What do you think?
Rate this book
Rethinking InfoSec: Thoughts on why today's Information Security doesn't work, and how we can do better.
As one review on cybersecurity-professionals.com sums "If you are ready to make a fundamental change to the way you operate, that will save you money yet allow you to achieve so much more, this book is a must read!"Information Security spending is skyrocketing, both in absolute terms and as a percentage of IT spending. It seems the only thing increasing faster is the frequency and impact of breaches. It doesn't seem like the current approach is working very well, does it? Interestingly, the bulk of large breaches is caused by simple issues for which we've had the answers for decades, yet no one spotted. The answer, according to the nearly $250bn Information Security industry, is to spend more on technologies and services. Is it perhaps time to take a step back, shed our indoctrination, and have a fresh look at things?Greg van der Gaast started as one of the most notorious hackers of the late 1990's. He is now the Head of Information Security for the University of Salford, Managing Director of InfoSec Strategy consultancy CMCG, and a university lecturer and private trainer in Information Security leadership. He also is a frequent speaker on making security more human, accountable, and proactive. A candid critic of the security status quo, he is considered a nutter by many in the field. Conversely, he's lost count of how many management teams have told him he was the first security guy to ever make sense to them. Who's crazy? You decide.Rethinking InfoSec presents views on what causes many of today's issues and costs and thoughts on how we can create a lot more assurance with far, far less.Some of the topics implement effective InfoSec programmes.-Boost business alignment, collaboration, and buy-in.-Simplify and achieve assurance and compliance.-Ensure holistic coverage.-Avoid costly reactive approaches.-Reduce issues through proactivity.-Establish brand and influence.-Structure teams for maximum effectiveness.-Leverage human potential.Reduce information security pressure, stress, and spending, all while increasing assurance and reward. We can do better, lets.
248 pages, Paperback
Published March 18, 2020
15 people are currently reading
24 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
October 28, 2021
Essential reading for any security Consultant who really wants to make a difference
This is more of a mini autobiography than a traditional book on infosec but all the better for it. In parts it gives the impression of having been just thrown together in a Dominic Cummings style of conscious and would have benefited from an editor but still very much worth reading for any infosec person who actually cares about the world.
This is more of a mini autobiography than a traditional book on infosec but all the better for it. In parts it gives the impression of having been just thrown together in a Dominic Cummings style of conscious and would have benefited from an editor but still very much worth reading for any infosec person who actually cares about the world.
Displaying 1 of 1 review