Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
A CISO Guide to Cyber Resilience

You're reading from   A CISO Guide to Cyber Resilience A how-to guide for every CISO to build a resilient security program

Arrow left icon
Product type Paperback
Published in Apr 2024
Publisher Packt
ISBN-13 9781835466926
Length 238 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Debra Baker Debra Baker
Author Profile Icon Debra Baker
Debra Baker
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Part 1: Attack on BigCo FREE CHAPTER
2. Chapter 1: The Attack on BigCo 3. Part 2: Security Resilience: Getting the Basics Down
4. Chapter 2: Identity and Access Management 5. Chapter 3: Security Policies 6. Chapter 4: Security and Risk Management 7. Chapter 5: Securing Your Endpoints 8. Chapter 6: Data Safeguarding 9. Chapter 7: Security Awareness Culture 10. Chapter 8: Vulnerability Management 11. Chapter 9: Asset Inventory 12. Chapter 10: Data Protection 13. Part 3: Security Resilience: Taking Your Security Program to the Next Level
14. Chapter 11: Taking Your Endpoint Security to the Next Level 15. Chapter 12: Secure Configuration Baseline 16. Chapter 13: Classify Your Data and Assets 17. Chapter 14: Cyber Resilience in the Age of Artificial Intelligence (AI) 18. Index 19. Other Books You May Enjoy

Security awareness training is mandatory and tracked

Once your company begins on its compliance journey, whether it is SOC 2 Type 2 or ISO 27001, you will need records showing that every employee has taken annual security awareness training. Don’t worry if you haven’t been doing this in the years prior to getting SOC 2 Type 2 or ISO 27001. When you are ready to go for compliance, the security awareness training is mandatory once you are in your audit window. It is good to start doing security awareness training as soon as possible, and using one of these great platforms such as Curricula, KnowBe4, or Ninjio will make the process super easy. One thing to be aware of is that once you are in an audit period (for example, with SOC 2 Type 1), it

is a point-in-time (PIT) audit. The auditors come in and check the controls for a particular day and conduct the audit. For SOC 2 Type 2, you will decide on an audit reporting period from 3 months to 1 year. During that audit reporting...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image