How to outsmart risk Risk has been defined as the potential for losing something of value. In business, that value could be your original investment or your expected future returns. The Risk-Driven Business Model will help you manage risk better by showing how the key choices you make in designing your business models either increase or reduce two characteristic types of risk—information risk, when you make decisions without enough information, and incentive-alignment risk, when decision makers’ incentives are at odds with the broader goals of the company. Leaders who understand how the structure of their business model affects risk have the power to create wealth, revolutionize industries, and shape a better world. INSEAD’s Karan Girotra and Serguei Netessine, noted operations and innovation professors who have consulted with dozens of companies, walk you through a business model audit to determine what key decisions get made in a business, when they get made, who makes them, and why we make the decisions we do. By changing your company’s key decisions within this framework, you can fundamentally alter the risks that will impact your business. This book is for entrepreneurs and executives in companies involved in dynamic industries where the locus of risk is shifting, and includes lessons from Zipcar, Blockbuster, Apple, Benetton, Kickstarter, Walmart, and dozens of other global companies. The Risk-Driven Business Model demystifies business model risk, with clear directives aimed at improving decision making and driving your business forward.

The Risk-Driven Business Model introduces a toolkit to help innovators better conceive the disruptive business models that create wealth and revolutionize industries. In the book, the authors outline how to transform a company by revisiting the assumptions around the firm's key decisions. Business model innovation, the authors say, essentially is about WHAT key decisions get made in a business, WHEN they get made, WHO makes them, and WHY those individuals make the decisions they do. So by changing a company's approach to these choices, you can fundamentally alter the risks involved and invent new, superior business models.

Cyber Strategy: Risk-Driven Security and Resiliency provides a process and roadmap for any company to develop its unified Cybersecurity and Cyber Resiliency strategies. It demonstrates a methodology for companies to combine their disassociated efforts into one corporate plan with buy-in from senior management that will efficiently utilize resources, target high risk threats, and evaluate risk assessment methodologies and the efficacy of resultant risk mitigations. The book discusses all the steps required from conception of the plan from preplanning (mission/vision, principles, strategic objectives, new initiatives derivation), project management directives, cyber threat and vulnerability analysis, cyber risk and controls assessment to reporting and measurement techniques for plan success and overall strategic plan performance. In addition, a methodology is presented to aid in new initiative selection for the following year by identifying all relevant inputs. Tools utilized include: Key Risk Indicators (KRI) and Key Performance Indicators (KPI) National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) Target State Maturity interval mapping per initiative Comparisons of current and target state business goals and critical success factors A quantitative NIST-based risk assessment of initiative technology components Responsible, Accountable, Consulted, Informed (RACI) diagrams for Cyber Steering Committee tasks and Governance Boards’ approval processes Swimlanes, timelines, data flow diagrams (inputs, resources, outputs), progress report templates, and Gantt charts for project management The last chapter provides downloadable checklists, tables, data flow diagrams, figures, and assessment tools to help develop your company’s cybersecurity and cyber resiliency strategic plan.

In a world of contracting markets and diminished consumer demand, The Cambridge Group founder Rick Kash and Nielsen Company CEO David Calhoun show companies how to find new customers and bigger profits. How Companies Win makes The Cambridge Group’s proprietary demand model—a strategy which multi-million dollar corporations pay premium rates to access—available to the general public for the first time. Taking the reigns from Larry Bossidy’s Execution, W. Chan Kim and Renée Mauborgne’s Blue Ocean Strategy, and Kash’s own The New Law of Demand and Supply, this is a must-have for succeeding in business in the twenty-first century.

Organizations invest a lot of time, money, and energy into developing and utilizing risk management practices as part of their project management disciplines. Yet, when you move beyond the project to the program, portfolio, PMO and even organizational level, that same level of risk command and control rarely exists. With this in mind, well-known subject matter expert and author Andy Jordan starts where most leave off. He explores risk management in detail at the portfolio, program, and PMO levels. Using an engaging and easy-to-read writing style, Mr. Jordan takes readers from concepts to a process model, and then to the application of that customizable model in the user’s unique environment, helping dramatically improve their risk command and control at the organizational level. He also provides a detailed discussion of some of the challenges involved in this process. Risk Management for Project Driven Organizations is designed to aid strategic C-level decision makers and those involved in the project, program, portfolio, and PMO levels of an organization. J. Ross Publishing offers an add-on for a nominal fee -- Downloadable tools and templates for easy customization and implementation.

This book constitutes the proceedings of the 15th International Conference on Risks and Security of Internet and Systems, CRiTIS 2020, which took place during November 4-6, 2020. The conference was originally planned to take place in Paris, France, but had to change to an online format due to the COVID-19 pandemic. The 16 full and 7 short papers included in this volume were carefully reviewed and selected from 44 submissions. In addition, the book contains one invited talk in full paper length. The papers were organized in topical sections named: vulnerabilities, attacks and intrusion detection; TLS, openness and security control; access control, risk assessment and security knowledge; risk analysis, neural networks and Web protection; infrastructure security and malware detection.