Security Relationship Management and The Shortest Hour Two-Book Bundle: (Security, Audit and Leadership Series)

1st Edition Security Relationship Management Leveraging Marketing Concepts to Advance a Cybersecurity Program Aligning information security to the goals and strategies of the business is paramount for ensuring risks are addressed, without an abundance of negative impacts to the company. But how does a Chief Information Security Officer (CISO) accomplish effective alignment? A security executive must understand the detailed needs of business leaders and stakeholders from across all corners of the company. We cannot rely on a standard cadence of general security discussions across all of the lines of business, as well as functional areas, and expect our alignment to be maximally effective. Instead, we should promote our security programs in such a way that makes it personal to whomever we are speaking with at any given time. By leveraging already established and tested marketing concepts, slightly altered for information security, the CISO can tailor their message to fit the needs of each stakeholder. This allows for in-depth business alignment, as well as a holistic view of the company’s underpinnings for the CISO. Within these pages, the reader will learn how segmentation, the Four Ps, and customer relationship management techniques, can help to transform their security program. Additionally, the book introduces a concept called Security Relationship Management (SRM) that optimizes the creation and nurturing of the hundreds of professional relationships (within and outside the company) that a CISO must balance each week. Through structured tracking of interactions and analyzing SRM data, the CISO ensures that relationships are managed effectively, which increases alignment between the business and cybersecurity initiatives. Pick up your copy of Security Relationship Management: Leveraging Marketing Concepts to Advance a Cybersecurity Program, today to begin your SRM journey. Please visit www.novelsecurity.com for more information. 1st Edition The Shortest Hour An Applied Approach to Boardroom Governance of Cyber Security Independent directors of corporate boards understand the importance of cyber security as a business issue. Increased regulatory requirements, the onslaught of breaches, as well as the replacement of the corporate network perimeter with more third-party partnerships have all contributed to cyber security rising to the top of enterprise risks. Yet, many directors only receive a few brief cyber security updates during the year. Moreover, many directors have devoted their careers to other important business disciplines and may not fully grasp the technical concepts of cyber security. The challenge is that many publications on board cyber security governance address the topic at such a high level that it removes the important context of the cyber security details—or covers the topic too deeply with hard-to-understand technical language. These resources may often provide lists of security questions for directors to ask of their management team, but they do not provide the answers to the questions so that actionable oversight can be performed. What I would have wanted, and why you are probably reading this book summary, is a resource that delivers the questions to ask but also provides the answers and in a narrative, easy-to-understand style. An award-winning Chief Information Security Officer with over two decades of working with multiple Fortune 500 boards, Lee Parrish provides an example-laden vision to improve cyber security governance in the boardroom. Additionally, Lee deciphers the technical jargon to increase the reader’s cyber fluency—not to make you a cyber expert but to help you be able to ask direct questions, understand the answers provided, challenge strategies, and advise on important cyber decisions. Pick up your copy of The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security today and start your journey on achieving more effective cyber security oversight. Want to learn more? Please visit www.novelsecurity.com

Table of Contents:
1st Edition Security Relationship Management Leveraging Marketing Concepts to Advance a Cybersecurity Program Dedication Introduction Chapter 1: Aligning on the CISO Role The Importance of Information Security Enterprise Reach Executive Level Access Putting It All Together Chapter 2: Security Relationship Management Defined Chapter 3: Marketing Concepts Re-Imagined Getting Started Product Price Place Promotion Chapter 4: Segmentation (Not the Network Kind) Chapter 5: Segmentation Suggestions Corporation Board of Directors Executive Team Cybersecurity Governance Committee Top Cybersecurity Proponents Other Committees Business Unit Manufacturing Distribution International Human Resources/Talent Management Finance Sales Information Technology (IT) Digital & eCommerce Communications/Investor Relations Legal (Including Outside Counsel) Internal Audit Top Cybersecurity Vendors The Cybersecurity Team Chapter 6: The Core Attributes of Segments Critical Stakeholders Metrics & Measurements Segment Contributions Segment Details Feedback Loops Compliance Requirements Cultural Considerations Documentation Retention Chapter 7: The ABC’s of SRM Connection Status Advocate Connection Initial Interaction Shadow Tracking Connections Connection Information Top Initiatives A Level Deeper Chapter 8: SRM Analytics Scenario One Scenario Two Scenario Three Broader Themes Chapter 9: Moving Outside of Your Corporation Frequency Scale Data Elements Vendor Relationships Chapter 10: Addressing Challenges Managing Engagement Challenges Oversaturation & Balancing the Message Unconventional Measures Geographical Challenges Company Size Chapter 11: The Future of SRM Appendix: SRM Toolkit SRM Discussion Topics Industry-specific Relationship Building 1st Edition The Shortest Hour An Applied Approach to Boardroom Governance of Cyber Security About the Author Preface Introduction SECTION ONE. Enhancing Board Oversight 1. The threat landscape 2. The chief information security officer role 3. Security vs. compliance 4. Examining the information security board governance structure 5. Information security assessment 6. The strategic plan 7. The importance of execution 8. Financing cyber security 9. The role of security vendors and consultants 10. Security service management 11. A vision for cyber security board governance SECTION TWO. Cyber security overview 12. Security operations 13. Incident response 14. Security awareness 15. Policy management 16. Risk management 17. The path ahead Appendix: Cyber security inquiry checklist Index

About the Author :
Lee Parrish is an award-winning technology executive with over two decades of unique experience in blending cybersecurity expertise with essential business competencies. As a Chief Information Security Officer, he has built customized cybersecurity strategies for global Fortune 500 corporations and has led real-world incident responses to cyber events. Lee has served as a trusted advisor on cybersecurity to multiple boards consisting of Chief Executive Officers, a former White House Chief of Staff, retired high-ranking military officers and a former U.S. Presidential candidate. Lee possesses two graduate degrees and is certified as both a Boardroom Qualified Technology Expert as well as a Certified Information Systems Security Professional. He has published numerous articles in industry journals, contributed to a best-selling information security book, and authored The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security, as well as a children’s book on cybersecurity. He is a frequent speaker at international security conferences and a guest on various podcasts. Lee is a combat veteran of the United States Marine Corps.