Introduction 1Part One People 3Chapter 1 From Technologist to Strategist 9Sanju MisraChapter 2 Communicating with the Board 21Marianne BaileyChapter 3 Building a Culture of Security 29Susan KoskiChapter 4 Who Is Behind the Evolving Threat Landscape? 43Jenny MennaChapter 5 Addressing the Skills and Diversity Gap 59Lisa DonnanPart Two Process 69Chapter 6 Effective Cyber Risk Management Requires Broad Collaboration 75Suzanne Hartin and Maria S ThompsonChapter 7 Blending NOC and SOC 91Mel T MigriñoChapter 8 Security by Design: Strategies for a Shift-Left Culture 103Anne Marie ZettlemoyerChapter 9 From Enforcer to Strategic Partner: The Changing Role of Governance, Risk, and Compliance 117Beth-Anne BygumChapter 10 Don't Let Cyber Supply Chain Security Be Your Weakest Link 135Terry RobertsPart Three Technology 155Chapter 11 Cybersecurity in the Cloud 161Fatima BoolaniChapter 12 The Convergence of Cyber and Physical: IoT and Edge Security 169Sonia E AristaChapter 13 Security-Driven Networking 181Laura DeanerChapter 14 Achieving End-to-End Security 193Renee TarunGlossary 205Resources We Rely On 215Index 223

RENEE TARUN is the Deputy CISO at Fortinet with a focus on enterprise security, compliance and governance, and product security. She has over 25 years of experience in the information technology and cybersecurity fields with leadership experience within the U.S. Intelligence Community, Department of Defense, law enforcement, and private sector organizations around the world. Prior to joining Fortinet, she served as Special Assistant to the Director of the National Security Agency (NSA) for Cyber and as Director of the NSA's Cyber Task Force.