Cracking Security Misconceptions Book is now out!

Cracking Security Misconceptions

I’m excited to announce the release of the newest O’Reilly security ebook entitled Cracking Security Misconceptions: Untangling Common Myths About Modern Information Security. I was fortunate enough to get a chance to author and partner with O’Reilly on this content and it’s available for free download at oreilly.com or via this button here:

Publishing a book takes a fair amount of time and energy (shocker) and the last few years of my life I’ve devoted almost solely to building our company, Signal Sciences. So why did I spend time on this project?

Because Information security is hard and the industry needs more help!

The security industry has changed over the past 5 years due to the mainstream coverage in the media of a seemingly never ending trail of high profile breaches and hacks. This has brought unprecedented interest and support from boards, executives, and coworkers to what has long been a niche part of organizations.

That’s great news for security professionals right?

Well, mostly…

There have been a number of hidden challenges that come along with the new interest and support from other parts of the organization; not the least of which relate to the fact that non security professionals have an, oftentimes, deeply skewed perspective on the real challenges we’re up against.

The intentions of people eager to get involved and help are great. But misinformed people getting involved can be counter productive. This fact is exactly why I worked on this project.

Who can use this Ebook:

  • You’re an infosec professional and you are confused about why your coworkers/friends never understand what you work on. Read about what they’re confused about so you can help explain it to them (or just ask them to read it).
  • You’re an infosec professional and you want content to share with your coworkers/clients who are new to security to help them understand what you do and why you do it the way you do it.
  • Infosec is a new part of your job (or you want it to be) and you’re looking to get up to speed on the current state of security.
  • You’re generally interested in security, don’t know much about the current state, and want an insider perspective.

We have an incredible opportunity to use the huge spotlight on the security industry right now. There’s no question that we need the involvement and help from a broader community to solve the security problems we face, but we need a better way to get people informed on the real, nuanced challenges we face in modern information security. My hope is that Cracking Security Misconceptions is a useful resource for you and your teams to do just that.