Читать книгу Digital transformation for chiefs and owners. Volume 3. Cybersecurity - Джимшер Челидзе - Страница 2

Hello, dear reader. This is the final book on digitalization and digital transformation. In the first book, we looked at what digitalization and digital transformation are, why they are needed, what is the difference, what are the pitfalls. In the second they were introduced to the system approach, which is applicable not only for digital transformation, but also in general for any business. The system approach combines proven tools and digitalization, is accessible to anyone and aims to increase the impact of digital technologies, as well as to minimize the risks associated with the organization of work. At the same time, in the first part we talked that in the role model for digital transformation a specialist in information security is needed. Additionally, this is the direction I decided to devote a separate book.

It would seem that digitalization and cyber-free are incompatible, but it is impossible to continue digitalizing without befriending them. Recently at Denis Batrankov I have met a good definition of why it is necessary to deal with information security now: Previously, security was built on the story of the shark: you do not need to be ahead of everyone floating from it – enough to be ahead of the latter. However, now, when you are the target of the shark – it is more difficult to defend”. Additionally, this definition very accurately describes the current situation, as every year hackers’ attacks become more targeted. Additionally, 2022 in general became a landmark.

This book would not have been without the research of Positive Technology (hereinafter – PT), which became my first guides to the world of cybersecurity. Additionally, if you like to immerse yourself thoroughly in the primary sources, details, I recommend you study these studies. QR codes and links to them will be at the end of the book.

The book consists of three parts. The first is devoted to the review and analysis of the current situation. There will be many numbers, statistics, analysts, money. The task of the first part – to form your awareness of the problem and the understanding that information security (hereinafter – IS) – is a direction as strategic as all digitalization, and it is worthy of your attention. The main thesis is at once – a bottleneck in security, as in all digitalization – processes and people, not only yours, but also in the team of software developers (further – software).

The second part deals with the integration of information security from a systems perspective.

Well, the third part is devoted to practical recommendations on what to do here and now, how to choose IT solutions for information security, what people need to know and what competencies are needed.

If you’ve read previous books, you already know my approach – to control someone and delegate tasks, to trust your team, you need at least a basic understanding of its work. And the key task of the whole book is to give you the basic knowledge to build effective work with your team and the IS Director (hereinafter – CISO) with the least labor and risk for you.

Additionally, to avoid any misunderstanding, let’s look at the difference between information security and cybersecurity?

Information security is an activity that involves the prevention of unauthorized access, use, disclosure, distortion, modification, research, recording or destruction of information.

Cyber security is all the same, only related to IT systems and computers.