Bøker av Jean-Christophe Gaillard

A must-read for top executives seeking to break patterns of frustration and breach around cybersecurity and a precious management summary to the "Cybersecurity Leadership Handbook for the CISO and the CEO"

The author (JC Gaillard) has been involved with information security matters for over 20 years and started writing regularly on the topic in 2015.Talking to CISOs, CIO, CEOs and their teams as part of his day-to-day field work as consultant, he became gradually horrified by what he was seeing in too many large corporates in terms of security maturity levels and the actual problems some were still struggling with - something that goes way beyond anecdotal evidence and is at the heart of survey after survey every year.After all, information security good practices have been well established for over 20 years and many industry bodies have been promoting them and evolving them throughout that period.Why is it that large firms which have had fully functioning information security teams in place all that time, and have spent - collectively - hundreds of millions on the topic if not more on cyber security, are still struggling today with issues - such as patch management - which should have been on their radar for over 10 years?There is truly a cyber security lost decade for many between the CodeRed, Slammer and Blaster outbreaks of 2001-2003 and the Wannacry and Not Petya attacks of 2017.By failing to get the basics right in terms of security during that time while continuing to engage in massive cloud-driven business transformation programmes which have turned the enterprise into a truly borderless hybrid, many large firms have dramatically increased their level of exposure to cyber threats. And now the acceleration of the digital transformation emboldened by the COVID crisis - which has also heightened cyber threats - is making things even more complex. And politicians and regulators are now involved as the GDPR and CCPA have shown us over the past few years, now with privacy legislations building up across the U.S. and worldwide.At Board level, the "when-not-if" paradigm around cyber-attacks has taken root, but it creates fundamentally different dynamics for CISOs and CIOs, as the focus shifts radically from risk and compliance towards execution and delivery, often in exchange of massive investments around security.To embed those different dynamics around cyber security and make true progress, large organisations must stop thinking of the topic in pure technological terms, look back and address urgently the underlying cultural and governance issues that have been the true roadblocks of that "lost decade".This is the theme the author has been developing since 2015 through his contribution to the Corix Partners blog and we offer you in this book a selection of articles published between February 2015 and August 2021.They frame a true reflexion on those matters and offer elements of solution to start changing the narrative around cyber security.

In this timely book, veteran information security advisor and thought leader JC Gaillard explains how a common thread in many of the highly publicized data security breaches that have rocked the corporate world in recent years is the neglect of basic cyber security practices. Gaillard doesn't merely cover how these security lapses occur-he also describes concrete steps organizations can take to bring their information security procedures in line with modern best practices. This guidance makes The Cyber Security Leadership Handbook for the CISO and the CEO an indispensable manual for individuals and organizations interested in boosting their knowledge of what it takes to protect their data in today's threat rich environment.Gaillard, who has advised many CEOs, CISOs, and CIOs on how to optimize their cyber security practices, takes an in-depth look at why many large firms have struggled with information security. In many cases, legacy issues which should have been resolved years ago are to blame. These organizations often compound the problem and expose themselves to significant risks by engaging in massive digital transformation efforts without covering their basic cyber security bases.The book features a collection of articles written from 2015-2022 on the topic of how organizations can improve their ability to counter threats to the security of their data. Throughout the book, Gaillard provides extensive advice to help CISOs and other executives bring their companies into compliance with the latest cybersecurity principles and plug any gaps in their defenses.With regulations like GDPR and CCPA privacy legislations building up across the U.S. and worldwide, a "when-not-if" paradigm around cyber-attacks has taken root at the Board level. Gaillard convincingly demonstrates that large organizations, and their CEOS and CISOs, must stop thinking of the topic in pure technological terms and address the underlying cultural and governance issues that have been the true roadblocks to robust cyber security. The solution Gaillard presents is intended to help change the narrative around cyber security and enable organizations to benefit from the greater security engendered by the approach he describes. The Cyber Security Leadership Handbook for the CISO and the CEO provides a roadmap designed to help take an organization's cyber defenses to the next level. It's a must-have for anyone interested in learning how a comprehensive, integrated approach can help organizations overcome legacy and current risks and build a robust, adaptive defense against cyber threats in the corporate world.