finelybook
The Business of Cyber: Why You Should Question What Your Security Team Are Telling You
by 作者: Peter Fagan (Author)
Publisher Finelybook 出版社: CRC Press
Edition 版本: 1st
Publication Date 出版日期: 2024-02-23
Language 语言: English
pages 页数: : 266 pages
ISBN-10 书号: 1032462906
ISBN-13 书号: 9781032462905
Book Description
This book examines the cybersecurity phenomenon, looking at the folklore, the hype, and the behaviour of its practitioners. A central theme is that the management of cybersecurity needs to be owned by the people running the organisation, rather than by the cybersecurity team, who frequently don’t have management as a core skill. In order to effect that change, managers need to have the background and detail to challenge what they are being told, enabling them to engage in a way that will result in more appropriate outcomes for the business. This book provides that background and detail. It debunks a number of cyber-myths, and calls out basic errors in the accepted thinking on cyber. The content is strongly rooted in available research and presented in an accessible manner, with a number of business-related case studies. Each chapter in the book takes a theme such as end-user behaviours and compares the available evidence with what the industry would like to have its customers believe. The conclusion is that there is definitely a problem, and we certainly need cyber defences. Just not the ones the industry is currently selling.
About the Author
Peter Fagan has been working in the information security industry for well over twenty years, in a variety of roles and environments. About eight years ago, he asked himself the question “why isn’t this working?”. After all, if we’re selling security, surely after a while there ought to be less of a need for it? Asking that question kicked off a journey of personal research, academic research, and the hands-on practical implementation of contemporary approaches, based on the way people actually behave rather than the way security teams would like them to behave. That journey ultimately led to this book, which presents the argument that an industry focused on profit is more concerned with selling compliance than it is with selling protection. Along the way, the author draws upon formal business knowledge gained through an MBA and an MSc in organisational psychology.
