Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

With cyberattacks resulting in often devastating results, it’s no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren’t always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company’s smartest minds to your benefit and theirs. Learn from Christian’s own journey from cybersecurity engineer to company CEO.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

In our first publication, 90 Days: A CISO’s Journey to Impact, we profile some of the world’s leading enterprise cybersecurity leaders. They share their views on the role and advice to create rapid impact in a reasonable amount of time - 90 days. It is our hope that listeners, whether existing or future CISOs, gain insights to continuously improve and be their most effective selves.

In A Leader's Guide to Cybersecurity, Thomas Parenty and Jack Domet, who've spent over three decades in the field, present a timely, clear-eyed, and actionable framework that will empower senior executives and board members to become stewards of their companies' cybersecurity activities. Filled with tools, best practices, and strategies, A Leader's Guide to Cybersecurity will help boards navigate this seemingly daunting but extremely necessary transition.

Cybersecurity involves people, policy, and technology. Yet most books and academic programs cover only technology. Hence the implementation of cybersecurity as a people powered perpetual innovation and productivity engine is not done. People think they can buy cybersecurity as a product when in fact the discipline is the modern practice of digital business strategy. People also equate cybersecurity with information security or security alone. However, security is a state, while cybersecurity is a process.

Thoroughly updated for the latest release of the Certified Information Systems Security Professional exam, this comprehensive resource covers all objectives in the 2021 CISSP exam developed by the International Information Systems Security Certification Consortium (ISC)2®. CISSP All-in-One Exam Guide, Ninth Edition features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations.

In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark.

Over the last decade, a single innovation has massively fueled digital black markets: cryptocurrency. Crime lords inhabiting lawless corners of the internet have operated more freely—whether in drug dealing, money laundering, or human trafficking—than their analog counterparts could have ever dreamed of. By transacting not in dollars or pounds but in currencies with anonymous ledgers, overseen by no government, beholden to no bankers, these black marketeers have sought to rob law enforcement of their chief method of cracking down on illicit finance: following the money.

The topic of security culture is mysterious and confusing to most leaders. But it doesn't have to be. In The Security Culture Playbook, Perry Carpenter and Kai Roer deliver experience-driven, actionable insights into how to transform your organization's security culture and reduce human risk at every level. This book exposes the gaps in how organizations have traditionally approached human risk, and it provides security and business executives with the necessary information and tools needed to understand, measure, and improve facets of security culture across the organization.

Leadership development speaker & consultant Andy Ellis is the former CSO of Akamai, where he contributed to the creation of Akamai's billion‑dollar cybersecurity business. He now brings his speaking, consulting, and business knowledge to listeners with 1% Leadership—based on the reality that real-world leadership is messy and complicated; it rarely fits into an acronym or a dogmatic overarching philosophy. Ellis says that there are no “irrefutable laws” of leadership or power; there is no secret.

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. Covering all CCSP domains, this book walks you through architectural concepts and design requirements, cloud data security, cloud platform and infrastructure security, cloud application security, operations, and legal and compliance with real-world scenarios to help you apply your skills along the way.

A straightforward look at the four domains of the ISACA Certified Information Security Manager exam. This book will help you get a firm grasp on the key topics needed for success with the exam. Included are over 120 practice questions covering the four domains of ISACA's CISM.

The world’s most trusted guide for leaders in transition. Transitions are a critical time for leaders. In fact, most agree that moving into a new role is the biggest challenge a manager will face. While transitions offer a chance to start fresh and make needed changes in an organization, they also place leaders in a position of acute vulnerability. Missteps made during the crucial first three months in a new role can jeopardize or even derail your success.

This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles, and responsibilities, this book walks the listener through each step of developing and implementing a cybersecurity program. If you're a business manager or executive who needs to make sense of cybersecurity, this audiobook demystifies it for you.

Through her global consulting projects, keynote speeches, and work with thousands of leaders, Karen has seen first-hand how a pervasive lack of clarity strangles business performance and erodes employee engagement. Ambiguity is the corporate default state, a condition so prevalent that “tolerance for ambiguity” has become a clichéd job requirement. It doesn’t have to be this way.

After two decades in the trenches of helping companies design and build better, more efficient operations, Karen Martin has pinpointed why performance improvement programs usually fail: Chaos, the sneaky but powerful force that frustrates customers, keeps business leaders awake at night, and saps company morale. In The Outstanding Organization, Karen offers a toolbox for combating chaos by creating the organizational conditions that will allow your improvement efforts to return greater gains.

The race is on to become a digital enterprise. Every organization has a plan for updating products, technologies, and business processes. But that's not enough anymore. With disruptive startups outperforming industry stalwarts, executives everywhere are pushing greater growth and innovation. Staying competitive demands a complete digital transformation.

