Chapter 3 will discuss compliance, risk management, defense-in-depth planning, and the concept of the 3×3 cybersecurity control pillars. If you are bored just thinking about compliance and risk management, this chapter is short and will go fast. But I guarantee you will learn something that will improve your cybersecurity career going forward. So, don't skip it.

The Challenge of Cybersecurity

Cybersecurity is among the most difficult jobs in the world. There are tens of thousands of threats trying to compromise any person, device, or network connected to the Internet. And it doesn't even take the Internet to spread cyber threats. The world's early computer viruses, like Elk Cloner, Stoned, Pakistani Brain, and the Jerusalem virus, spread around the world, causing havoc in the days before the Internet existed as the Internet. The defender has to be nearly perfect in their defense. The attacker just needs to find one weakness to get in. There are literally tens of millions of new malware programs trying to break into places and tens to hundreds of thousands of malicious human hackers, all trying to see if they can exploit otherwise innocent people and organizations. Defending is so tough that no single person or organization appears to have done it right. The joking conventional wisdom is that for a computer to be completely safe it has to be encased in concrete and locked in a closet. Even then, you'd have to make sure its network ...