The technology landscape is changing fast; whether it is cloud computing, Zero Trust, AI, or the upcoming innovations of quantum computing. AI is already disrupting businesses and even everyday life. A successful security professional at any level of experience would need three key skills, namely functional acumen, business acumen, and communication skills.
This book enables a foundational understanding of several concepts across technical domains like networking, identity, cloud computing, and threat intelligence, functional security concepts like risk management, and running security programs. This book also brings about the essential connection of security program to the overall organizational objectives. And lastly, how to manage talent, measure security objectives, and communicate the risks and outcomes effectively.
By the end of this book, you will have the knowledge to appreciate the highly intertwined dimensions of security programs across people, process, and technology. This will prepare you to ensure that security objectives are directly aligned with your organization's business goals and to communicate that alignment effectively. Furthermore, you will gain several grounding concepts that are immediately useful for any practicing or aspiring CISO.
WHAT YOU WILL LEARN
● Foundational security principles, concepts, and their implementation.
● Risk management: frameworks, standards, and controls.
● Security of ports, protocols and services, cloud, and ZT.
● Understand IAM using RBAC, PAM, & SoD.
● Using threat intelligence to enrich CTEM, VM, and Incident Response.
● Drive security culture with human centric efforts.
● Managing talent with a competency framework.
● Design and implement a measurable and resilient security program for a successful business.
● Art of communication: from technical insights to boardroom.
WHO THIS BOOK IS FOR
This book is ideal for current security leaders, CISOs, risk professionals, and aspiring cybersecurity professionals. Even business executives seeking to understand the strategic importance of cybersecurity would find the concepts easier to comprehend and apply.
Sriram Lakshmanan (Sri) has over 25 years of experience in wide-ranging global security and risk leadership roles at Healthcare, Financial Institutions, Security Consulting, and Professional Services organizations.
He has experience in driving techno-human capabilities around defining, implementing, and running measurable security programs globally. He has built insights and gathered experience in the domains including infrastructure and application security, threat management, incident handling and reporting, open-source intelligence, and GRC (including third party risk management). He has built teams and processes from the ground up in not just information security but also in infrastructure delivery. The core of his approach is to drive the culture to equip the workforce to adapt to evolving threats and to enable business objectives securely.
Sri often speaks and participates in public forums such as industry events and security conferences like the RSAC.
Sri currently works as a Deputy CISO at a large technology-driven professional services organization. He has a Bachelor’s Degree in computer science from Delhi University and a Post Graduate Diploma in Business Management. Over the years, he has acquired several certifications from leading institutes like the ISC2, ISACA, and SANS.
