This book is the first of a series of spinoffs from Douglas Hubbard’s successful first book, How to Measure Anything: Finding the Value of “Intangibles” in Business. For future books in this franchise, we were considering titles such as How to Measure Anything in Project Management or industry-specific books like How to Measure Anything in Healthcare. All we had to do was pick a good idea from a long list of possibilities.
Cybersecurity risk seemed like an ideal first book for this new series. It is extremely topical and filled with measurement challenges that may often seem impossible. We also believe it is an extremely important topic for personal reasons (as we are credit card users and have medical records, client data, intellectual property, and so on) as well as for the economy as a whole.
Another factor in choosing a topic was finding the right co-author. Because Doug Hubbard—a generalist in measurement methods—would not be a specialist in any of the particular potential spinoff topics, he planned to find a co-author who could write authoritatively on the topic. Hubbard was fortunate to find an enthusiastic volunteer in Richard Seiersen—someone with years of experience in the highest levels of cybersecurity management with some of the largest organizations.
So, with a topical but difficult measurement subject, a broad and growing audience, and a good co-author, cybersecurity seemed like an ideal fit.