You are here

Resources to help you teach online

See our resources page for information, support and best practices.

Due to the current restrictions in place, our inspection copy policy has changed. Please refer to our updated inspection copy policy for details.

Cybersecurity Readiness
Share

Cybersecurity Readiness
A Holistic and High-Performance Approach



May 2021 | 336 pages | SAGE Publications, Inc

Cybersecurity has traditionally been the purview of information technology professionals, who possess specialized knowledge and speak a language that few outside of their department can understand. In our current corporate landscape, however, cybersecurity awareness must be an organization-wide management competency in order to mitigate major threats to an organization’s well-being—and be prepared to act if the worst happens.

With rapidly expanding attacks and evolving methods of attack, organizations are in a perpetual state of breach and have to deal with this existential threat head-on. Cybersecurity preparedness is a critical and distinctive competenc
y, and this book is intended to help students and practitioners develop and enhance this capability, as individuals continue to be both the strongest and weakest links in a cyber defense system.

 

In addition to providing the non-specialist with a jargon-free overview of cybersecurity threats, Dr. Chatterjee focuses most of the book on developing a practical and easy-to-comprehend management framework and success factors that will help leaders assess cybersecurity risks, address organizational weaknesses, and build a collaborative culture that is informed and responsive. Through brief case studies, literature review, and practical tools, he creates a manual for the student and professional alike to put into practice essential skills for any workplace. 

 
Preface
 
Foreword
 
Endorsements
 
Acknowledgments
 
About the Author
 
Chapter 1. Introduction: The Challenge of Cybersecurity
 
Chapter 2. The Cyberattack Epidemic
2.1 Expanding Hardware and Software Attack Surfaces

 
2.2 The Human Vulnerability Factor

 
2.3 Growing Attack Vectors

 
2.4 Nature and Extent of Impact

 
 
Chapter 3. Breach Incidents and Lessons Learned
3.1 The Capital One Breach That Exposed 100 Million Applicants and Customer Information

 
3.2 British Airways Ordered to Pay a Record Fine of $230 Million

 
3.3 Target Retail Chain Experiences an External Intrusion That Compromised Millions of Customers’ Data

 
3.4 Adult Friend Finder Site Breach Exposes Millions of Customer Records

 
3.5 Three Billion Yahoo User Accounts Compromised

 
3.6 Equifax Data Breach Exposes Millions of Customers’ Data

 
3.7 Adobe Breach Exposes 38 Million Customer Records

 
3.8 Anthem Breach Affects 78.8 Million People

 
 
Chapter 4. Foundations of the High-Performance Information Security Culture Framework
4.1 Organizational Culture and Firm Performance

 
4.2 Organizational Culture and Cybersecurity

 
4.3 High-Reliability Organizational Culture Traits

 
 
Chapter 5. Commitment
5.1 Hands-On Top Management

 
5.2 “We-Are-in-It-Together” Culture

 
5.3 Cross-Functional Participation

 
5.4 Sustainable Budget

 
5.5 Strategic Alignment and Partnerships

 
5.6 Joint Ownership and Accountability

 
5.7 Empowerment

 
 
Chapter 6. Preparedness
6.1 Identify

 
6.2 Protect

 
6.3 Detect

 
6.4 Respond and Recover

 
 
Chapter 7. Discipline
7.1 Information Security Governance Policy

 
7.2 Communications and Enforcement of Policies

 
7.3 Continuous Monitoring

 
7.4 Continuous Performance Assessment and Improvement

 
7.5 Security Audits and Drills

 
7.6 Penetration Testing and Red Team Exercises

 
 
Chapter 8. Key Messages and Actionable Recommendations
8.1 Commitment

 
8.2 Preparedness

 
8.3 Discipline

 
 
Appendix 1 Information Security Monitoring Controls
 
Appendix 2 Cybersecurity Performance Measures
 
Appendix 3A Cybersecurity Readiness Scorecard: Commitment
 
Appendix 3B Cybersecurity Readiness Scorecard: Preparedness
 
Appendix 3C Cybersecurity Readiness Scorecard: Discipline
 
Appendix 4 Cybersecurity and Privacy Laws and Regulations
 
Appendix 5 Physical, Technical, and Administrative Controls: A Representative List
 
Appendix 6 Case Studies
 
Cybersecurity Resources
 
Index

This book is a valuable resource for cybersecurity readiness today. Many breaches in the past could have been prevented. This book reviews past leadership decisions and breach examples to provide an effective approach using lessons learned and best practices.

Mary Levins, President
Sierra Creek Consulting LLC

Prof. Chatterjee’s book is a very pragmatic and comprehensive guide to cybersecurity readiness. The governance framework is both powerful and easy to comprehend. Anchored on three high-performance security culture dimensions of commitment, preparedness, and discipline, the framework presents a set of seventeen cybersecurity success factors. Uncovered from analyzing primary and secondary data gathered over several years, these success factors encompass people-, process-, and technology-driven measures. Numerous breach incidents, presented in the form of vignettes and cases, are used to highlight vulnerabilities and lessons learned. The book also provides useful resources such as cybersecurity readiness scorecard elements; a list of physical, technical, and administrative controls; an information security monitoring control guide; an overview of cybersecurity and privacy laws and regulations; cybersecurity performance measures; and case studies.

