The Security Culture Playbook. Perry Carpenter
Читать онлайн книгу.
210 208
211 209
212 210
213 211
214 212
215 213
216 214
217 215
218 216
219 218
220 219
221 220
222 221
223 222
224 223
225 224
226 vi
227 vii
228 viii
229 ix
230 x
231 xi
232 xii
233 xiii
234 xiv
235 225
Praise for Perry Carpenter
“The best security behaviors are the ones you never think about, that get ingrained as habits and become part of who you are. Perry's exploration of security as a cultural force, created by processes and communications but separate from them, is a unique look into precisely that zone of our identity. By stepping away from our biases about what security looks like and focusing on what it practically does, this book invites us forward.”
—Matt Wallaert, Behavioral Scientist and Author of Start At The End: How to Build Products that Create Change
“In my time advising companies on how to become more resilient to social engineering, I’ve always touted the importance of building a strong security culture. Perry Carpenter is one of the world’s foremost experts in how to do just that. Security leaders and business executives would be wise to listen to his advice and implement his suggestions.”
—Kevin Mitnick, Principal, Mitnick Security
“Perry has his finger on the pulse of security awareness culture and knows how to bring it to life. His real-world expert advice focuses on what is actionable and most essential for protecting your organization right now.”
—Rachel Tobac, CEO of SocialProof Security and Friendly Hacker
“Perry Carpenter understands that cyber security takes both technology and human accountability. In this excellent new book, he is able to show how both must work together to keep our companies, institutions, and society safe and secure. You should find a number of best practices and insights in this timely book.”
—John R. Childress, Chairman, PYXIS Culture Technologies
“Security culture is fundamental to organizational resilience, efficiency, and success. Perry Carpenter is one of the world’s leading experts in this space, and he communicates his expertise in a way that is engaging and accessible for all.”
—Dr Jessica Barker, co-CEO of Cygenta and Author of Confident Cyber Security
“My friend Perry Carpenter has had a long and distinguished infosec career and has had a front row seat to the cybersecurity culture wars from the very beginning. I can’t think of a better guide for organizational executives trying to reduce their inherent risk via an improved internal security culture.”
—Rick Howard, CSO, Chief Analyst, and Senior Fellow at the CyberWire. Past lives include CSO at Palo Alto Networks, TASC, iDefense GM, Counterpane SOC Director, and the Army's Computer Emergency Response Team (CERT) Commander
“Perry’s forgotten more on human element security than the rest of us will ever know! Perry understands how our brains work, and how that affects our propensity to be both duped by bad guys and engaged by security awareness content. He’s one of my go-to people in the field.”
—Lisa Plaggemier, Executive Director, National Cybersecurity Alliance
“Security is very much a human issue, and there is no other human I would turn to in order to understand the critical crosshairs of where technology meets culture more than Perry Carpenter. He walks in both realms effectively and, if you want to truly understand how to keep safe in a world without secrets, Perry is your guide and guru. He and Kai have created and curated a playbook that our world needs now more than ever.”
—Michael Leckie, Author of The Heart of Transformation: Build the Human Capabilities That Change Organizations for Good
“Too frequently those of us in security think technology first without truly understanding the first priority issue of organizational culture. Culture is integral to organizational success and initiatives. Perry Carpenter’s work in this space is truly second to none. Building on the insights from Transformational Security Awareness, Perry’s work illustrates the vital role of culture with respect to our security programs and risk management.”
—Matt Stamper, Co-Author of the CISO Desk Reference Guide (Volumes 1 & 2) CISO & Executive Advisor
Praise for Kai Roer
Kai is a pioneer in security culture awareness, showing CISOs how to drive meaningful changes and move their organizations forward.
—Mirko Zorz, Editor in Chief, Help Net Security
Kai has been pioneering the concepts around security culture for more than a decade, and I've known him for that time as he's built, and sold up, his CLTRe concept. His knowledge on benchmarking a security culture is second to none.
—Dan Raywood, Cybersecurity journalist (former)
I have seen Kai Roer demonstrate his passion and sincere dedication to improving the security culture of organizations for many years. Kai providing guidance for executives to understand their role and responsibility for creating a secure business ecosystem, through using The Security Culture Playbook, is a brilliant idea!
—Rebecca Herold, CEO of The Privacy Professor consultancy, and Privacy & Security Brainiacs SaaS services
I am enthused to learn that Kai Roer has written a new book about security culture.
Kai Roer has taken his many years of cyber experience and combined those with a vested interest in cyber security. By using Kai's Security Culture Framework, I got a tool to address the human and cultural factors in our organization to improve the security maturity.
With clear, everyday examples and analogies to reveal social and cultural triggers that drive human behaviour he guided me through my work. I immediately saw the experience, knowledge, and interpersonal skills that he had for working with people. I most admire Kai for his humor, his determination to reach whatever goals he has put up, and his devotion to throw light on the less technical part of information security.
—Anne-Marie Eklund Löwinder, Founder of Amelsec AB, inducted into the Internet Hall of Fame, Member of the Royal Swedish Academy of Engineering Science
There is no one better placed to present expertise related to security culture than Kai. Further, developing a security culture within a given organization is the first line of defence, which makes this book essential reading.
—Raj Samani, McAfee Fellow, Chief Scientist