Experts agree and studies show that executive involvement is critical to managing cyber risk. But what exactly does that look like to the owners, board members and top managers of resource constrained small and medium businesses? This guide strips away the technical aspects and illustrates how to manage the business aspects of cybersecurity.

About The Book

Cyber risk managers know that sometimes there is disconnect between the way they view cybersecurity versus the way their businesses leaders do. This communication disconnect can cause a lack of cybersecurity prioritization in a business and lead to costly, damaging breaches. Managing cyber risk requires more than firewalls and good passwords. Cash flow, insurance, relationships, and legal affairs for an organization all play major roles in managing cyber risk. Treating cybersecurity as “just an IT problem” leaves an organization exposed and unprepared. Therefore, executives and cyber risk managers have to get on the same page.

Cybersecurity: A Business Solution is a concise guide to managing cybersecurity from a business perspective, written specifically for the leaders of small and medium businesses. This book helps cyber risk managers communicate their priorities to businesses leaders by providing a step-by-step approach to managing the financial impact of cybersecurity. The strategy provides the knowledge your business leaders need to better engage with cybersecurity. The book also covers common pitfalls that lead to a false sense of security. And, to help offset the cost of higher security, it explains how business leaders can leverage investments in cybersecurity to capture market share and realize more profits.

About The Author

Rob Arnold is a retired Senior Advisor for Cybersecurity and Risk Management to the National Risk Management Center, which is a division of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Among other projects, he spearheaded the establishment of the first National Critical Functions Risk Register to help senior government leaders prioritize and coordinate risk management objectives across the entire government ecosystem. Prior to joining the National Risk Management Center, Mr. Arnold served as the CEO of Threat Sketch, a data and analytics firm specializing in solutions for large scale cyber risk management problems. He completed his graduate studies in information security at East Carolina University and is certified in risk and information systems control by ISACA. He is the author of Cybersecurity: A Business Solution, a definitive guide to managing cyber risk in small organizations. Before joining the National Risk Management Center, he represented the interests of small organizations before Congress and through participation in key Homeland Security events. Mr. Arnold is a founding member of the ICT Supply Chain Task Force Executive Council. He served as the first chairman of the North Carolina Center for Cybersecurity and sat on advisory boards for the University of North Carolina at Greensboro, Forsyth Technology Community College and the University of North Carolina at Wilmington.