Cyber Security Month – books to build awareness

October is Cyber Security Awareness Month in Canada, an internationally recognized campaign aimed at  informing the public on the importance of cyber security, and at educating Canadians on how to be more secure online. CSAM is built around the notion that “the Internet is a shared resource and securing it is our shared responsibility.” This year’s campaign focuses on four weekly themes: Simple Steps to Online Safety, Cyber Security in the Workplace, Privacy Protection and the Internet of Things, and Digital Citizenship, and its Public Safety Canada website offers visitors a cyber security toolkit and other resources to build awareness on this critical challenge.

For its part, networking firm Palo Alto Networks has created The Cybersecurity Canon, a project designed to identify a list of “must-read books for all cyber security professionals” – both fiction and nonfiction – that depict the history of the cybersecurity community and describe technical aspects of the cybersecurity professional’s craft. Host of The Cybersecurity Canon is Palo Alto Networks Chief Security Officer (CSO) Rick Howard, a long-term veteran of the security industry. With a master in computer science and an engineering degree from the US Military Academy, Howard launched his career with a teaching stint at the Academy, and then served in the US Army for 23 years in various command and staff positions involving IT and computer security. In his last two years with the military, he served as the US Army’s Computer Emergency Response Team Chief, coordinating network defense, network intelligence and attack operations for the army’s global network. Howard has also worked in the private sector, as head of Counterpane Internet Security’s network of Security Operations Centres, as GM and Intelligence Director for Verisign’s iDefense Cyber Security Intelligence business, and as the TASC Chief Information Security Officer, responsible for the security of both the classified and unclassified TASC networks. At Palo Alto Networks, Howard oversees the company’s internal security program, leads the Palo Alto Networks Threat Intelligence Team (Unit 42), and directs the company’s efforts on the Cyber Threat Alliance Information.

Howard is the author several papers on security issues, expertise that also qualifies him for the book recommendations that he has compiled from the Canon project. To help professionals across a variety of verticals, including healthcare, public sector, financial services and education, better understand cyber security risk – and remediation – Howard suggests R&R with the titles that appear below.

Top 6 Books Every Board Member Should Read

• The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win by Gene Kim, Kevin Behr, and George Spafford
• How to Measure Anything in Cybersecurity Risk by Douglas W. Hubbard and Richard Seiersen
• Kingpin: How a Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen
• The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage (1989) by Clifford Stoll
• Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers by Palo Alto Networks and the New York Stock Exchange
• Future Crimes:  Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It by Marc Goodman

Top 5 Books for HEALTHCARE CSOs

• Spam Nation by Brian Krebs
• The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage (1989) by Clifford Stoll
• How to Measure Anything in Cybersecurity Risk by Douglas W. Hubbard and Richard Seiersen
• The Seventh Sense: Power, Fortune, and Survival in the Age of Networks by Joshua Cooper Ramo
• Information Disposition: A Practical Guide to the Secure, Compliant Disposal of Records, Media and IT Assets, by Robert J. Johnson

Top 5 Books for GOV CSOs

• The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud ) by Dawn M. Cappelli, Andrew P. Moore, and Randall F. Trzeciak

• Information Disposition: A Practical Guide to the Secure, Compliant Disposal of Records, Media and IT Assets, by Robert J. Johnson
• The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage (1989) by Clifford Stoll

• How to Measure Anything in Cybersecurity Risk by Douglas W. Hubbard and Richard Seiersen
• Dark Territory: The Secret History of Cyber War by Fred Kaplan

Top 5 Books for FINANCIAL SERVICES CSOs

• The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage by Clifford Stoll
• How to Measure Anything: Finding the Value of ‘Intangibles’ by Douglas Hubbard
• Measuring and Managing Information Risk: A FAIR Approach by Jack Freund and Jack Jones
• Kingpin: How a Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen
• Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson

Top 5 Books for EDUCATION (SPEC. HIGHER ED) CIOs

• Spam Nation by Brian Krebs
• The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage by Clifford Stoll
• Secrets and Lies: Digital Security in a Networked World by Bruce Schneier
• Kingpin: How a Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen
• We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous and the Global Cyber Insurgency by Parmy Olson

Top books for Beach Reads (novels with a cybersecurity theme)

• The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage (Not a novel but reads like one) by Clifford Stoll
• Cryptonomicon by Neal Stephenson
• Daemon by Daniel Suarez
• The Girl with the Dragon Tattoo by Stieg Larsson

And The Cuckoo’s Egg takes it! Happy reading….