- Everyone Knows What "Cybersecurity" Means
- We Can Measure How Secure Our Systems Are
- The Primary Goal of Cybersecurity Is Security
- Cybersecurity Is About Obvious Risks
- Sharing More Cyber Threat Intel Will Make Things Better
- What Matters to You Matters to Everyone Else
- Product X Will Make You Secure
- Macs Are Safer Than PCs, Linux Is Safer Than Windows
- Open Source Software Is More Secure Than Closed Source Software
- Technology X Will Make You Secure
- Process X Will Make You Secure
- Faerie Dust Can Make Old Ideas Magically Revolutionary
- Passwords Should Be Changed Often
- Believe and Fear Every Hacking Demo You See
- Cyber Offense Is Easier Than Defense
- Operational Technology (OT) Is Not Vulnerable
- Breaking Systems Is the Best Way to Establish Yourself
- Because You Can, You Should
- Better Security Means Worse Privacy
- Further Reading
This chapter is from the book
This chapter is from the book
This chapter is from the book
Further Reading
Anderson, Ross. Security Engineering, 3rd ed. Wiley, 2020.
Barnum, Todd. The Cybersecurity Manager’s Guide. O’Reilly, 2021.
Bishop, Matt. Computer Security: Art and Science. Pearson, 2019.
Garfinkel, Simson, and Spafford, Eugene. Web Security, Privacy, & Commerce, 2nd ed. O’Reilly and Associates, 2002.
Hubbard, Douglas W., and Seiersen, Richard. How to Measure Anything in Cybersecurity Risk. Wiley, 2016.
Kaufman, Charlie. Network Security: Private Communication in a Public World, 2nd ed. (R. Perlman and M. Speciner, eds.). Pearson, 2002.
Lipner, Steven B. “The Birth and Death of the Orange Book,” IEEE Annals of the History of Computing. Vol. 37, No. 2 (2015): 19–31; https://muse.jhu.edu/article/584410.
Loscocco, Peter A., Smalley, Stephen D., Muckelbauer, Patrick A., Taylor, Ruth C., Turner, Jeff S., and Farrell, John F. “The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments,” Proceedings of the 21st National Information Systems Security Conference, 1998.
Miller, Alyssa. Cybersecurity Career Guide. Manning, 2022.
NIST Risk Management Framework. https://csrc.nist.gov/Projects/risk-management.
NIST Zero Trust Architecture. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf.
Patton, Helen. Navigating the Cyber Security Career Path. Wiley, 2022.
Pfleeger, Charles P., et al. Security in Computing, 5th ed. Pearson, 2015.
Rasner, Gregory C. Cybersecurity and Third-Party Risk. Wiley, 2021.
Saydjari, O. Sami. Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time, 1st ed. McGraw-Hill Education, 2018.
Viega, John. The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know. O’Reilly, 2009.