You are here

Cybersecurity Readiness

Cybersecurity Readiness
A Holistic and High-Performance Approach

First Edition

March 2021 | 336 pages | SAGE Publications, Inc

"Information security has become an important and critical component of every organization. In his book, Professor Chatterjee explains the challenges that organizations experience to protect information assets. The book sheds light on different aspects of cybersecurity including a history and impact of the most recent security breaches, as well as the strategic and leadership components that help build strong cybersecurity programs. This book helps bridge the gap between academia and practice and provides important insights that may help professionals in every industry."

Mauricio Angee, Chief Information Security Officer, GenesisCare USA, Fort Myers, Florida, USA

"This book by Dave Chatterjee is by far the most comprehensive book on cybersecurity management. Cybersecurity is on top of the minds of board members, CEOs, and CIOs as they strive to protect their employees and intellectual property. This book is a must-read for CIOs and CISOs to build a robust cybersecurity program for their organizations."
Vidhya Belapure, Chief Information Officer, Huber Engineered Materials & CP Kelco, Marietta, Georgia, USA

Cybersecurity has traditionally been the purview of information technology professionals, who possess specialized knowledge and speak a language that few outside of their department can understand. In our current corporate landscape, however, cybersecurity awareness must be an organization-wide management competency in order to mitigate major threats to an organization’s well-being—and be prepared to act if the worst happens.

With rapidly expanding attacks and evolving methods of attack, organizations are in a perpetual state of breach and have to deal with this existential threat head-on. Cybersecurity preparedness is a critical and distinctive competenc
y, and this book is intended to help students and practitioners develop and enhance this capability, as individuals continue to be both the strongest and weakest links in a cyber defense system.


In addition to providing the non-specialist with a jargon-free overview of cybersecurity threats, Dr. Chatterjee focuses most of the book on developing a practical and easy-to-comprehend management framework and success factors that will help leaders assess cybersecurity risks, address organizational weaknesses, and build a collaborative culture that is informed and responsive. Through brief case studies, literature review, and practical tools, he creates a manual for the student and professional alike to put into practice essential skills for any workplace. 

About the Author
Chapter 1. Introduction: The Challenge of Cybersecurity
Chapter 2. The Cyberattack Epidemic
2.1 Expanding Hardware and Software Attack Surfaces

2.2 The Human Vulnerability Factor

2.3 Growing Attack Vectors

2.4 Nature and Extent of Impact

Chapter 3. Breach Incidents and Lessons Learned
3.1 The Capital One Breach That Exposed 100 Million Applicants and Customer Information

3.2 British Airways Ordered to Pay a Record Fine of $230 Million

3.3 Target Retail Chain Experiences an External Intrusion That Compromised Millions of Customers’ Data

3.4 Adult Friend Finder Site Breach Exposes Millions of Customer Records

3.5 Three Billion Yahoo User Accounts Compromised

3.6 Equifax Data Breach Exposes Millions of Customers’ Data

3.7 Adobe Breach Exposes 38 Million Customer Records

3.8 Anthem Breach Affects 78.8 Million People

Chapter 4. Foundations of the High-Performance Information Security Culture Framework
4.1 Organizational Culture and Firm Performance

4.2 Organizational Culture and Cybersecurity

4.3 High-Reliability Organizational Culture Traits

Chapter 5. Commitment
5.1 Hands-On Top Management

5.2 “We-Are-in-It-Together” Culture

5.3 Cross-Functional Participation

5.4 Sustainable Budget

5.5 Strategic Alignment and Partnerships

5.6 Joint Ownership and Accountability

5.7 Empowerment

Chapter 6. Preparedness
6.1 Identify

6.2 Protect

6.3 Detect

6.4 Respond and Recover

Chapter 7. Discipline
7.1 Information Security Governance Policy

7.2 Communications and Enforcement of Policies

7.3 Continuous Monitoring

7.4 Continuous Performance Assessment and Improvement

7.5 Security Audits and Drills

7.6 Penetration Testing and Red Team Exercises

Chapter 8. Key Messages and Actionable Recommendations
8.1 Commitment

8.2 Preparedness

8.3 Discipline

Appendix 1 Information Security Monitoring Controls
Appendix 2 Cybersecurity Performance Measures
Appendix 3A Cybersecurity Readiness Scorecard: Commitment
Appendix 3B Cybersecurity Readiness Scorecard: Preparedness
Appendix 3C Cybersecurity Readiness Scorecard: Discipline
Appendix 4 Cybersecurity and Privacy Laws and Regulations
Appendix 5 Physical, Technical, and Administrative Controls: A Representative List
Appendix 6 Case Studies
Cybersecurity Resources

This book is a valuable resource for cybersecurity readiness today. Many breaches in the past could have been prevented. This book reviews past leadership decisions and breach examples to provide an effective approach using lessons learned and best practices.

Mary Levins, President
Sierra Creek Consulting LLC

Prof. Chatterjee’s book is a very pragmatic and comprehensive guide to cybersecurity readiness. The governance framework is both powerful and easy to comprehend. Anchored on three high-performance security culture dimensions of commitment, preparedness, and discipline, the framework presents a set of seventeen cybersecurity success factors. Uncovered from analyzing primary and secondary data gathered over several years, these success factors encompass people-, process-, and technology-driven measures. Numerous breach incidents, presented in the form of vignettes and cases, are used to highlight vulnerabilities and lessons learned. The book also provides useful resources such as cybersecurity readiness scorecard elements; a list of physical, technical, and administrative controls; an information security monitoring control guide; an overview of cybersecurity and privacy laws and regulations; cybersecurity performance measures; and case studies.

