Introduction
Over the last few years, there has been a frequently repeated statistic claiming that there are more than three million cybersecurity jobs left unfilled.
I don't really believe that's true—I believe we have an even bigger problem. I'll admit that we need more people who understand and can help reduce cyber risk. That number is probably significant. But who is going to lead all the people who are coming into the field? Who is going to lead the people currently in the field?
I'm an avid reader, and I like to apply what I learn in books to my life in cybersecurity. One of my favorite books on leadership is Extreme Ownership by Jocko Willink and Leif Babin. In the book, they use the saying, “There are no bad teams, just bad leaders.”
I have a talent for over-generalizing things. So I thought to myself, “What if the real problem is a cybersecurity leadership problem?” Even if all the cybersecurity experts we needed were put into place, most cybersecurity teams would suffer from this lack of leadership.
This book is not about beating up on current security leaders. Cybersecurity leadership should start with CEOs, moving all the way down to the cybersecurity owner and their team. I use the term cybersecurity owner because titles vary in every organization. The cybersecurity owners are responsible for day-to-day cybersecurity operations and cyber-risk mitigation. This can be one person or multiple teams.
The cybersecurity owner and their team, processes, and technology ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access