Professor Daniel O’Leary
Marshall School of Business, University of Southern California,

Dr. Chatterjee’s book fortifies the most essential truth when it comes to effective cybersecurity programs: “technology alone will not mitigate cybersecurity risks.” He identifies key traits that need to be engrained in organizational culture to support the cybersecurity mission as well as seventeen success factors within that cultural framework that any student or practitioner should consider when evaluating their security posture.

Stoddard Mannikin, Chief Information Security Officer
Prominent U.S. Pediatric Healthcare Organization

Dr. Dave’s book on cybersecurity management is an eye opener for all organizations in today’s world. He has taken tremendous efforts in presenting how to identify, defend, respond, and build resilience in case of cyberattacks in a very simple way. This book is very easy to understand and very important for the senior leadership team of an organization to gain thorough knowledge on the subject of cybersecurity.

Arun Kumar Narayan, Director, Audit & Asset Protection
Alshaya Group

Cyber threats, in their many and continuously evolving ways, remain more than ever an existential threat to virtually all companies, both large and small. In his new book Cybersecurity Readiness: A Holistic and High- Performance Approach, Dr. Chatterjee does an excellent job of breaking down these threats and providing a framework for creating a culture of engagement at all levels in an organization to effectively and proactively manage these threats. In my years leading enterprise IT organizations, I can personally attest to the effectiveness of the concepts outlined here and I wholeheartedly recommend this book. In fact, I believe that this should be required reading for anyone entering today’s workforce, regardless of their role. Cybersecurity is not an IT issue, which Dr. Chatterjee makes clear, but rather something that requires everyone’s knowledge and involvement. A must read!

Joseph Pekala, President
ESP Holdings LLC

Public and hybrid cloud adoption have made the boundaries of corporate IT infrastructure more nebulous, and the need for a well-defined and executed security strategy has never been greater. As companies increasingly pursue the financial benefits of cloudification by virtualizing and containerizing their application architectures, the architectural complexity and the number of potential vulnerabilities significantly increase. Dr. Chatterjee does a superb job of portraying both the business need and the technology approach to define a successful security strategy

Rob Purks, Senior Executive
Telecommunications Industry

Our financial lives, our business lives, and even our personal lives are all online. Cybersecurity is a non-negotiable investment for almost every company in our global community. Just as we have to make sure people walking into a store are physically safe during their experience, we have to ensure their information is safe when they ‘walk into” the cyber version. Professor Chatterjee’s book highlights the traits of a high-performing information security culture: commitment, preparedness, and discipline. His insight and accessible tactics make this book mandatory for any institution looking to mitigate financial and reputational risk.

Azi Quinn, Agile Transformation Leader
Financial Services Industry

Commitment, preparedness, and discipline in cybersecurity are things Professor Chatterjee has been advocating for many years. The book is a comprehensive summary for executives who wish to understand how cybersecurity has moved from a “techie” topic to a serious boardroom agenda and what organizations should be doing to not only defend, but also respond and build resilience in case of a cyberattack. Professor Chatterjee’s writing style is simple and offers an engaging, informative, and most importantly, actionable read and is highly recommended as an executive leadership must-read and must-discuss book.

Tushar Sachdev, Chief Technology Officer
KORE Wireless

Information security is a part of everyone’s responsibility; yet, too many people and organizations still do not completely understand and embrace this. People (and organization culture) continue to be the weakest link in most organization’s security postures. Too often, information security teams focus on technical solutions and audit-driven processes, while not being able to drive the organization-wide awareness, buy-in, and culture change that is needed to holistically secure the enterprise.

Dr. Chatterjee’s Cybersecurity Readiness: A Holistic and High- Performance Approach tackles this weakest link, the hardest part of information security. He uses high-performance culture traits, supporting success factors, and actionable guiding questions to integrate top-down and bottom-up human-centric approaches, to permeate information security awareness and ownership across the organization. His Cybersecurity Readiness Scorecard, built from these guiding questions, is an effective way to periodically assess and quantify an organization’s cultural cybersecurity maturity.

This book is definitely a must-read for everyone in the knowledge economy. If your organization uses this approach to fortify its cybersecurity culture, it will ultimately save your jobs and your reputation, enhance your competitiveness, and avoid millions to billions of dollars in costs down the line! Cancel the rest of your meetings today and start reading!

Zareer Siganporia, Chief Executive Officer
Trusted Tech Partners

Professor Chatterjee’s book is a must-read for any executive who views their organizations’ data as a strategic asset. It is one of the finest works I have read on giving a broad understanding of the dangerous cyber world we live in and why it is here to stay with us. His work provides an excellent framework for building and sustaining a high-performance security

culture, with appropriate systems and processes, to achieve cyber-risk resilience and operate business with confidence rather than fear.

Rohit Verma, Chief Executive Officer
Crawford & Company

For instructors

This book is not available as an inspection copy. For more information contact your local sales representative.

Select a Purchasing Option

ISBN: 9781071837337
£46.00

SAGE Knowledge is the ultimate social sciences digital library for students, researchers, and faculty. Hosting more than 4,400 titles, it includes an expansive range of SAGE eBook and eReference content, including scholarly monographs, reference works, handbooks, series, professional development titles, and more.

The platform allows researchers to cross-search and seamlessly access a wide breadth of must-have SAGE book and reference content from one source.

SAGE Knowledge brings together high-quality content from across our imprints, including CQ Press and Corwin titles.