Cantitate/Preț
Produs

Adversarial Risk Management: The Art and Science of Managing Organisation Security in the Hostile 21st Century

Autor Bruce Braes
en Limba Engleză Hardback – 23 dec 2026
Conventional risk management was not built for adversaries. The frameworks that organisations rely upon, ISO 31000, COSO ERM, and their derivatives, were designed for a world of probabilistic hazards, accidents, system failures, and random operational disruptions. Against a ransomware operator who studies your disaster recovery plan for weaknesses, a nation-state actor conducting multi-year reconnaissance through your supply chain, or an insider quietly exfiltrating intellectual property while compliance scores remain perfect, they fail. They fail because they were designed for a fundamentally different kind of risk, one governed by statistical distributions rather than human decision-making. An adversary is not a hurricane. Applying actuarial logic to intelligent, adaptive opponents does not produce security. It produces the appearance of security, and adversaries have learned to exploit the gap between the two.
This book makes the case for a different paradigm. Adversarial Risk Management places the adversary's decision-making at the centre of the analytical problem. If a threat actor cannot acquire the intent to harm your organisation, cannot develop or sustain the capability to do so, and cannot identify or create the opportunity to act, the risk does not materialise. ARM works by disrupting that chain, systematically and continuously, across every domain in which your organisation is exposed.
The framework rests on two interlocking constructs. The Intent, Capability, Opportunity model provides the analytical lens through which adversarial threats are deconstructed and understood. The Frame, Assess, Respond, Monitor cycle provides the operational discipline through which that analysis is translated into action, and renewed as adversaries evolve. ARM is applied across six security domains: cyber, physical, information, personnel, personal security, and supply chain, within a single coherent methodology that reflects how adversaries actually operate, without regard for organisational boundaries or disciplinary silos.
ARM does not ask organisations to discard existing governance structures. It integrates with ISO 27001, NIST CSF, COSO ERM, and ISO 31000, providing the adversarial layer those frameworks were never designed to deliver, and it gives security leaders the measurement tools to demonstrate genuine outcome rather than compliance activity.
This book is written for professionals who understand that the hostile twenty-first century demands more than compliance. It demands adversarial thinking.
Citește tot Restrânge

Preț: 71659 lei

Preț vechi: 94582 lei
-24% Precomandă

Puncte Express: 1075

Carte nepublicată încă

Livrare prin curier în România Precomanda se expediază când titlul devine disponibil.
Transport gratuit pentru acest produs Plată online sau ramburs, în funcție de opțiunile comenzii.
Retur gratuit în 14 zile Comandă securizată și suport în română.
Doresc să fiu notificat când acest titlu va fi disponibil:

Specificații

ISBN-13: 9781041095446
ISBN-10: 1041095449
Pagini: 432
Ilustrații: 38
Dimensiuni: 178 x 254 mm
Ediția:1
Editura: CRC Press
Colecția CRC Press

Public țintă

Professional Practice & Development, Professional Reference, and Professional Training

Cuprins

Part I: Foundations. The Case for an Adversarial Approach to Risk. Chapter 1: The Shifting Landscape: Redefining Risk in the Age of the Adversary. Chapter 2: The Adversarial Mindset: Deconstructing Intent, Capability, and Opportunity. Part II: Frameworks. The Architecture of Adversarial Risk Management. Chapter 3: The Adversarial Risk Management (ARM) Framework. Chapter 4: The Art of Foresight: Intelligence-Led Threat Identification and Analysis. Chapter 5: Beyond Probability: Modelling Adversarial Scenarios and Impact. Chapter 6: Measuring Adversarial Risk: Metrics, KRIs, and Demonstrating Value. Part III: Domains. Applying ARM Across the Security Landscape. Chapter 7: Designing Resilient Defence: The Science of Controls and the Art of Deterrence. Chapter 8: Cyber Security Domain: Managing Digital Adversarial Threats. Chapter 9: Physical Security Domain: Protecting Physical Assets and Spaces. Chapter 10: Information Security Domain: Protecting Organisational Knowledge. Chapter 11: Personnel and Insider Threat Domain: Managing Workforce Risk. Chapter 12: Personal Security Domain: Protecting Individuals from Targeted Threats. Chapter 13: Third-Party and Supply Chain Adversarial Risk. Part IV: Operations. Translating Analysis into Practice. Chapter 14: Legal, Regulatory, and Ethical Frameworks for ARM. Chapter 15: Strategic Governance and Operationalising ARM. Chapter 16: When the Adversary Wins: Adversarial Crisis Management and Response. Chapter 17: Building and Leading Security Teams. Chapter 18: Security Metrics and Performance Management. Chapter 19: Becoming Match Fit: Building and Scaling the ARM Programme. Part V: Leadership. Securing the Organisation from the Top. Chapter 20: The Perpetual Contest: Leadership, Strategy, and the Future of ARM.

