Advertisement

© 2019

Financial Cybersecurity Risk Management

Leadership Perspectives and Guidance for Systems and Institutions

Book

Table of contents

  1. Front Matter
    Pages i-xxi
  2. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 1-19
  3. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 21-48
  4. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 49-71
  5. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 73-104
  6. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 105-124
  7. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 125-156
  8. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 157-192
  9. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 193-222
  10. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 223-234
  11. Paul Rohmeyer, Jennifer L. Bayuk
    Pages 235-250
  12. Back Matter
    Pages 251-259

About this book

Introduction

Understand critical cybersecurity and risk perspectives, insights, and tools for the leaders of complex financial systems and markets. This book offers guidance for decision makers and helps establish a framework for communication between cyber leaders and front-line professionals. Information is provided to help in the analysis of cyber challenges and choosing between risk treatment options.

Financial cybersecurity is a complex, systemic risk challenge that includes technological and operational elements. The interconnectedness of financial systems and markets creates dynamic, high-risk environments where organizational security is greatly impacted by the level of security effectiveness of partners, counterparties, and other external organizations. The result is a high-risk environment with a growing need for cooperation between enterprises that are otherwise direct competitors. There is a new normal of continuous attack pressures that produce unprecedented enterprise threats that must be met with an array of countermeasures.

Financial Cybersecurity Risk Management explores a range of cybersecurity topics impacting financial enterprises. This includes the threat and vulnerability landscape confronting the financial sector, risk assessment practices and methodologies, and cybersecurity data analytics. Governance perspectives, including executive and board considerations, are analyzed as are the appropriate control measures and executive risk reporting.

What You’ll Learn:

  • Analyze the threat and vulnerability landscape confronting the financial sector
  • Implement effective technology risk assessment practices and methodologies
  • Craft strategies to treat observed risks in financial systems
  • Improve the effectiveness of enterprise cybersecurity capabilities
  • Evaluate critical aspects of cybersecurity governance, including executive and board oversight
  • Identify significant cybersecurity operational challenges
  • Consider the impact of the cybersecurity mission across the enterprise
  • Leverage cybersecurity regulatory and industry standards to help manage financial services risks
  • Use cybersecurity scenarios to measure systemic risks in financial systems environments
  • Apply key experiences from actual cybersecurity events to develop more robust cybersecurity architectures

Keywords

Financial Systems Cybersecurity Operational Risk Risk Assessment Cyber Threats Systemic Vulnerabilities Cyber Data Sharing Security Testing Cyber War Gaming Cybersecurity Data Analytics Cybersecurity Metrics Governance Compliance leadership

Authors and affiliations

  1. 1.Stevens Institute of TechnologyHobokenUSA
  2. 2.Stevens Institute of TechnologyHobokenUSA

About the authors

Paul Rohmeyer has extensive industry and academic experience in many areas, including: information systems management, IT audit, information security, business continuity planning, and vendor management. He is a faculty member at the School of Business at Stevens Institute of Technology and has presented and published on information security, decision making, and business continuation. He has provided senior-level guidance to numerous financial institutions in the areas of risk management, information assurance, and network security over the past two decades.

Prior to his consulting career, Paul served as Director of IT for AXA Financial and Director of IT Architecture Planning for SAIC/Bellcore. He has MS and PhD degrees in information management from Stevens Institute of Technology, an MBA in finance from St. Joseph’s University, and a BA in economics from Rutgers University. He has achieved the CGEIT (Certified in the Governance of Enterprise IT), PMP (Project Management Professional), and NSA-IAM (US National Security Agency Information Assurance Methodology) credentials.

Jennifer L. Bayuk is a cybersecurity due diligence expert, cybersecurity risk management consultant, and an adjunct professor at Stevens Institute of Technology. She has served in many roles, including: global financial services technology risk management officer, Wall Street chief information security officer, Big 4 information risk management consultant, manager of information technology internal audit, security architect, Bell Labs security software engineer, professor of systems security engineering, private cybersecurity investigator, and expert witness.

Jennifer has written numerous publications on information security management, information technology risk management, information security tools and techniques, cybersecurity forensics, technology-related privacy issues, audit of physical and information systems, security awareness education, and systems security metrics. She has master degrees in computer science and philosophy, and a PhD in systems engineering. Her certifications include CISSP, CISA, CISM, CGEIT, and a New Jersey state private investigator license.

Bibliographic information

Industry Sectors
Pharma
Automotive
Chemical Manufacturing
Biotechnology
IT & Software
Telecommunications
Consumer Packaged Goods
Engineering
Finance, Business & Banking
Electronics
Energy, Utilities & Environment
Aerospace