As the new year starts, we shape our resolutions into reality. I’m sure many others will have joined me in adding a reading target to those resolutions. With that in mind, I would like to recommend these 5 books that have inspired and shaped some of my thinking regarding the unique challenges faced by our industry. I hope you see something among these cybersecurity books that will help you prepare for another eventful year in cybersecurity.
A Leader’s Guide to Cybersecurity: Why Boards Need to Lead—and How to Do It
– Thomas J. Parenty and Jack J. Domet
This book succinctly presents the core problem faced by cybersecurity practitioners. Budgets keep increasing, while breaches continue to proliferate. Be sure to give this a read for a fascinating dissection of the state of cybersecurity, and most importantly, how to strategically bring up cybersecurity challenges to a board for guidance and support.
Secrets and Lies: Digital Security in a Networked World
– Bruce Schneier
Schneier always pens an enjoyable and authoritative read, as evidenced by the enduring popularity of his blog, Schneier on Security. Secrets and Lies dispels myths and lies bare fundamental truths about cybersecurity, making it an essential read for techies and business leaders alike. In particular, Schneier asserts that “often the patterns of communications are just as important as the content of the communication.” For example, the fact that someone phones a known adversary every week is more important than the details of their conversation. This is an interesting concept that we should try to operationalize in cybersecurity. If a machine is communicating with adversary infrastructure, we may not know the content of the communication. However, we know something significant: that communication should not be happening in the first place.
The Singularity Is Near: When Humans Transcend Biology
– Ray Kurzweil
Written more than 15 years ago, The Singularity is Near remains as relevant today as ever. In it, Kurzweil explains how, while humans have a linear view of history, technology grows at an exponential rate. This simple mind-shift has vast implications. From the resources we’ll have available to us, to the challenges we’ll face, this book is required reading for anyone interested in what the future holds.
How to Measure Anything in Cybersecurity Risk
– Douglas W. Hubbard and Richard Seiersen
This book is a damning indictment of risk management practices in cybersecurity. Hubbard’s previous work, How to Measure Anything set out the need for better measurement in business. This time he goes further, shedding light on how some cybersecurity practices actually create more risk than they mitigate. This is an invaluable companion if you are planning on doing some soul-searching regarding your company’s cyber risk management practices.
The Needed Breakthrough in Cybersecurity
This freely-available cybersecurity ebook represents a curated collection of all the research and whitepapers previously released by Lumu Technologies to date. Here you will learn how control systems alongside new technologies driven by network metadata can turn around the current underperforming state of cybersecurity. Many of the books featured in this list influenced and informed this, the foundational document that lays out the desperate need for Continuous Compromise Assessment.