Cyber & IT Supervisory Forum - November 2023

Additional Resources Page 2

Office of the Comptroller of the Currency (OCC)

•The Office of the Comptroller of the Currency (OCC) recently developed and distributed the Cybersecurity Supervision Work Program for use by examiners.: OCC

Center for Internet Security (CIS) Controls

•CIS provides a set of actionable controls that are widely accepted as best practices for securing IT systems and data. •Resource: CIS Controls

Journal of Cyber Policy

•A publication with a range of articles on the impact of cybersecurity policy on organizations. •Website: Journal of Cyber Policy

Cyber Risk Management by NACD

•Offers insights and frameworks for boards of directors to understand and approach cyber risk. •Guide: NACD Director’s Handbook on Cyber-Risk Oversight

Europol’s Internet Organized Crime Threat Assessment (IOCTA)

•Provides an analysis of cybercrime threats affecting organizations and offers projections for future risks. •Report: IOCTA Report

23

• The Checklist Manifesto: How to Get Things Right" by Atul Gawande • "The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage" by Cliff Stoll • "Ghost in the Wires: My Adventures as the World's Most Wanted Hacker" by Kevin Mitnick • "Cybersecurity and Cyberwar: What Everyone Needs to Know" by P.W. Singer and Allan Friedman • "Financial Cybersecurity Risk Management: Leadership Perspectives and Guidance for Systems and Institutions" by Paul Rohmeyer and Jennifer L. Bayuk • "Cyber Risk Leaders: Global C-Suite Insights - Leadership and Influence in the Cyber Age" by Shamane Tan • "Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door" by Brian Krebs • "Cybersecurity Law, Standards and Regulations (2nd Edition)" by Tari Schreider • "Cyber Security Policy Guidebook" by Jennifer L. Bayuk, Jason Healey, Paul Rohmeyer, Marcus H. Sachs, Jeffrey Schmidt, and Joseph Weiss

Reading List Recommendations

24