Cyber Security: ESORMA Quickstart Guide: Enterprise Security Operations Risk Management Architecture for Cyber Security Practitioners

ISBN-10
ISBN-13: 9798662948686
Series: Cyber Security
Pages: 172
Language: English
Published: 2020-07
Authors: David White, Mustafa Ahmed

Description

This book answers the key cybersecurity questions: What should we do? Where should we start? What to do in an emergency? What do to on an ongoing basis? It is all presented as a neat framework in the shape of ESORMA. Plus there is an online portal full of supporting tools, that is free to access with the purchase of this book. ESORMA is a short easy process that copes well with Governance, Compliance, Operations, and, of course, the business itself. Whether you plan to apply NIST, ISO 27001 etc; Cyber Essentials, or any other security standard. This book will make your life easier in practice and implementation more effective.ESORMA came about because the authors, both cybersecurity veterans, and trainers find students love the content we deliver but tell us their colleagues and managers in the real world care about one thing - reducing costs. Security, we are told, just seems to add costs and slow things down. We feel strongly that it is our objective (and duty) to see if we can do something to change that narrative.The real issues are not about technology, everyone seems to have a very good handle on the tech. It seems to be about how to do it and communicating the 'why', to get others to take action which is the activity that always provides the biggest bang per buck when it comes down to security common sense in practice.Nowadays, every organisation that has assets to secure, one way or another, has a Chief Information Security Officer: a CISO, whether they know it or not. Even if no one has the title, the role exists. This book is nothing more than a quickstart guide. It does not go into depth or endless theory, there are lots of great courses that can give you all of that. This book cuts out the fat and provides lists of options, areas, and ideas to consider, with checklists, case studies, and more, so you can make progress and achieve noticeable results quickly to truly benefit the business and your career. The process is aways business operations first, the framework second. The framework provides the basis for review, not as a dogma to rigidly follow. It is based on a star topology, putting you are in the middle, in control, ready to go in any direction that suits you. It is this core centricity that reveals the flexibility of this framework. It touches on all the areas you need to take action quickly, it is not necessary to cover all the other steps first.There are frameworks that look great on the surface, yet fill you with dread when you start to realise what is truly involved. They are not wrong, just the approach unnecessary. We believe you need to focus on the business first and you need to know what should be done first in practice, that's all.Training and certification is useful and necessary, this is not a replacement, although this may well help you with your Continuing Professional Education credits, especially if you use the tools available from within the ESORMA portal that you will also have access to.