EMPOWER YOUR EMPLOYEES with ROLE-BASED CYBERSECURITY TRAINING!
EMPOWER YOUR EMPLOYEES with ROLE-BASED CYBERSECURITY TRAINING!
Signed in as:
filler@godaddy.com
The book provides a good combination of the theory as well as practical tips from real-life projects.
A must read for any professional. The fundamental concepts of complex information security and data privacy topics have been broken down into simple to understand language, with illustrations and actionable steps. A great reference point for delivery leads to ensure the secure delivery of their projects.”
“Educating our program, product, and project leaders on Cybersecurity is a must at this day and age. This book does an exceptional job of explaining complex topics in terms that are relatable and consumable for its target audience. It provides a solid foundation on theory while also sharing actual applications. I highly recommend this book!!”
Mica Syjuco, Director, Technology Leadership, Avanade
The risk of cybersecurity threats certainly isn’t new, but in recent times it has become an increasingly prominent issue. Cyberattacks have had massive impacts on the societal, political, and economic world in recent times.
Do you recall traveling to the airport to pick up someone prior to 9/11? I remember walking up to the aircraft door when picking up and dropping off my friends. Even though I was not the traveler sometimes, I was allowed to proceed to the boarding gate until the flight was ready to depart. There were no security lines at any stage before boarding the flight.
Now, after 9/11, the number of security inspections and screenings at airports have dramatically increased. You must arrive at the airport at least two hours before your flight is scheduled to depart, go through a tough security screening, remove your shoes, belt, computers, and whatnot from your baggage, and walk through a metal detector. There are several security cameras monitoring your every movement.
Have you ever found yourself in a situation where you were carrying something that wasn't allowed in your carry-on luggage? You probably had to toss the item away or return it to the check-in counter at the airport to check it in.
Similarly, when we first started designing internet applications, we didn't have to worry about writing security-related code, installing anti-malware, creating secure infrastructure, etc. But then, there were some huge cyberattacks and data breaches that transformed the entire digital world.
In recent years, there have been several cyber-attacks and data breaches. Here are some recent examples:
According to the world’s leading Cybersecurity researcher, Cybersecurity Ventures, Global cybercrime costs will grow by 15% each year over the next five years, it will reach $10.5 trillion USD per year.
To combat the attacks, US President Joe Biden has taken a number of steps. In May 2021, he signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. In March 2022, he issued a warning to the American business leaders of Russian cyberattacks, telling them to strengthen their companies’ cyber defenses immediately. Leaders of other nations are also prioritizing cybersecurity as a central part of their national security initiatives.
To ensure that businesses use processes and procedures to secure their assets, various laws and regulations have been enacted. Fines are imposed if these are not followed. Regulations include GDPR (Global Data Protection Regulation), a law enacted in the European Union (EU) to protect its citizens' personal data, HIPAA (Health Insurance Portability and Accountability Act), which protects patients' sensitive data, and several other regulations. Companies and their employees must abide by all applicable laws, regulations, standards, and ethical practices in their organization, industry, and country. This is known as compliance.
To comply with regulations and secure assets, businesses are focusing on strengthening their security teams. As a result, there is a significant shortage of highly sought-after cybersecurity professionals. The number of unfilled cybersecurity jobs increased globally by 350% over an eight-year period, from one million in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures. Cybersecurity has become everyone's responsibility, whether they are cybersecurity professionals or not to keep the organization safe.
In simple terms, Security means the measures taken to be safe or protected. In our daily lives, we do a variety of things to keep ourselves safe and protected. For example: when we leave the house, we lock our doors. We do that to safeguard our critical assets which include electronic devices, gadgets, and critical documents.
In this case, the lock is only one layer of security. But why is it just one layer?
Locking the door simply isn’t enough to prevent theft. What about the windows and the back doors? They, too, must be closed properly, locked, and secured. Devices like monitoring cameras, alarm systems, sensors, and others serve as additional layers in preventing theft. In a nutshell, when we take these preventative measures, we are securing the assets and information in our house and, hence, implementing security.
Similarly, your project will utilize various physical resources, i.e., work computers, servers, server rooms, critical documents, etc. Your projects may use some software tools and may create software resources i.e., applications, and programs. These software applications will exchange sensitive information over the company intranet and the internet.
How do you protect your company’s assets and information?
You put in technologies, processes, and policies, as well as engage professionals, to protect your company's sensitive data and other assets.
Therefore, security is defined as implementing technologies, processes, and practices to protect your assets and information from unauthorized access and use.
Privacy is keeping your personal, critical information to yourself or to the people you earnestly trust.
When we host parties, we welcome guests into our home. We give them access to the living hall, kitchen, restrooms, and other common areas. However, we don’t allow them any access to sensitive information such as your social-security-number (SSN), credit card, and bank account information. This information is our private information. This information belongs to only us and must be protected at all costs.
Let’s talk about social media. You may share your life events, pictures, and videos with friends on Facebook, Instagram, Twitter, etc. However, do you disclose your private or sensitive information in your social media posts? We're sure you don't, and you certainly would not want social media sites to do so without your consent, either. In fact, you would not want any business you deal with, whether it's your bank, doctor's office, or mortgage company, to disclose your private information without your permission.
Everyone should be able to share some information while keeping some privacy. It is your right to have control over how your personal information is collected and used.
Privacy is defined as safeguarding your personal and sensitive information from unauthorized access and sharing it only with the people you earnestly trust.
Finally, let’s look at privacy from a corporate perspective. Information like customer data, competitive information, and intellectual property is confidential and must not be shared with outsiders. This information needs to be protected.
“ An easy read and digest on the basic understanding of frameworks to manage risk, compliance, and projects. It is a great book to add to your library. If you don’t know where to start concerning cybersecurity and compliance, start by reading this book! You will understand and be able to speak the basic language of cybersecurity and wh
“ An easy read and digest on the basic understanding of frameworks to manage risk, compliance, and projects. It is a great book to add to your library. If you don’t know where to start concerning cybersecurity and compliance, start by reading this book! You will understand and be able to speak the basic language of cybersecurity and what to expect and look out for regarding security and compliance! Everyone needs to read this.”
“Cybersecurity awareness is critical to securing organizations on a path of accelerated digital adoption. The book eliminates the complexity of the subject and blends the principles of program management and security in an easy-to-understand manner. The book provides a good combination of the theory as well as practical tips from real-lif
“Cybersecurity awareness is critical to securing organizations on a path of accelerated digital adoption. The book eliminates the complexity of the subject and blends the principles of program management and security in an easy-to-understand manner. The book provides a good combination of the theory as well as practical tips from real-life projects. A "must-read" for the project and delivery leaders to set them up for success.”
“Cybersecurity is imperative for enterprises as well as nations today. Niharika and Sanjay have created an easy-to-read Cybersecurity primer for project leaders that helps address the enablement problem ‘With so much at stake, how could we equip ourselves better?’”
(Formerly Worldwide Big Data Analytics CoE Leader at IBM)
Author, Speaker, Board Member, Security and Compliance Advisor
Radio Host, Cybersecurity Advisor, Harvard Alum, Sports Executive
Copyright © 2024 Security and Compliance - All Rights Reserved.
Privacy Policy
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.