The Problem We Are Facing

Abstract

Have you ever sat in a boardroom directly after a cyber-attack? I have, and it is a terrible experience. Chief Executive Officers (CEOs), Chief Information Security Officers (CISOs), and Chief Information Officers (CIOs) silently shake their heads and stare out the window, wondering if their lives have been destroyed by this attack. What will happen to their organization in the following months? How many people will be laid off as a result? Too many hold their head in their hands contemplating the damage to the organization they have dedicated their lives to building after a cyber-attack. As they think about the families that will be affected by the inevitable layoffs that will follow, if the organization even survives the incident, there is a central question that they ask themselves, and it is a question I have endeavored to answer over the last few years. The pursuit of the answer to this question has driven me down a path that is culminating in sharing my experiences, ideas, observations, and research in this book. Why are we failing to secure our most sensitive data?