Cyber Risk Management in Practice

A Guide to Real-World Solutions

Carlos Morales

$94.99

Paperback

Forthcoming
Pre-Order now

QTY:

English

CRC Press
30 June 2025

Business strategy; Legal aspects of computing; Computer security; Network management; Computer science

Series: Security, Audit and Leadership Series

Cyber Risk Management in Practice: A Guide to Real-World Solutions is your companion in the ever-changing landscape of cybersecurity. Whether you’re expanding your knowledge or looking to sharpen your existing skills, this book demystifies the complexities of cyber risk management, offering clear, actionable strategies to enhance your organization’s security posture. With a focus on real-world solutions, this guide balances practical application with foundational knowledge.

Key Features:

Foundational insights: Explore fundamental concepts, frameworks, and required skills that form the backbone of a strong and pragmatic cyber risk management program tailored to your organization’s unique needs. It covers everything from basic principles and threat modeling to developing a security-first culture that drives change within your organization. You’ll also learn how to align cybersecurity practices with business objectives to ensure a solid approach to risk management.

Practical application: Follow a hands-on, step-by-step implementation guide through the complete cyber risk management cycle, from business context analysis to developing and implementing effective treatment strategies. This book includes templates, checklists, and practical advice to execute your cyber risk management implementation, making complex processes manageable and straightforward. Real-world scenarios illustrate common pitfalls and effective solutions.

Advanced strategies: Go beyond the basics to achieve cyber resilience. Explore topics like third-party risk management, integrating cybersecurity with business continuity, and managing the risks of emerging technologies like AI and quantum computing. Learn how to build a proactive defense strategy that evolves with emerging threats and keeps your organization secure.

By: Carlos Morales
Imprint: CRC Press
Country of Publication: United Kingdom
Dimensions: Height: 234mm, Width: 156mm,
ISBN: 9781032901138
ISBN 10: 1032901136
Series: Security, Audit and Leadership Series
Pages: 340
Publication Date: 30 June 2025
Audience: Professional and scholarly , Undergraduate
Format: Paperback
Publisher's Status: Forthcoming

INTRODUCTION SECTION 1: MASTERING RISK MANAGEMENT ESSENTIALS. FUNDAMENTALS OF RISK MANAGEMENT CYBER RISK MANAGEMENT FRAMEWORKS OVERVIEW OF THE 5 STEPS OF RISK MANAGEMENT Risk Context Risk Assessment Risk Treatment Planning Risk Treatment Plans implementation Risk Monitoring RISK REGISTER GOVERNANCE AND CYBERSECURITY CULTURE Starting with Cyber Risk Management Aligning Corporate Governance and Security Culture SECTION 2: EXECUTING RISK MANAGEMENT, A STEP-BY-STEP GUIDE STARTING THE PROCESS: SCOPE AND INFORMATION GATHERING Understanding Your Environment Defining the Scope Gathering Essential Information RISK ASSESSMENT: FROM IDENTIFICATION TO CHARACTERIZATION The Art of Risk Identification Assessing the Impact and Likelihood of Risks Risk Characterization: Aggregation of Risks Above the Risk Appetite RISK TREATMENT STRATEGIES Exploring Risk Treatment Options Selecting the Optimal Path Forward MAKING THINGS HAPPEN: SECURITY INITIATIVES IMPLEMENTATION EPective Risk Communication Strategies Putting Plans into Action: Implementation of Risk Treatment Measures RISK MONITORING AND METRICS Ongoing Monitoring Practices Utilizing KPIs and KRIs for Insight and Oversight SECTION 3: BEYOND BASICS, ELEVATING TO CYBER RESILIENCE BUILDING CYBER RESILIENCE Principles of Cyber Resilience Strategies for Enhancing Organizational Resilience Case Studies on Recovering from Cyber Incidents THIRD-PARTY RISK MANAGEMENT Understanding Third-Party Risks in the Supply Chain Due Diligence and Assurance Processes for Third Parties ADVANCING TOWARDS RISK QUANTIFICATION Current Challenges in Cyber Risk Management Transitioning to Risk Quantification: Approaches and Tools CONCLUSION SUMMARY OF KEY LEARNINGS NEXT STEPS FOR EFFECTIVE RISK MANAGEMENT IMPLEMENTATION

Carlos Morales, MBA, A. CCISO, CISM, GRCP, GRCA, CRISC, IRMP, CDPSE, IDPP, IPMP, IAAP, ICEP, is a cybersecurity professional with over 18 years of experience in risk management, privacy, and information security across diverse global landscapes. An advocate for cybersecurity as a business enabler, Carlos is recognized for developing pragmatic, risk-based models that align security initiatives with organizational objectives. His international expertise is marked by his active participation in initiatives that bridge the gap between the private sector, public institutions, and academia. Carlos has worked with organizations of all sizes around the globe, from multinational conglomerates to startups, bringing a broad, practical perspective across industries. This experience allows him to tailor cybersecurity strategies that are effective and scalable, regardless of organizational size or sector. He served as an advisor on cybersecurity matters to the Executive Office of the President of Mexico for the National Cybersecurity Plan and was a member of the first Cybersecurity Innovation Council led by the Organization of American States (OAS), where he fostered collaboration among participating countries. At the Instituto Tecnológico y de Estudios Superiores de Monterrey (ITESM), Carlos played an active role in shaping the design of the Cybersecurity HUB and the master’s degree in cybersecurity. He continues to share his expertise as a professor in the ITESM Master’s program in cybersecurity, guiding the next generation of professionals. Carlos is also an active participant in international forums, where he shares practical insights and connects with diverse audiences, bridging technical and non-technical perspectives with clarity and impact.

Reviews for Cyber Risk Management in Practice: A Guide to Real-World Solutions

""Cyber Risk Management in Practice: A Guide to Real-World Solutions by Carlos Morales serves as a beacon for professionals involved not only in IT or cybersecurity but also across executive and operational roles within organizations. This book is an invaluable resource that I highly recommend for its practical insights and clear guidance."" José Antonio Fernández Carbajal Executive Chairman and CEO of FEMSA