With cyberattacks resulting in often devastating results, it’s no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren’t always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company’s smartest minds to your benefit and theirs. Learn from Christian’s own journey from cybersecurity engineer to company CEO.

Leadership development speaker & consultant Andy Ellis is the former CSO of Akamai, where he contributed to the creation of Akamai's billion‑dollar cybersecurity business. He now brings his speaking, consulting, and business knowledge to listeners with 1% Leadership—based on the reality that real-world leadership is messy and complicated; it rarely fits into an acronym or a dogmatic overarching philosophy. Ellis says that there are no “irrefutable laws” of leadership or power; there is no secret.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

In The CISO Evolution: Business Knowledge for Cybersecurity Executives, information security experts Matthew K. Sharp and Kyriakos "Rock" Lambros deliver an insightful and practical resource to help cybersecurity professionals develop the skills they need to effectively communicate with senior management and boards. They assert business aligned cybersecurity is crucial and demonstrate how business acumen is being put into action to deliver meaningful business outcomes.

This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles, and responsibilities, this book walks the listener through each step of developing and implementing a cybersecurity program. If you're a business manager or executive who needs to make sense of cybersecurity, this audiobook demystifies it for you.

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

In The Art of Attack: Attacker Mindset for Security Professionals, Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage.

Cybersecurity involves people, policy, and technology. Yet most books and academic programs cover only technology. Hence the implementation of cybersecurity as a people powered perpetual innovation and productivity engine is not done. People think they can buy cybersecurity as a product when in fact the discipline is the modern practice of digital business strategy. People also equate cybersecurity with information security or security alone. However, security is a state, while cybersecurity is a process.

In our first publication, 90 Days: A CISO’s Journey to Impact, we profile some of the world’s leading enterprise cybersecurity leaders. They share their views on the role and advice to create rapid impact in a reasonable amount of time - 90 days. It is our hope that listeners, whether existing or future CISOs, gain insights to continuously improve and be their most effective selves.

In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark.

Finding the right position in cybersecurity is challenging. Being successful in the profession takes a lot of work. And becoming a cybersecurity leader responsible for a security team is even more difficult. In Navigating the Cybersecurity Career Path, decorated chief information security officer Helen Patton delivers a practical and insightful discussion designed to assist aspiring cybersecurity professionals entering the industry and help those already in the industry advance their careers and lead their first security teams.

It’s a signal paradox of our times that we live in an information society but do not know how it works. And without understanding how our information is stored, used, and protected, we are vulnerable to having it exploited. In Fancy Bear Goes Phishing, Scott J. Shapiro draws on his popular Yale University class about hacking to expose the secrets of the digital age. With lucidity and wit, he establishes that cybercrime has less to do with defective programming than with the faulty wiring of our psyches and society.

How can we apply technology to drive business value? For years we've been told that the performance of software delivery teams doesn't matter - that it can't provide a competitive advantage to our companies. Through four years of groundbreaking research to include data collected from the State of DevOps reports conducted with Puppet, Dr. Nicole Forsgren, Jez Humble, and Gene Kim set out to find a way to measure software delivery performance - and what drives it - using rigorous statistical methods.

This is a breakdown of the NIST risk management framework process for cybersecurity professionals getting into security compliance. It is written in layman's terms, without the convoluted way it is described in the NIST SP 800-37 revision 2. It goes into what the information system security officer does at each step in the process and where their attention should be focused. Although the main focus is on implementation of the NIST 800 RMF process, this book covers many of the main concepts on certifications, such as the ISC2 CAP.

The confluence of four technologies - elastic cloud computing, big data, artificial intelligence, and the internet of things - writes Siebel, is fundamentally changing how business and government will operate in the 21st century. Siebel masterfully guides listeners through a fascinating discussion of the game-changing technologies driving digital transformation and provides a roadmap to seize them as a strategic opportunity.

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

In How to Measure Anything in Cybersecurity Risk, Second Edition, a pioneering information security professional and a leader in quantitative analysis methods deliver yet another eye-opening text applying the quantitative language of risk analysis to cybersecurity. In the book, the authors demonstrate how to quantify uncertainty and shed light on how to measure seemingly intangible goals. It's a practical guide to improving risk assessment with a straightforward and simple framework.

Cybersecurity involves people, policy, and technology. Yet most books and academic programs cover only technology. Hence the implementation of cybersecurity as a people powered perpetual innovation and productivity engine is not done. People think they can buy cybersecurity as a product when in fact the discipline is the modern practice of digital business strategy. People also equate cybersecurity with information security or security alone. However, security is a state, while cybersecurity is a process.

Cybersecurity All-in-One For Dummies covers a lot of ground in the world of keeping computer systems safe from those who want to break in. This book offers a one-stop resource on cybersecurity basics, personal security, business security, cloud security, security testing, and security awareness. Filled with content to help with both personal and business cybersecurity needs, this book shows you how to lock down your computers, devices, and systems—and explains why doing so is more important now than ever.