Managers want great teams, but most build them around decades-old ideas and practices made popular by companies that have lost their edge. Extreme Teams looks at the new generation of teams driving growth in today's most innovative firms. They do this by doing things differently: hiring the right person instead of the best person; focusing on one priority while leaving room to explore new ideas; creating an environment where people are comfortable dealing with the uncomfortable.

Written for anyone trying to figure out how to make the most of their lives, Born to Build seeks to inspire entrepreneurs and ambitious, self-motivated people to build something that will change the world. A builder’s venture could be a small business that grows into a mammoth enterprise, a thriving new division in an existing company, a nonprofit, a social enterprise, a church, a school - anything that creates economic growth and makes a lasting impact on society.

Based on news reports, you might think there's a major cybersecurity threat every four to five months. In reality, there's a cybersecurity attack happening every minute of every day. In Cyber Crisis, Eric Cole gives listeners a clear-eyed picture of the information war raging in cyberspace. Drawing on 30 years of experience, Cole offers practical, actionable advice that even those with little technical background can implement, including steps to take on a daily, weekly, and monthly basis to protect their businesses and themselves.

The CISO's Guide to Securing Artificial Intelligence is an essential resource for cybersecurity professionals and CISOs seeking to navigate the complex landscape of AI security. Written by Russell D. Nomer, CISSP, a renowned expert in the field, this comprehensive guide provides practical insights and strategies to effectively protect AI systems from evolving threats. Published by Russell Nomer Consulting, Inc., it is a trusted source of knowledge and expertise in the cybersecurity industry. With the rapid adoption of AI across industries, it is imperative for organizations to understand ...

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

In our first publication, 90 Days: A CISO’s Journey to Impact, we profile some of the world’s leading enterprise cybersecurity leaders. They share their views on the role and advice to create rapid impact in a reasonable amount of time - 90 days. It is our hope that listeners, whether existing or future CISOs, gain insights to continuously improve and be their most effective selves.

Your smartphone, laptop, and desktop computer are more important to your life and business than ever before. On top of making your life easier and more productive, they hold sensitive information. Luckily for all of us, anyone can learn powerful data privacy and security techniques to keep the bad guys on the outside where they belong. Hacking For Dummies takes you on an easy-to-follow cybersecurity voyage that will teach you the essentials of vulnerability and penetration testing so that you can find the holes in your network before the bad guys exploit them.

With cyberattacks resulting in often devastating results, it’s no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren’t always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company’s smartest minds to your benefit and theirs. Learn from Christian’s own journey from cybersecurity engineer to company CEO.

Finding the right position in cybersecurity is challenging. Being successful in the profession takes a lot of work. And becoming a cybersecurity leader responsible for a security team is even more difficult. In Navigating the Cybersecurity Career Path, decorated chief information security officer Helen Patton delivers a practical and insightful discussion designed to assist aspiring cybersecurity professionals entering the industry and help those already in the industry advance their careers and lead their first security teams.

Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology.

Cloud technology has changed the way we approach technology. It's also given rise to a new set of security challenges caused by bad actors who seek to exploit vulnerabilities in a digital infrastructure. You can put the kibosh on these hackers and their dirty deeds by hardening the walls that protect your data. Using the practical techniques discussed in Cloud Security for Dummies, you'll mitigate the risk of a data breach by building security into your network from the bottom up.

In A Leader's Guide to Cybersecurity, Thomas Parenty and Jack Domet, who've spent over three decades in the field, present a timely, clear-eyed, and actionable framework that will empower senior executives and board members to become stewards of their companies' cybersecurity activities. Filled with tools, best practices, and strategies, A Leader's Guide to Cybersecurity will help boards navigate this seemingly daunting but extremely necessary transition.

In Cybersecurity and Cyberwar: What Everyone Needs to Know®, New York Times best-selling author P. W. Singer and noted cyberexpert Allan Friedman team up to provide the kind of deeply informative resource book that has been missing on a crucial issue of 21st-century life. Written in a lively, accessible style, filled with engaging stories and illustrative anecdotes, the book is structured around the key question areas of cyberspace and its security: how it all works, why it all matters....

Packed with insider information based on interviews, declassified files, and forensic analysis of company reports, The Hacker and the State sets aside fantasies of cyber-annihilation to explore the real geopolitical competition of the digital age. Tracing the conflict of wills and interests among modern nations, Ben Buchanan reveals little-known details of how China, Russia, North Korea, Britain, and the United States hack one another in a relentless struggle for dominance.

Cybersecurity involves people, policy, and technology. Yet most books and academic programs cover only technology. Hence the implementation of cybersecurity as a people powered perpetual innovation and productivity engine is not done. People think they can buy cybersecurity as a product when in fact the discipline is the modern practice of digital business strategy. People also equate cybersecurity with information security or security alone. However, security is a state, while cybersecurity is a process.

Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker's repertoire - why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly used techniques that fool even the most robust security personnel and reveals how these techniques have been used in the past.

In The Art of Attack: Attacker Mindset for Security Professionals, Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage.