Preface.-
Introduction.-
Part I: The Cybersecurity Challenge.-
Chapter 1: Defining the Cybersecurity Challenge.-
Chapter 2: Meeting the Cybersecurity Challenge.-
Part II: A New Enterprise Cybersecurity Architecture.-
Chapter 3: Enterprise Cybersecurity Architecture.-
Chapter 4: Implementing Enterprise Cybersecurity.-
Chapter 5: Operating Enterprise Cybersecurity.-
Chapter 6: Enterprise Cybersecurity and the Cloud.-
Chapter 7: Enterprise Cybersecurity for Mobile and BYOD.-
Part III: The Art of Cyber Defense.-
Chapter 8: Building an Effective Defense.-
Chapter 9: Responding to Incidents.-
Chapter 10: Managing a Cybersecurity Crisis.-
Part IV: Enterprise Cyber Defense Assessment.-
Chapter 11: Assessing Enterprise Cybersecurity.-
Chapter 12: Measuring a Cybersecurity Program.-
Chapter 13: Mapping Against Cybersecurity Frameworks.-
Part V: Enterprise Cybersecurity Program.-
Chapter 14: Managing an Enterprise Cybersecurity Program.-
Chapter 15: Looking to the Future.-
Part VI: Appendices.-
Appendix A: Sample Cybersecurity Policy.-
Appendix B: Cybersecurity Operational Processes.-
Appendix C: Object Measurement.-
Appendix D: Cybersecurity Sample Assessment.-
Appendix E: Cybersecurity Capability Value Scales.-
About the Author: Scott Donaldson has professional experience in the defense, federal government, commercial, and university marketplaces. His expertise includes multi-hundred-million-dollar program management, systems development, information technology, business operations, business development, and technology cultural change. He has served in a wide variety of leadership roles, including Chief Technology Officer (CTO), IT Director, Chief Systems Engineer (CSE), Program Manager, Line Manager, and Business Development Capture Manager. Scott has co-authored three software engineering books: Successful Software Development: Making It Happen, 2nd Edition; Successful Software Development: Study Guide; and Cultivating Successful Software Development: A Practitioner's View. Scott also co-authored CTOs at Work (Apress) and Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats (Apress).
Dr. Stanley Siegel has progressive professional experience as a systems engineer, mathematician, and computer specialist. He started his career with the US Government in the Department of Commerce and then the Department of Defense. After his government service, he was with Grumman for 15 years and Science Applications International Corporation (SAIC) for over 20 years. He helped SAIC grow to an $11 billion leader in scientific, engineering, and technical solutions with hundreds of millions of dollars in new business. Dr. Siegel has co-authored four software engineering books, including the seminal software engineering textbook Software Configuration Management: An Investment in Product Integrity. He has contributed to a number of books, including the Encyclopedia of Software Engineering, Software Project Management Success Factors (Reducing the Likelihood of Software Failures); and the Handbook of Software Quality Assurance, Software Configuration Management--A Practical Look, 3rd Edition.
Chris Williams has been involved in the cybersecurity field since 1994 in a combination of US military and commercial positions. He has been with Leidos (formerly SAIC) since 2003 focusing on enterprise cybersecurity and compliance, and before that EDS (now HP) and Booz Allen Hamilton. He is a veteran of the US Army, having served five years with the 82nd Airborne Division and 35th Signal Brigade. He has worked on cybersecurity projects with the US Army, Defense Information Systems Agency, Department of State, Defense Intelligence Agency, and numerous other commercial and government organizations designing integrated solutions to protect against modern threats. Chris co-authored Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats (Apress).
Abdul Aslam has over 20 years of experience in devising risk acceptance and compliance frameworks, application security, security operations, and information protection. He is Director of Cyber Security Compliance and Risk Management for Leidos where he is in charge of delivering secure, scalable, security solutions, policy governance, and strategic technology support. He has worked on numerous IT projects with a proven record of pioneering innovative systems analysis processes and secure application designs that improve availability, integrity, confidentiality, reliability, effectiveness, and efficiency of technology services. Abdul co-authored Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats (Apress) and has presented on cybersecurity at International Information Systems Security Certification Consortium (ISC)2 and the Information Systems Security Association (ISSA).
