In June of 2020, Volume 1 and Volume 2 of the CISO Desk Reference Guide® were inducted into the Cybersecurity Canon Hall of Fame. We are grateful for the recognition of our peers and feel humbled and honored that our books have been able to help advance the study of our field.
The order of the essays within each chapter of Volume 1 and Volume 2 follows the arc of our authors’ differing backgrounds and perspectives. Bill’s essays lead off each chapter and provide a high-level perspective that reflects his background in the finance industry and the structured governance that comes with working in a highly regulated industry. Matt’s essays come next and his perspective on providing services to many customers simultaneously provides insight into a highly programmatic approach. Gary’s essays finish each chapter and his vast experience in the trenches as a hands-on cyber expert provides the reader with a treasure trove of lists and lessons that they can repeatedly reference.
The different perspectives can be used as standalone refreshers and the five immediate next steps for each chapter give the reader a robust set of 45 actions based on roughly 100 years of relevant experience that will help you strengthen your cybersecurity programs. In the conclusion of this book we provide contact information and encourage you to join the community of CISOs who use these resources. We also encourage you to provide us with feedback about the guidance and about our tri-perspective approach to this book. We hope you like it.
The decision to write these books came from the shared realization by the authors that the dramatic escalation in cyber threats was not going to peak any time soon. Cybercrime would continue to move “down the food chain” as more relative economic value is managed via interconnected computer networks. Mid-sized firms in particular would come under increasing pressure as targets both for their own value and as the supposed “weaker links” in the supplier ecosystem of larger, multinational companies.