97 Things Every Information Security Professional Should Know: Collective Wisdom from The Experts
The book is here!
97 Things Every Information Security Professional Should Know is a new book I have put together with some incredibly talented practitioners. After a year of hard work and effort, the book is finally available for sale.
But, what is an Information Security "InfoSec" Professional?
Information Security professionals implement and manage the technical controls, policies, procedures, operations of an organization's information technology infrastructure. We are responsible for protecting technology infrastructure, including but not limited to devices, networks, software, and applications. InfoSec pros are trained to find exploitable weaknesses and fix any potential issues to mitigate and minimize the risk of an attack.
But let's face it, information security can be vast and overwhelming and is precisely why knowledge sharing across the industry is vital!
Who is the target audience?
97 Things Every Information Security Professional Should Know has something for everyone. If you are new to InfoSec, there's plenty in here that will help guide your career in the right direction. On the other hand, if you've been around the block a few times and think you know everything there is to know, there's plenty in here that will challenge your current thought process and help you get better at what you do. This book is for anyone who wants to grow their knowledge of information security by learning from the best! Whether you are curious, entry-level, or have decades of experience in Information Security/cyber, it intends to help guide you through your journey by providing practical and technical knowledge you can put into practice starting today.
How was this book created?
When I was approached to create this book, I envisioned a guide full of practical and actionable advice to better help Information Security practitioners navigate the space. I worked with my editors at O'Reilly Media to develop a proposed list of non-exhaustive topics I thought would be essential to cover. My next step was to reach out to folks I knew with experience in the information security space and pitch them about contributing to the book. Because I wanted the book to be a diverse collection of thoughts, experiences, and practical advice, I also requested contributions via my social media channels. The responses were overwhelming, which also speaks to the power of this community.
What can I look forward to in the book?
97 Things Every Information Security Professional Should Know is a collection of 97 essays from some incredibly talented and knowledgeable practitioners. The book covers everything from career advice to technical controls, exploit mitigations, and more! In addition, each chapter provides practical knowledge to apply the information directly to your next project or task at hand. You'll find both industry veterans as well as up-and-coming experts. Some great examples include:
✅ Every Information Security Problem Boils Down to One Thing - Ben Smith
✅ Keeping People at the Center of Your Work - Camille Stewart
✅ Managing Security Alert Fatigue - Julie Agnes Sparks
✅ Building a New Security Program - Lauren Zink
In Conclusion
97 Things Every Information Security Professional Should Know is here to help you become better at what you do and help you better understand and put to practice:
📌 How to get started, whether you are new to the space or want to pivot into a different path within Information Security.
📌 How to assess an organization's security posture and build and scale an Information Security team and program.
📌 How to understand and implement security and risk management controls.
📌How to effectively communicate the importance of Information Security to C-level executives and more.
I hope this book helps guide you through your career in information security and that it provides some practical advice on how to be successful along the way! Through 97 concise and valuable tips, you'll learn to expand your skills and solve common issues by working through everyday security problems.
You can order the book wherever books are sold:
🔗 Amazon
🔗 O'Reilly
Here is a little gift from me and the folks at O'Reilly Media.
Use https://learning.oreilly.com/get-learning/?code=97ISP21 to sign-up for a 30-day free membership of the O’Reilly Learning Platform.
By the way, I absolutely love this platform. You get unlimited access to books, webinars, learning sessions, sandboxes and best of all, my book is live there and you can go read it :).