Scott E. Donaldson

Scott Donaldson, Stanley Siegel and Gary Donaldson interview many of the world's most influential chief technology officers in CTOs at Work, offering a brand-new companion volume to the highly acclaimed elite At Work books including Coders at Work, CIOS at Work and Venture Capitalists at Work. As the words “at work” suggest, the authors focus on how their interviewees tackle the day-to-day work of the CTO while revealing much more: how they got there, how they manage and allocate projects, and how they interact with business units and ensure that their companies take advantage of technologies, teamwork, and software development practices to respond to organizational needs and improve employee productivity. Surveying a variety of unique corporations, CTOs at Work offers insights into the present and future of CTOs in organizations around the world. Other books in the Apress At Work Series: Coders at Work, Seibel, 978-1-4302-1948-4 Venture Capitalists at Work, Shah & Shah, 978-1-4302-3837-9 CIOs at Work, Yourdon, 978-1-4302-3554-5 Founders at Work, Livingston, 978-1-4302-1078-8 European Founders at Work, Santos, 978-1-4302-3906-2 Women Leaders at Work, Ghaffari, 978-1-4302-3729-7 Advertisers at Work, Tuten, 978-1-4302-3828-7 Gamers at Work, Ramsay. 978-1-4302-3351-0

Use the methodology in this study guide to design, manage, and operate a balanced enterprise cybersecurity program that is pragmatic and realistic in the face of resource constraints and other real-world limitations. This guide is an instructional companion to the book Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats. The study guide will help you understand the book’s ideas and put them to work. The guide can be used for self-study or in the classroom.Enterprise cybersecurity is about implementing a cyberdefense program that will succeed in defending against real-world attacks. While we often know what should be done, the resources to do it often are not sufficient. The reality is that the Cybersecurity Conundrum—what the defenders request, what the frameworks specify, and what the budget allows versus what the attackers exploit—gets in the way of what needs to be done. Cyberattacks in the headlines affecting millions of people show that this conundrum fails more often than we would prefer.Cybersecurity professionals want to implement more than what control frameworks specify, and more than what the budget allows. Ironically, another challenge is that even when defenders get everything that they want, clever attackers are extremely effective at finding and exploiting the gaps in those defenses, regardless of their comprehensiveness. Therefore, the cybersecurity challenge is to spend the available budget on the right protections, so that real-world attacks can be thwarted without breaking the bank.People involved in or interested in successful enterprise cybersecurity can use this study guide to gain insight into a comprehensive framework for coordinating an entire enterprise cyberdefense program.What You’ll Learn Know the methodology of targeted attacks and why they succeedMaster the cybersecurity risk management processUnderstand why cybersecurity capabilities are the foundation of effective cyberdefensesOrganize a cybersecurity program's policy, people, budget, technology, and assessmentAssess and score a cybersecurity programReport cybersecurity program status against compliance and regulatory frameworksUse the operational processes and supporting information systems of a successful cybersecurity programCreate a data-driven and objectively managed cybersecurity programDiscover how cybersecurity is evolving and will continue to evolve over the next decade Who This Book Is For Those involved in or interested in successful enterprise cybersecurity (e.g., business professionals, IT professionals, cybersecurity professionals, and students). This guide can be used in a self-study mode. The book can be used by students to facilitate note-taking in the classroom and by Instructors to develop classroom presentations based on the contents of the original book, Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats.

The objective of APM Best Practices: Realizing Application Performance Management is to establish reliable application performance management (APM) practices—to demonstrate value, to do it quickly, and to adapt to the client circumstances. It's important to balance long-term goals with short-term deliverables, but without compromising usefulness or correctness. The successful strategy is to establish a few reasonable goals, achieve them quickly, and then iterate over the same topics two more times, with each successive iteration expanding the skills and capabilities of the APM team. This strategy is referred to as “Good, Better, Best”. The application performance monitoring marketplace is very focused on ease of installation, rapid time to usefulness, and overall ease of use. But these worthy platitudes do not really address the application performance management processes that ensure that you will deploy effectively, synergize on quality assurance test plans, triage accurately, and encourage collaboration across the application life cycle that ultimately lowers overall application cost and ensures a quality user experience. These are also fine platitudes but these are the ones that are of interest to your application sponsors. These are the ones for which you need to show value. This CA Press book employs this iterative approach, adapted pragmatically for the realities of your organizational and operational constraints, to realize a future state that your sponsors will find useful, predictable and manageable—and something that they will want to fund. In the meantime, you will learn the useful techniques needed to set up and maintain a useful performance management system utilizing best practices regardless of the software provider(s).