Sound guidance on design, implementation, and governance of cybersecurity policy

Now in its Second Edition, the Cybersecurity Policy Guidebook delivers an issue-focused treatment of public, private, and individual cybersecurity policy alternatives for treatment of systemic cyber risks. Seven practitioners from government, industry, and academia analyze overlapping perspectives of decision-makers, technology professionals, and critical infrastructure engineers within the recently transformed digital landscape.

The first edition dealt with threats to impersonation, infrastructure access, intellectual property, internet access, nation-state conflict, operational continuity, privacy, and supply chain. New to this edition is coverage of AI's impact on cybersecurity, cyber-physical systems, and custodial issues for technology platforms and other cyber-enabled services. The book addresses threat intelligence across industry sectors, governance frameworks, and risk appetite thresholds. A policy catalog reflects pros and cons of pressing policy positions.

Key topics also include:

• Communication strategies for conveying cybersecurity risk to decision makers across public and private levels of authority
• Policy objectives mapped to technology evolution, connecting operational choices with their broader strategic and regulatory implications
• Guidance on banking and financial services cybersecurity supervision, drawing on interagency regulatory frameworks and examination standards
• Operational technology and control system cybersecurity policy, addressing risks unique to industrial control systems and other cyber-physical systems
• Cross-disciplinary course alignment for programs in public policy, law, business, computer science, engineering, and social sciences

Cybersecurity Policy Guidebook serves leaders of public and private organizations, as well as technology professionals, industry analysts, scholars, and individuals seeking a structured reference on cybersecurity policy issues. Whatever the starting point of perspective, readers will gain the policy knowledge required to act with precision.