December 2021
Beginner
336 pages
6h 11m
English
Content preview from Navigating the Cybersecurity Career Path
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
CHAPTER 22How Do I Talk About My Security Program?
When we become leaders of a security program, we usually come to the role with no training on presenting a business case or sharing the work of the security program with the organization. It doesn't occur to most of us how much we would need to have this skill. Wouldn't the program just speak for itself? Short answer: no.
For some of us, our first instinct is to use metrics to talk about our programs. We search for “security metrics” or go to security analyst websites or conference talks about metrics. Board members, chief financial officers (CFOs), and other metrics-driven people need metrics. There is a completely valid school of thought that says, “You cannot manage what you cannot measure.” A great book on this topic is How to Measure Anything in Cybersecurity Risk by Douglas Hubbard and Richard Seiersen.
Over time, I found the metrics approach to be insufficient. It certainly worked in some places, like when asking for more money from the CFO, but often it was too weedy for everyone else. No one cared, really, about how old our vulnerabilities were, how many vendor products we had ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.