Over the years that it took to prepare this book, I have consulted with, attended, read, and visited thousands of primary sources, be it in the form of books, seminars, workshops, classes, conferences, vendors, and cybersecurity professionals of every specialty that you can imagine (and some that you cannot!). It is clearly impossible to list all the material that I consulted and that influenced my thinking, and I therefore apologize for any omissions from the following bibliography.

For even more up‐to‐date resources, you might also consult the website for this book, www.cybersecurity‐for‐business.com.

1. The Alien Vault Incident Response Toolkit: Putting the OODA Loop to Work in the Real World. San Mateo, CA: Alien Vault, 2017.
2. Americans and Cybersecurity. Washington, DC: Pew Research Center, 2017.
3. Atluri, Indrajit. “Managing the Risk of IoT: Regulations, Frameworks, Security, Risk, and Analytics.” ISACA Journal 3 (2017). https://www.isaca.org/Journal/archives/2017/Volume‐3/Pages/managing‐the‐risk‐of‐iot.aspx.
4. Bandos, Tim. Incident Responder's Field Guide. Waltham, MA: Digital Guardian, 2016.
5. Barlow, Mike. Governing the IoT—Balancing Risk and Regulation. Sebastopol, CA: O'Reilly Media, 2016.
6. Bodeau, Deborah, and Richard Graubart. Characterizing Effects on the Cyber Adversary: A Vocabulary for Analysis and Assessment. Bedford, MA: MITRE, 2013.
7. Bonime‐Blanc, Andrea. Emerging Practices in Cyber Risk Governance. New York, NY: The Conference Board, 2015.
8. Borg, Scott, ...