Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

With cyberattacks resulting in often devastating results, it’s no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren’t always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company’s smartest minds to your benefit and theirs. Learn from Christian’s own journey from cybersecurity engineer to company CEO.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing - as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.

In our first publication, 90 Days: A CISO’s Journey to Impact, we profile some of the world’s leading enterprise cybersecurity leaders. They share their views on the role and advice to create rapid impact in a reasonable amount of time - 90 days. It is our hope that listeners, whether existing or future CISOs, gain insights to continuously improve and be their most effective selves.

In The Art of Attack: Attacker Mindset for Security Professionals, Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage.

Cybersecurity involves people, policy, and technology. Yet most books and academic programs cover only technology. Hence the implementation of cybersecurity as a people powered perpetual innovation and productivity engine is not done. People think they can buy cybersecurity as a product when in fact the discipline is the modern practice of digital business strategy. People also equate cybersecurity with information security or security alone. However, security is a state, while cybersecurity is a process.

Thoroughly updated for the latest release of the Certified Information Systems Security Professional exam, this comprehensive resource covers all objectives in the 2021 CISSP exam developed by the International Information Systems Security Certification Consortium (ISC)2®. CISSP All-in-One Exam Guide, Ninth Edition features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations.

In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark.

Over the last decade, a single innovation has massively fueled digital black markets: cryptocurrency. Crime lords inhabiting lawless corners of the internet have operated more freely—whether in drug dealing, money laundering, or human trafficking—than their analog counterparts could have ever dreamed of. By transacting not in dollars or pounds but in currencies with anonymous ledgers, overseen by no government, beholden to no bankers, these black marketeers have sought to rob law enforcement of their chief method of cracking down on illicit finance: following the money.

Eleventh Hour CISSP®: Study Guide, Third Edition, provides readers with a study guide on the most current version of the Certified Information Systems Security Professional exam. This book is streamlined to include only core certification information and is presented for ease of last-minute studying. Main objectives of the exam are covered concisely with key concepts highlighted. This new edition is aligned to cover all material in the most current version of the exam’s Common Body of Knowledge.

Leadership development speaker & consultant Andy Ellis is the former CSO of Akamai, where he contributed to the creation of Akamai's billion‑dollar cybersecurity business. He now brings his speaking, consulting, and business knowledge to listeners with 1% Leadership—based on the reality that real-world leadership is messy and complicated; it rarely fits into an acronym or a dogmatic overarching philosophy. Ellis says that there are no “irrefutable laws” of leadership or power; there is no secret.

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. Covering all CCSP domains, this book walks you through architectural concepts and design requirements, cloud data security, cloud platform and infrastructure security, cloud application security, operations, and legal and compliance with real-world scenarios to help you apply your skills along the way.

A straightforward look at the four domains of the ISACA Certified Information Security Manager exam. This book will help you get a firm grasp on the key topics needed for success with the exam. Included are over 120 practice questions covering the four domains of ISACA's CISM.

The world’s most trusted guide for leaders in transition. Transitions are a critical time for leaders. In fact, most agree that moving into a new role is the biggest challenge a manager will face. While transitions offer a chance to start fresh and make needed changes in an organization, they also place leaders in a position of acute vulnerability. Missteps made during the crucial first three months in a new role can jeopardize or even derail your success.

Through her global consulting projects, keynote speeches, and work with thousands of leaders, Karen has seen first-hand how a pervasive lack of clarity strangles business performance and erodes employee engagement. Ambiguity is the corporate default state, a condition so prevalent that “tolerance for ambiguity” has become a clichéd job requirement. It doesn’t have to be this way.

After two decades in the trenches of helping companies design and build better, more efficient operations, Karen Martin has pinpointed why performance improvement programs usually fail: Chaos, the sneaky but powerful force that frustrates customers, keeps business leaders awake at night, and saps company morale. In The Outstanding Organization, Karen offers a toolbox for combating chaos by creating the organizational conditions that will allow your improvement efforts to return greater gains.

