By MacDonnell Ulsch
Reviewed by Maria Patricia Prandini, CISA, CRISC
Cyberspace is part of almost every aspect of modern societies, reaching government agencies, private companies and individuals’ private lives. Many people enjoy the benefits that information technologies have brought to daily life.
Unfortunately, cybercrime has also become a fact of life, causing a variety of negative consequences to people and organizations. News on cyberfraud, intellectual property theft, the compromise of personal data and hacker attacks are more frequent every day and are making news headlines more and more frequently.
In MacDonnell Ulsch’s Cyber Threat! How to Manage the Growing Risk of Cyber Attacks, Ulsch says that security and technology are “two words that every board director must embrace.” This book presents an in-depth analysis of the risk faced by enterprises and the catastrophic consequences that enterprises could suffer if adequate measures are not taken in a timely manner.
The book is divided into three parts. Part one presents the main concepts and characteristics of cyberthreats, their impacts on organizations and nations, and the role of organized cybercrime and cyberterrorism.
The second part deals with corporate vulnerabilities and the need to take immediate action to protect assets and brands. In these four chapters, the author explores the difficulties with determining the cost of cyberattacks, the role of public policies, the trends driving cyberbreaches, and the use of social media as a means to create support for protests and boycotts, which can cause operational risk to any enterprise, government or industry.
Part three introduces the reader to the actions that executive management should take to reduce cyberattacks and to protect the corporate brand and critical assets. In this section, the author warns the reader, “Prepare for it. Don’t wait for the breach to occur to take action.” The four chapters comprising this section are full of recommendations on how to manage cyberrisk and understand early warning signs before the worst happens.
This book is a necessary read for corporate leaders and security professionals. The complexities of cyberthreats and cyberattacks are thoroughly explained. Real-life cases show the depth of the risk associated with cyberspace and the full extent of the problem. But the author goes further, describing the steps that should be taken to adequately manage and protect critical information.
The book is highly engaging, especially when describing cyberattacks and threats in detail. Explanations and analysis clarify the characteristics, trends and countermeasures that should be taken to manage the risk and adverse consequences of cyberthreats.
Cyberthreats are changing the way business, government, health, diplomatic, military, economic and even private issues are managed. The book is a call-to-action for senior executives and anybody who holds corporate responsibilities. Full of convincing arguments on how to increase resilience to cyberthreats, the author successfully helps the reader understand how vulnerable organizations and individuals are when proper actions are not taken in time.
Cyber Threat! How to Manage the Growing Risk of Cyber Attacks is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in the latest print edition of the ISACA Journal, visit www.isaca.org/bookstore, email [email protected] or telephone +1.847.660.5650.
Reviewed by Maria Patricia Prandini, CISA, CRISC, who has held numerous positions related to IT at the Argentine Government. Prandini was involved in the development of the National PKI and the foundation of ARCERT, the first governmental computer security incident response team (CSIRT) in Argentina. She is the immediate past president of the ISACA Buenos Aires (Argentina) Chapter.