Notă biografică

Bruce Braes
CSyP | CPP | CRISC | CNSP | PSP | FSyI | FISRM
Bruce Braes is a Chartered Security Professional with more than forty years of experience operating at the intersection of intelligence, risk management, and security design across the United Kingdom, Europe, the Middle East, Africa, Asia, and Australia. His career spans the full spectrum of the security profession, from early service in law enforcement and intelligence with the British South Africa Police,  Zimbabwe Central Intelligence Organisation and South African Military Intelligence, through the founding and leadership of global security enterprises, to his current position as Director and Global Head of Security and Public Safety Consulting at Buro Happold Engineers in Bath, where he leads multidisciplinary security design programmes for some of the world's most ambitious infrastructure projects. He is also the Principal of the RiskAdviza consultancy
That career trajectory from intelligence operative to entrepreneur, from risk manager on billion-dollar resource projects to security design lead on Saudi Arabia's giga-developments including, has given Bruce a perspective that few security professionals can claim. He has observed adversarial behaviour from the inside out. He has managed enterprise risk across forty countries and navigated the organisational and cultural complexities that determine whether security investments succeed or fail. It is this accumulated depth of practical experience, combined with rigorous academic inquiry, that forms the intellectual foundation of this book.
Bruce's academic credentials reflect the same commitment to cross-disciplinary rigour that defines his professional approach. He holds three master's degrees in Security Management from Loughborough University, in Engineering Risk Management from Swinburne University of Technology, and a research Master of Security Science from Edith Cowan University, supplemented by a Graduate Certificate in Strategic Risk Management. This sustained engagement with academic scholarship is evident throughout Adversarial Risk Management, which draws on security studies, organisational psychology, intelligence tradecraft, and decision theory to construct a framework that is both analytically grounded and operationally actionable.
As a Chartered Security Professional, Fellow of The Security Institute, a Fellow of the Institute of Strategic Risk Management, Principal Member of the Register of Security Engineers and Specialist and a UK Expert to both ISO Technical Committee 292 (Security and Resilience) and ISO Technical Committee 262 (Risk Management), Bruce participates directly in shaping the international standards that govern the profession. He holds nine professional certifications spanning physical security, cyber risk, nuclear security, and project risk management, a breadth that reflects his conviction that modern adversaries do not respect the disciplinary boundaries that security organisations habitually impose upon themselves.
Adversarial Risk Management is the culmination of a career spent questioning whether the tools and frameworks the security profession relies upon are genuinely fit for purpose against intelligent, adaptive threats. Bruce's answer, developed through decades of operational experience and formal research, is that they are not, and that a fundamentally different paradigm is required. This book presents that paradigm, not as an academic abstraction, but as a practical, implementable framework for organisations serious about competing and prevailing in an era of persistent adversarial challenge.
Bruce Braes is based in Somerset, United Kingdom. He can be contacted at enquiries@riskadviza.com

Descriere

Conventional risk management was not built for adversaries. The frameworks that organisations rely upon, ISO 31000, COSO ERM, and their derivatives, were designed for a world of probabilistic hazards, accidents, system failures, and random operational disruptions.