THE OFFICAL WEBSITE OF DR. DAVE CHATTERJEE, PH.D.
Message From Dr. Dave:
Probably the most foolproof method of preparing for data breaches is to frequently back up sensitive data and carry out regular tests to ensure the backed-up data is easily retrievable.
The leadership must commit to helping the Chief Information Security Officer (CISO) and their team succeed. The CISO should not be treated as a scapegoat, i.e., someone to put blame on when there is a breach.
There is growing recognition that the Chief Information Security Officer (CISO) is much more than a risk or technology officer. They are business enablers and must be involved in strategic and value creation activities.
High performing organizational cultures recognize that cybersecurity is a business issue of strategic significance; it is not just a technology matter that can be outsourced to a security team within or outside the company.
Information security leaders must recognize that there is more to the organization than security. While securing data and related assets is critical, the controls should not become an impediment to growth and operating efficiency.
A strategic and mature approach to securing the organization is contingent upon effective alignment with the overall goals and priorities of the organization.
Deciding on a cybersecurity budget and sustaining it over a period of time is a challenge that firms must face head-on. The funding must be sustained over long-term, as it takes time to build robust defense capabilities.
Through cross-functional involvement, the silo mindset is likely to be replaced with a more holistic view of the organization’s information security needs. Such shared understanding is essential for creating and sustaining a truly engaged and committed security culture.
A successful and effective cybersecurity program cannot be developed or executed solely by the IT or Information Security function. Every aspect of cybersecurity governance can benefit from strong cross-functional participation.
While top management needs to lead the way, information security needs to be everyone’s concern. Strong partnerships need to be forged among all stakeholders.
No stone should be left unturned, so the organization is able to effectively answer the question that stakeholders are likely to ask after a successful attack: “What did this institution do to prepare?”
The senior leadership needs to support every aspect of cybersecurity governance – from strategic planning to education and training, hiring of talent, mobilizing organization wide support, instituting appropriate roles and responsibilities, and remediation of vulnerabilities.
When top management proactively takes every possible precaution to protect sensitive data because it is the right thing to do and not because there is a legislative requirement, that’s when the organization would have taken a huge step forward in earning customer confidence and trust.
For cybersecurity governance to be truly effective, top management needs to be very hands-on in their approach -- from making every effort to learn about the organization’s vulnerability points and defense mechanisms to proactively engaging with and serving on different security governance committees.
The battle or war against current and future cyber threats must be fought holistically and comprehensively by adopting people, process, and technology driven measures.
There are several pieces to the complex puzzle of cybersecurity management and technology is only one of them. Committed leadership, robust governance procedures, informed and motivated personnel are other success factors.
Make a conscious effort to abstain from mindless use of technology.
As technology continues to significantly influence and transform our personal and professional lives, it is incumbent on us to make responsible and ethical use of this powerful resource.
"Technology not for technology’s sake but for the sake of business” needs to be the mantra guiding organizational use of technology.
A strong partnership, founded on joint ownership and accountability, should be forged between business and IT functions to drive value in the digital age.
WANT Dr. DAVE TO SPEAK AT YOUR EVENT?
You gave me quite a surprise.
I had gone to bed early, for I wasn’t feeling well after the second dose of a vaccine. I thought I would take a casual look at your book about cybersecurity that had just arrived. I stayed up until two in the morning reading your book. I read it like a Conan Doyle novel; I could not let go. Not only is the book beautifully written, in a mellifluous style, the masterly narration of facts and ideas makes it hard to put down.
One more thing. I spent a large part of my life in business and, while in IBM, I woke up to the easy abuse of data. Books that really help are hard to find. You have written one. It will be of profound use to executives. One look at your superb appendices should convince anyone of that. I hope that Sage realizes what a gem you have given them and markets the book with the vigor it eminently deserves.
Manish NandyAuthor and Columnist
This invaluable book “Cybersecurity Readiness: A Holistic and High-Performance Approach” combines academic rigour with practitioner driven insights to provide clear guidance for organisations to enhance their cybersecurity readiness.
Professor Edgar A. WhitleyLondon School of Economics and Political Science
Professor Chatterjee’s book does an outstanding job of identifying the different kinds of cybersecurity attacks and describing the various managerial, organizational, and technological preventive measures. Dave’s book is highly readable and actionable, with numerous examples drawn from recent accounts of cybersecurity attacks and data breaches.
Professor Hugh J. WatsonManagement Information Systems Department, Terry College of Business, The University of Georgia
Professor Chatterjee’s book is a must-read for any executive who views their organizations’ data as a strategic asset. It is one of the finest works I have read on giving a broad understanding of the dangerous cyber world we live in and why it is here to stay with us. His work provides an excellent framework for building and sustaining a high-performance security culture, with appropriate systems and processes, to achieve cyber-risk resilience and operate business with confidence rather than fear.
Rohit VermaChief Executive Officer, Crawford & Company
This book is definitely a must-read for everyone in the knowledge economy. If your organization uses this approach to fortify its cybersecurity culture, it will ultimately save your jobs and your reputation, enhance your competitiveness, and avoid millions to billions of dollars in costs down the line! Cancel the rest of your meetings today and start reading!
Zareer SiganporiaChief Executive Officer, Trusted Tech Partners
Commitment, preparedness, and discipline in cybersecurity are things Professor Chatterjee has been advocating for many years. The book is a comprehensive summary for executives who wish to understand how cybersecurity has moved from a “techie” topic to a serious boardroom agenda and what organizations should be doing to not only defend, but also respond and build resilience in case of a cyberattack. Professor Chatterjee’s writing style is simple and offers an engaging, informative, and most importantly, actionable read and is highly recommended as an executive leadership must-read and must-discuss book.
