CyRM: Mastering the Management of Cybersecurity

By David X Martin
Published April 2021 by CRC Press

David X Martin’s latest book is a must-read for CEOs, CROs and CISOs who are ambitious about the business growth.


It simply cannot happen if Cyber Risk Management (CyRM℠) isn’t an integral part of your organization’s vision, strategy, and operations. This is the culmination of wisdom gained through David’s career in strategic leadership, risk management and cybersecurity for the likes of PwCCitibank and AllianceBernstein, among other leading institutions.

Here’s the story behind the the book, straight from author David X Martin.


I was compelled to write this book. After decades of leading financial services, risk management and technology, I know the 360-degree landscape of risks facing business today, and can anticipate tomorrow. My mission is helping business leaders sleep better at night by equipping them with critical Cyber Risk Management tools because technology is both the greatest asset and our weakest link of a company. It pervades all, from how a business runs to how it delivers value and protects itself and customers. So how do we flourish in this perilous environment? My answer is to adopt the CyRM approach in your company. This book lays it out for business leaders, IT managers, and other key roles. In each chapter, I’ve highlighted what you need to know about navigating today’s dangerous cybersecurity terrain, and outlined the proactive steps you need to take to prepare your company — and yourself — to survive, and even thrive.


In far too many companies today, involvement with cybersecurity is an afterthought, bolted onto what people do each day to hopefully create a secure environment. It’s a defensive action, and this approach just does not work: Learnings rarely take hold after mistakes happen and not enough attention is devoted crafting a thorough solution. There’s a real disconnect between executive decision-making and the siloed work of IT professionals, which ought to keep more people up at night because every new estimate has increased levels of new threats. Boards and C-level executives mistakenly think compliance will save them, but in reality, compliance does not equal appropriate levels of protection.

A better approach is Cyber Risk Management as an offensive strategy. CyRM shifts the mindset from fighting yesterday’s war to recognizing today’s and tomorrow’s threats and meeting those challenges. It approaches cybersecurity as a managerial issue.

CyRM correctly treats security as a business problem and embeds cybersecurity within business decision-making to impact business outcomes. CyRM goes beyond getting cybersecurity right, it’s a new paradigm for futureproofing business growth. Essential. 

Read the reviews


Mastering the Management of Cybersecurity
By David X Martin
Part of the 
Internal Audit & IT Audit series by CRC Press, a division of Taylor & Francis Group
April 2021
Order the hardcover book — 20% off with code FLY21
Purchase the Kindle version on Amazon