Professor Daniel O’Leary
Marshall School of Business, University of Southern California,

Dr. Chatterjee’s book fortifies the most essential truth when it comes to effective cybersecurity programs: “technology alone will not mitigate cybersecurity risks.” He identifies key traits that need to be engrained in organizational culture to support the cybersecurity mission as well as seventeen success factors within that cultural framework that any student or practitioner should consider when evaluating their security posture.

Stoddard Mannikin, Chief Information Security Officer
Prominent U.S. Pediatric Healthcare Organization

Dr. Dave’s book on cybersecurity management is an eye opener for all organizations in today’s world. He has taken tremendous efforts in presenting how to identify, defend, respond, and build resilience in case of cyberattacks in a very simple way. This book is very easy to understand and very important for the senior leadership team of an organization to gain thorough knowledge on the subject of cybersecurity.

Arun Kumar Narayan, Director, Audit & Asset Protection
Alshaya Group

Cyber threats, in their many and continuously evolving ways, remain more than ever an existential threat to virtually all companies, both large and small. In his new book Cybersecurity Readiness: A Holistic and High- Performance Approach, Dr. Chatterjee does an excellent job of breaking down these threats and providing a framework for creating a culture of engagement at all levels in an organization to effectively and proactively manage these threats. In my years leading enterprise IT organizations, I can personally attest to the effectiveness of the concepts outlined here and I wholeheartedly recommend this book. In fact, I believe that this should be required reading for anyone entering today’s workforce, regardless of their role. Cybersecurity is not an IT issue, which Dr. Chatterjee makes clear, but rather something that requires everyone’s knowledge and involvement. A must read!

Joseph Pekala, President
ESP Holdings LLC

Public and hybrid cloud adoption have made the boundaries of corporate IT infrastructure more nebulous, and the need for a well-defined and executed security strategy has never been greater. As companies increasingly pursue the financial benefits of cloudification by virtualizing and containerizing their application architectures, the architectural complexity and the number of potential vulnerabilities significantly increase. Dr. Chatterjee does a superb job of portraying both the business need and the technology approach to define a successful security strategy

Rob Purks, Senior Executive
Telecommunications Industry

Our financial lives, our business lives, and even our personal lives are all online. Cybersecurity is a non-negotiable investment for almost every company in our global community. Just as we have to make sure people walking into a store are physically safe during their experience, we have to ensure their information is safe when they ‘walk into” the cyber version. Professor Chatterjee’s book highlights the traits of a high-performing information security culture: commitment, preparedness, and discipline. His insight and accessible tactics make this book mandatory for any institution looking to mitigate financial and reputational risk.

Azi Quinn, Agile Transformation Leader
Financial Services Industry

Commitment, preparedness, and discipline in cybersecurity are things Professor Chatterjee has been advocating for many years. The book is a comprehensive summary for executives who wish to understand how cybersecurity has moved from a “techie” topic to a serious boardroom agenda and what organizations should be doing to not only defend, but also respond and build resilience in case of a cyberattack. Professor Chatterjee’s writing style is simple and offers an engaging, informative, and most importantly, actionable read and is highly recommended as an executive leadership must-read and must-discuss book.

Tushar Sachdev, Chief Technology Officer
KORE Wireless

Information security is a part of everyone’s responsibility; yet, too many people and organizations still do not completely understand and embrace this. People (and organization culture) continue to be the weakest link in most organization’s security postures. Too often, information security teams focus on technical solutions and audit-driven processes, while not being able to drive the organization-wide awareness, buy-in, and culture change that is needed to holistically secure the enterprise.

Dr. Chatterjee’s Cybersecurity Readiness: A Holistic and High- Performance Approach tackles this weakest link, the hardest part of information security. He uses high-performance culture traits, supporting success factors, and actionable guiding questions to integrate top-down and bottom-up human-centric approaches, to permeate information security awareness and ownership across the organization. His Cybersecurity Readiness Scorecard, built from these guiding questions, is an effective way to periodically assess and quantify an organization’s cultural cybersecurity maturity.

This book is definitely a must-read for everyone in the knowledge economy. If your organization uses this approach to fortify its cybersecurity culture, it will ultimately save your jobs and your reputation, enhance your competitiveness, and avoid millions to billions of dollars in costs down the line! Cancel the rest of your meetings today and start reading!

Zareer Siganporia, Chief Executive Officer
Trusted Tech Partners

Professor Chatterjee’s book is a must-read for any executive who views their organizations’ data as a strategic asset. It is one of the finest works I have read on giving a broad understanding of the dangerous cyber world we live in and why it is here to stay with us. His work provides an excellent framework for building and sustaining a high-performance security

culture, with appropriate systems and processes, to achieve cyber-risk resilience and operate business with confidence rather than fear.

Rohit Verma, Chief Executive Officer
Crawford & Company

Select a Purchasing Option

ISBN: 9781071837337

SAGE Knowledge is the premier social sciences platform for SAGE and CQ Press book, reference and video content.

The platform allows researchers to cross-search and seamlessly access a wide breadth of must-have SAGE book and reference content from one source.