Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us

— —

Eugene Spafford Leigh Metcalf

Cybersecurity Myths and Misconceptions

Avoiding the Hazards and Pitfalls that Derail Us

Eugene Spafford, Leigh Metcalf, Josiah Dykstra

$86.95 $73.63

Paperback

Not in-store but you can order this
How long will it take?

Availability Information

We source books from suppliers in Australia and overseas. For books we don't currently have in stock, the time it takes to get them from our suppliers can vary widely - from a few days to a few months - so we check each book with each supplier to determine the expected time it will take to be supplied to us.

We then advise you accordingly. If the time taken to get any book is too long for you, you can let us know and we will cancel or adjust your order, and refund as required.

To find out the anticipated arrival time for specific items prior to ordering, please contact us by phone or email:

Phone +61 2 9264 3111, or 1800 4 BOOKS (1800 4 26657) if outside Sydney:
option 1 Abbey's Bookshop (Crime, History, Science, Kids & more) • info@abbeys.com.au
option 2 Language Book Centre (ESL & Foreign Languages) • language@abbeys.com.au
option 3 Galaxy Bookshop (Sci-fi, Fantasy, Romance, Graphic Novels) • sf@galaxybooks.com.au

QTY:

English

Addison Wesley
02 March 2023

Computer security; Network security; Networking packages

It's been 50 years since the discipline of cybersecurity originated, but users and developers still spread and succumb to many of the same pitfalls in design and practice. The same mistakes keep getting repeated, people keep getting misled, and cybersecurity remains far from optimal. In Cyber Myths, three cybersecurity pioneers don't just deliver the first comprehensive collection of false folk wisdom that derails security from the frontlines to the boardroom: they offer expert practical advice for avoiding or overcoming each myth.

Whatever your cybersecurity role or experience, Eugene Spafford, Leigh Metcalf, and Josiah Dykstra will help you surface hidden dangers, prevent avoidable errors, eliminate faulty assumptions, and resist deeply human cognitive biases that compromise prevention, investigation, and research. Throughout, you'll find examples drawn from actual cybersecurity events, detailed techniques for recognizing and overcoming security fallacies, and recommended mitigations for building more secure products and businesses.

By: Eugene Spafford, Leigh Metcalf, Josiah Dykstra
Imprint: Addison Wesley
Country of Publication: United States
Dimensions: Height: 232mm, Width: 178mm, Spine: 22mm
Weight: 700g
ISBN: 9780137929238
ISBN 10: 0137929234
Pages: 416
Publication Date: 02 March 2023
Audience: Professional and scholarly , Undergraduate
Format: Paperback
Publisher's Status: Active

1. What is Cybersecurity? 2. What is the Internet? 3. Faulty Assumptions and Magical Thinking 4. Logical Fallacies 5. Cognitive Biases 6. Cobra Effect 7. Problems and Solutions 8. Negative Results are Still Results 9. Pitfalls of Analogies 10. Vulnerabilities 11. Malware 12. Digital Forensics & Incident Response 13. Statistics

Eugene H. Spafford, PhD, is a professor in Computer Science at Purdue University. In his 35-year career, Spaf has been honored with every major award in cybersecurity. Leigh Metcalf, PhD, is a Senior Network Security Research Analyst at the Carnegie Mellon University Software Engineering Institute's cybersecurity-focused CERT® division. Josiah Dykstra, PhD, is a cybersecurity practitioner, researcher, author, and speaker. He is the owner of Designer Security and has worked at the US National Security Agency for 18 years.

Reviews for Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us

"""Many security leaders are traditionally in charge of correcting misconceptions just as much as they are in charge of building up solid security practices. We have plenty of resources on practices--but this book is the crucial guide to that essential myth busting."" --Phil Venables, CISO, Google Cloud ""I'm writing this on my phone, over Wi-Fi, in an airplane on my way to Black Hat, one of the world's largest security conferences. The fact that I'm able to do this at all shows how much we've really learned about cybersecurity over the decades. Now it's all collected in one place for everyone to share. Thank the wise authors, and most importantly: GET OFF THEIR LAWN."" --Wendy Nather, Head of Advisory CISOs, Cisco ""This book is astounding. A true tour de force--which I have never said about any other book. Inverting the viewpoint is a stroke of genius. This is going to be on my grabbable-at-any-time shelf. What I learned, recalled, and was refreshed on with technically astute agnosticism cannot be measured; just appreciated as a profound historical compilation of security practice and theory. Bravo!"" --Winn Schwartaul, Founder and Chief Visionary Officer, The Security Awareness Company ""I am happy to endorse the central idea of this book--that cybersecurity is rife with myths that are themselves part of the problem. The brain wants to understand, the world grows ever more complicated, and the sum of the two is myth-making. As the authors say, even if some understanding is true at some time, with enough change what was true becomes a myth soon enough. As such, an acquired immunity to myths is a valuable skill for the cybersecurity practitioner if no other. The paramount goal of all security engineering is No Silent Failure, but myths perpetuate if not create silent failure. Why? Because a state of security is the absence of unmitigable surprise and you cannot mitigate what you don't know is going on. Myths blind us to reality. Ignorance of them is not bliss. This book is a vaccine."" --Dan Geer, CISO, In-Q-Tel ""This is a fun read for all levels. I like their rapid fire delivery and the general light they cast on so many diverse myths. This book will change the cybersecurity industry for the better."" --Michael Sikorski, Author of Practical Malware Analysis & CTO, Unit 42 at Palo Alto Networks"