives and risk managers face: How can we weave information security into our business decisions to minimize overall business risk?
In today's complex digital landscape, business decisions and cyber event responses have implications for information security that high-level actors may be unable to foresee. What we need is a cybersecurity command center capable of delivering, not just data, but concise, meaningful interpretations that allow us to make informed decisions.
Building, buying, or outsourcing a CI-DR (TM) program is the answer. In his work with executives at leading financial organizations and with the U.S. military, author Richard O. Moore III has tested and proven this next-level approach to Intelligence and Risk. This book is a guide to:
Building, buying, or outsourcing a cyber intelligence-driven risk program
Understanding the functional capabilities needed to sustain the program
Using cyber intelligence to support Enterprise Risk Management
Reducing loss from cyber events by building new organizational capacities
Supporting mergers and acquisitions with predictive analytics
Each function of a well-designed cyber intelligence-driven risk program can support informed business decisions in the era of increased complexity and emergent cyber threats.Cyber Intelligence Driven Risk 1
Acknowledgements 4
Foreword 6
Notes 6
Introduction 8
Notes 9
Objectives of a Cyber Intelligence-Driven Risk program 11
Notes 13
Importance of Intelligence for Businesses 15
Military to Commercial Viability of the CI-DR (TM) Program 21
Notes 26
CI-DR (TM) Security Program Components 27
Notes 35
Functional capabilities of the program 37
Notes 47
CI-DR (TM) Key Component Next-Generation Security Operations Center 48
Notes 51
CI-DR (TM) Key Component Cyber Threat Intelligence 52
CI-DR (TM) Key Component Forensic teams - Dr. Steven Johnson 55
Notes 65
CI-DR (TM) Key Component Vulnerability Management teams - Derek Olson 66
Notes 77
CI-DR (TM) Key Component Incident Response Teams - Dr. Steven Johnson 78
Notes 90
Security Testing teams 91
CI-DR (TM) Collection Components 92
Notes 93
CI-DR (TM) Stake Holders 94
Conclusion 97
Bibliography 99
About the Author and Chapter Authors 100
Richard O. Moore III, MSIA, CISSP, CISM The Author and Editor 100
Steven Johnson, DSc., CISM, CISSP, CCE #1463 100
Derek Olson, CISSP, CISM 101
Glossary 102
IndexRICHARD O. MOORE III, MSIA, CISSP, CISM, is founder and CEO of CyberSix, a consultancy that provides executive cyber leadership. Previously, Moore served in top Intelligence and Risk roles at Alvarez and Marsal, New York Life Insurance Company, KPMG, and the Royal Bank of Scotland. He also spent 15 years with the U.S. Marine Corps Intelligence Community.
