Facing Cyber Threats Head On

News breaks all the time that hackers have attacked another company. Media outlets regularly cover cyber events. The President issues executive orders, and Congress explores cyber legislation. With all these events happening, business leaders must ask: what does this mean for my business and me?

Facing Cyber Threats Head On looks at cyber security from a business leader perspective. By avoiding deep technical explanations of “how” and focusing on the “why” and “so what,” this book guides readers to a better understanding of the challenges that cyber security presents to modern business, and shows them what they can do as leaders to solve these challenges.

Facing Cyber Threats Head On explains that technology is not the answer to cyber security issues. People, not technology, are behind emerging cyber risks. Understanding this brings to light that cyber protection is not a battle of technology against technology, but people against people. Based on this, a new approach is required—one that balances business risk with the cost of creating defenses that can change as quickly and often as attackers can. Readers will find here a ready resource for understanding the why and how of cyber risks, and will be better able to defend themselves and their businesses against them in the future.

At RSA 2017, SecureNinjaTV caught up with author Brian Minick to discuss his thoughts on cybersecurity, and his new book ‘Facing Cyber Threats Head On’. The book deals with topics surrounding malware, malicious hackers, data breaches, and vulnerabilities in the cybersecurity world. 

Like many boys growing up, my friends and I used to play cops and robbers.  In that game you are either a “good guy” or a “bad guy” and I always liked being the good guy.  There was just something appealing about being the hero that could protect the innocent, stop the bad guys, and generally save the day.  While playing cops and robbers, we would invent elaborate and fantastical ways for the good guys to win.  They usually involved some level of super human strength and agility. 

As I got older I came face to face with the fact that I was not the super hero type.  In fact, I was more like the 90-pound weakling.  To further drive this point home to my developing mind, about this same time, I discovered that I’m a bit of a computer nerd.  My illusions of protecting people and saving the day were soon put behind me.  My cape would eventually be stuffed in the back of my closet with my safety blanket.

The upside to this is that I’m one of those people who have always known what they wanted to do when they grew up.  I got my first computer in the mid-80s and never looked back.  The only question in my mind was what exactly I would end up doing with computers.  Whether it would be writing programs for computers, teaching computer classes, or any of a large number of options in between, I wasn’t sure.  Generally speaking, I liked it all and would have been satisfied with any of them.

I spent a lot of time after college writing computer programs.  I loved solving problems for people by making computers do things that others couldn’t.  I still believe that computer programs are works of art.  Not only is there art and elegance in the algorithm, or the way the programmer instructs the computer, but the code itself and how it is formatted is artful as well.  At one point, I thought about printing some of my code and framing it.  Yep, that super hero cape was completely forgotten about and the dorky glasses and pocket protector had officially taken over.

Then, one day, something happened that forced me to dig deep into the closet and pull that cape out.  When I was first asked to be a cyber security leader, my primary directive was to keep bad guys from breaking into computers and stealing information.  It was like playing cops and robbers.  I was the good guy, once again trying to stop the bad guy and save the day, only this time it was for real.  To make it even better, the battleground was on computers.  I got to put on the cape and keep the pocket protector.  What could be better?

As a cyber security leader, I don’t really wear a cape, and for the record, I have never worn a pocket protector either.  However, myself and many other cyber security leaders like me do view ourselves as defenders of good.  In cyber security there really is a bad guy that is trying to break in, steal, harass, and take advantage of people.  It is the defender’s job to stop these bad guys.  I find doing that fascinating.

I personally find cyber security to be one of the most interesting topics.  It is not just good versus evil; it is not just technology against technology; it is strategy against strategy.  You have to out think the bad guy.  In some ways cyber security is like a chess game, and I love this element of the challenge.

As you read this book, we will explore not just the technical aspects of cyber security and how it got to be as large of a challenge as it is today, but we will also explore the personal nature of cyber security and how that needs to drive how we defend ourselves.  Cyber security is a rare discipline that combines technology with strategy.  I hope you come away from the book as intrigued and interested in cyber security as I am.