Overview
Offers guidance to financial institutions regarding cyber challenges to help in the analysis of problems and choosing between risk treatment options
Explores cybersecurity as a pressing concern for financial organizations, including covering the unique ways it has hit this industry that have not been adequately explored
Provides much needed guidance on cyber threats against financial enterprises as they continue to increase and grow in complexity (as recently affirmed by the US Securities and Exchange Commission)
Access this book
Tax calculation will be finalised at checkout
Other ways to access
Table of contents (10 chapters)
-
Front Matter
-
Back Matter
Keywords
About this book
Financial cybersecurity is a complex, systemic risk challenge that includes technological and operational elements. The interconnectedness of financial systems and markets creates dynamic, high-risk environments where organizational security is greatly impacted by the level of security effectiveness of partners, counterparties, and other external organizations. The result is a high-risk environment with a growing need for cooperation between enterprises that are otherwise direct competitors. There is a new normal of continuous attack pressures that produce unprecedented enterprise threats that must be met with an array of countermeasures.
Financial Cybersecurity Risk Management explores a range of cybersecurity topics impacting financial enterprises. This includes the threat and vulnerability landscape confronting the financial sector, risk assessment practices and methodologies, and cybersecurity data analytics. Governance perspectives, including executive and board considerations, are analyzed as are the appropriate control measures and executive risk reporting.
What You’ll Learn
- Analyze the threat and vulnerability landscape confronting the financial sector
- Implement effective technology risk assessment practices and methodologies
- Craft strategies to treat observed risks in financial systems
- Improve the effectiveness of enterprise cybersecurity capabilities
- Evaluate critical aspects of cybersecurity governance, including executive and board oversight
- Identify significant cybersecurity operational challenges
- Consider the impact of the cybersecurity mission across the enterprise
- Leverage cybersecurity regulatory and industry standards to help manage financial services risks
- Use cybersecurity scenarios to measure systemic risks in financial systems environments
- Apply key experiences from actual cybersecurity events to develop more robust cybersecurity architectures
Who This Book Is For
Decision makers, cyber leaders, and front-line professionals, including: chief risk officers, operational risk officers, chief information security officers, chief security officers, chief information officers, enterprise risk managers, cybersecurity operations directors, technology and cybersecurity risk analysts, cybersecurity architects and engineers, and compliance officers
Authors and Affiliations
About the authors
Paul Rohmeyer has extensive industry and academic experience in many areas, including: information systems management, IT audit, information security, business continuity planning, and vendor management. He is a faculty member at the School of Business at Stevens Institute of Technology and has presented and published on information security, decision making, and business continuation. He has provided senior-level guidance to numerous financial institutions in the areas of risk management, information assurance, and network security over the past two decades.
Prior to his consulting career, Paul served as Director of IT for AXA Financial and Director of IT Architecture Planning for SAIC/Bellcore. He has MS and PhD degrees in information management from Stevens Institute of Technology, an MBA in finance from St. Joseph’s University, and a BA in economics from Rutgers University. He has achieved the CGEIT (Certified in the Governance of Enterprise IT), PMP (Project Management Professional), and NSA-IAM (US National Security Agency Information Assurance Methodology) credentials.
Jennifer L. Bayuk is a cybersecurity due diligence expert, cybersecurity risk management consultant, and an adjunct professor at Stevens Institute of Technology. She has served in many roles, including: global financial services technology risk management officer, Wall Street chief information security officer, Big 4 information risk management consultant, manager of information technology internal audit, security architect, Bell Labs security software engineer, professor of systems security engineering, private cybersecurity investigator, and expert witness.
Jennifer has written numerous publications on information security management, information technology risk management, information security tools and techniques, cybersecurity forensics, technology-related privacy issues, audit of physical and information systems, security awareness education, and systems security metrics. She has master degrees in computer science and philosophy, and a PhD in systems engineering. Her certifications include CISSP, CISA, CISM, CGEIT, and a New Jersey state private investigator license.
Bibliographic Information
Book Title: Financial Cybersecurity Risk Management
Book Subtitle: Leadership Perspectives and Guidance for Systems and Institutions
Authors: Paul Rohmeyer, Jennifer L. Bayuk
DOI: https://doi.org/10.1007/978-1-4842-4194-3
Publisher: Apress Berkeley, CA
eBook Packages: Professional and Applied Computing, Professional and Applied Computing (R0), Apress Access Books
Copyright Information: Paul Rohmeyer, Jennifer L. Bayuk 2019
Softcover ISBN: 978-1-4842-4193-6Published: 14 December 2018
eBook ISBN: 978-1-4842-4194-3Published: 13 December 2018
Edition Number: 1
Number of Pages: XXI, 259
Number of Illustrations: 48 b/w illustrations
Topics: Systems and Data Security, Risk Management