The race is on to become a digital enterprise. Every organization has a plan for updating products, technologies, and business processes. But that's not enough anymore. With disruptive startups outperforming industry stalwarts, executives everywhere are pushing greater growth and innovation. Staying competitive demands a complete digital transformation.

Companies need high potential leaders (Hi-Pos) more than ever before to help them adapt to today's tumultuous, digitally-driven business environment. If you meet the Hi-Po criteria, you're in high demand - and this book explains how to fast-track yourself.

Managers want great teams, but most build them around decades-old ideas and practices made popular by companies that have lost their edge. Extreme Teams looks at the new generation of teams driving growth in today's most innovative firms. They do this by doing things differently: hiring the right person instead of the best person; focusing on one priority while leaving room to explore new ideas; creating an environment where people are comfortable dealing with the uncomfortable.

In How to Measure Anything in Cybersecurity Risk, Second Edition, a pioneering information security professional and a leader in quantitative analysis methods deliver yet another eye-opening text applying the quantitative language of risk analysis to cybersecurity. In the book, the authors demonstrate how to quantify uncertainty and shed light on how to measure seemingly intangible goals. It's a practical guide to improving risk assessment with a straightforward and simple framework.

In Cybersecurity and Cyberwar: What Everyone Needs to Know®, New York Times best-selling author P. W. Singer and noted cyberexpert Allan Friedman team up to provide the kind of deeply informative resource book that has been missing on a crucial issue of 21st-century life. Written in a lively, accessible style, filled with engaging stories and illustrative anecdotes, the book is structured around the key question areas of cyberspace and its security: how it all works, why it all matters....

Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing - as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology.

In A Leader's Guide to Cybersecurity, Thomas Parenty and Jack Domet, who've spent over three decades in the field, present a timely, clear-eyed, and actionable framework that will empower senior executives and board members to become stewards of their companies' cybersecurity activities. Filled with tools, best practices, and strategies, A Leader's Guide to Cybersecurity will help boards navigate this seemingly daunting but extremely necessary transition.

In The Art of Attack: Attacker Mindset for Security Professionals, Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage.

In our first publication, 90 Days: A CISO’s Journey to Impact, we profile some of the world’s leading enterprise cybersecurity leaders. They share their views on the role and advice to create rapid impact in a reasonable amount of time - 90 days. It is our hope that listeners, whether existing or future CISOs, gain insights to continuously improve and be their most effective selves.

As cyber attacks dominate front-page news, as hackers join the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War by Slate columnist and Pulitzer Prize-winning journalist Fred Kaplan.

If keeping your business or your family safe from cybersecurity threats is on your to-do list, Cybersecurity for Dummies will introduce you to the basics of becoming cyber-secure! You'll learn what threats exist, and how to identify, protect against, detect, and respond to these threats, as well as how to recover if you have been breached!

Based on news reports, you might think there's a major cybersecurity threat every four to five months. In reality, there's a cybersecurity attack happening every minute of every day. In Cyber Crisis, Eric Cole gives listeners a clear-eyed picture of the information war raging in cyberspace. Drawing on 30 years of experience, Cole offers practical, actionable advice that even those with little technical background can implement, including steps to take on a daily, weekly, and monthly basis to protect their businesses and themselves.

Packed with insider information based on interviews, declassified files, and forensic analysis of company reports, The Hacker and the State sets aside fantasies of cyber-annihilation to explore the real geopolitical competition of the digital age. Tracing the conflict of wills and interests among modern nations, Ben Buchanan reveals little-known details of how China, Russia, North Korea, Britain, and the United States hack one another in a relentless struggle for dominance.

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security. Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide.

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. Covering all CCSP domains, this book walks you through architectural concepts and design requirements, cloud data security, cloud platform and infrastructure security, cloud application security, operations, and legal and compliance with real-world scenarios to help you apply your skills along the way.

Cybersecurity Essentials provides a comprehensive introduction to the field, with expert coverage of essential topics required for entry-level cybersecurity certifications. An effective defense consists of four distinct challenges: securing the infrastructure, securing devices, securing local networks, and securing the perimeter. Overcoming these challenges requires a detailed understanding of the concepts and practices within each realm.