Tushar SachdevChief Technology Officer, KORE Wireless
Professor Chatterjee’s book highlights the traits of a high-performing information security culture: commitment, preparedness, and discipline. His insight and accessible tactics make this book mandatory for any institution looking to mitigate financial and reputational risk.
Azi QuinnAgile Transformation Leader, Financial Services Industry
Dr. Chatterjee does a superb job of portraying both the business need and the technology approach to define a successful security strategy.
Rob PurksSenior Executive, Telecommunications Industry
In my years leading enterprise IT organizations, I can personally attest to the effectiveness of the concepts outlined here and I wholeheartedly recommend this book. In fact, I believe that this should be required reading for anyone entering today’s workforce, regardless of their role. Cybersecurity is not an IT issue, which Dr. Chatterjee makes clear, but rather something that requires everyone’s knowledge and involvement. A must read!
Joseph PekalaPresident, ESP Holdings LLC
Dr. Dave’s book on cybersecurity management is an eye opener for all organizations in today’s world. He has taken tremendous efforts in presenting how to identify, defend, respond, and build resilience in case of cyberattacks in a very simple way.
Arun Kumar NarayanDirector, Audit & Asset Protection, Alshaya Group
Dr. Chatterjee’s book fortifies the most essential truth when it comes to effective cybersecurity programs: “technology alone will not mitigate cybersecurity risks.” He identifies key traits that need to be engrained in organizational culture to support the cybersecurity mission as well as seventeen success factors within that cultural framework that any student or practitioner should consider when evaluating their security posture.
Stoddard MannikinChief Information Security Officer, Prominent U.S. Pediatric Healthcare Organization
Prof. Chatterjee’s book is a very pragmatic and comprehensive guide to cybersecurity readiness. The governance framework is both powerful and easy to comprehend. Anchored on three high-performance security culture dimensions of commitment, preparedness, and discipline, the framework presents a set of seventeen cybersecurity success factors
Professor Daniel O’LearyMarshall School of Business, University of Southern California, Los Angeles
Very few issues in the modern world are as pervasive to individuals, corporations, and governments as that of cybersecurity. Dave brings to light aspects that have received too little attention, that is, the human factor, which provides a context that is central to this issue. The “success factors” he puts forward in the book provide any organization with the means to benchmark and monitor changes in programs of all sizes.
Professor Jimmie LenzDirector, Master of Engineering in FinTech and Master of Engineering in Cybersecurity, Pratt School of Engineering, Duke University
Professor Chatterjee leads his readers into the domain organizational aspects of cybersecurity and provides mechanisms to assess and plan a company’s readiness for future vulnerabilities and not just respond to the threats from a technical viewpoint. The book would find favor with an entire generation of business leaders interested in creating a secure organization.
Professor Ashish Kumar JhaTrinity College Dublin
While there are many publications focused on the technical aspects of cybersecurity, very few provide such a well-formulated crosswalk between the technical and business sides of cyber risk. Cybersecurity Readiness: A Holistic and High-Performance Approach provides a clear roadmap for security practitioners to utilize as they build comprehensive information security programs, and it also guides business leaders and board members as they navigate through the journey of understanding and managing cyber risk as an enterprise risk.
Gretchen HileyChief Information Security Officer, Senior Vice President, Global Information Security, Crawford & Company
Dr. Dave Chatterjee is a renowned scholar and technology thought leader. His vast knowledge and insight into the world of cybersecurity is well known and widely sought after by industry, academic, and government leaders around the globe. Now he delivers a book that gives leaders a real-world, coherent understanding of what they face and the multiple dimensions necessary to prepare and respond
Dr. Anne DeBeerFormer Senior Vice President & Chief Information Officer/Chief Financial Officer, Federal Reserve Bank of Atlanta
WHAT Dr. DAVE'S UP TO
Keynote Speaker, EasyIT SLED Event, Feb 8, 2022
Guest Speaker, Prof. Missy Cumming's class on The Human Element in Cybersecurity, Pratt School of Engineering, Duke University, Nov 4, 2021
Invited Speaker,Cybersecurity Education Done Right: An Inclusive and Holistic Approach, Christine and Lou Friedrich Speaker Series, University of Illinois at Springfield, Oct. 22, 2021
Chatterjee, D., Barsainyan, T., Hazari, A., Kish, K., & Renee, F., (2021). Car buying in the digital age: Key elements of an ideal dealership experience. In SAGE Business Cases. SAGE Publications, Ltd., https://www.doi.org/10.4135/
Featured Speaker, "Cybersecurity Readiness: A Holistic and High-Performance Approach," School of Engineering, Mercer University, November 6, 2020
Keynote Speaker, "How to Safely Navigate and Operate Your Systems During a Pandemic," 2020 Hartwell/Hart County Virtual Cybersecurity Summit, July 10, 2020
Featured Speaker, "Cybersecurity Preparedness and Big Data Analytics,” Trinity College Dublin, June 8, 2020
Reviewer, Cybersecurity Project Proposal, National Nuclear Security Administration, Department of Energy, April 2020
Invited Speaker, Initiative for the Digital Economy at Exeter (INDEX), University of Exeter, London, February 13, 2020
Chatterjee, D. et al. (2021). Car Buying in the Digital Age: Key Elements of an Ideal Dealership Experience. SAGE Business Cases.
Workshop on Enterprise Digitization Trends and Implications, Centers for Disease Control and Prevention (CDC), January 24, 2020
Member, Chief Information Security Officer (CISO) SWAT Team for CISOs, Cybersecurity Collaborative (2018-2019)
Guest Editor, Special Issue on Intelligent Green Communication Networks for 5G and Beyond