Product details
- ISBN 9781041249047
- Dimensions: 156 x 234mm
- Publication Date: 25 Sep 2026
- Publisher: Taylor & Francis Ltd
- Publication City/Country: GB
- Product Form: Hardback
Secure
checkout
Fast Shipping
Easy returns
In boardrooms and C-suites across the globe, a dangerous disconnect persists. Security teams speak in technical jargon about vulnerabilities and patches while executives think in terms of revenue, reputation, and operational continuity. This communication gap isn't just inconvenient; it's potentially financially devastating.
The business world has created an artificial distinction between "cybersecurity risks" and "business risks" that causes substantial confusion and poor decision-making. Whether your manufacturing plant on the Gulf Coast goes offline because of ransomware or a hurricane, the business impact remains the same: lost production, missed deliveries, financial damage. The root cause matters far less than the business outcome.
"Cyber risk is a myth: it's about the business" removes this artificial separation. Drawing on court cases, stock market data, and hard evidence, this book establishes a revolutionary premise: when properly understood and communicated, security risks ARE business risks. They require the same frameworks, language, and decision processes as any other business risk.
The book provides a practical methodology for translating technical security concerns into business language, integrating security into enterprise risk frameworks, building compelling business cases for security investments, and developing metrics that resonate with executives. The result? Better-informed decisions, appropriate resource allocation, and security that truly enables business success.
Kayne McGladrey is a CISSP-certified cybersecurity executive, author, and senior IEEE member with nearly three decades of experience in cybersecurity. He began his career as a systems administrator before moving into advisory roles where he helped Fortune 500 and Global 1000 companies translate technical risks into business decisions. McGladrey created the vendor-agnostic GRC Maturity Model, a four-stage framework that guides organizations in assessing and advancing their GRC capabilities.
He has spoken at RSA, Black Hat, Gartner IT Security and Risk, ISACA GRC, and other major conferences, emphasizing the need to treat risk management as a core business function rather than a static checklist.
McGladrey’s thought leadership appears in CSO Online, Dark Reading, Forbes, the Financial Times, and The Wall Street Journal, where he discusses AI-driven threats, regulatory trends such as the EU AI Act, and the business value of cybersecurity. He mentors emerging security professionals, contributes to IEEE policy discussions, and continues to shape enterprise security strategy through writing, podcasting, and consulting.
