# Unsecurity: Information security is failing. Breaches are epidemic. How can we fix this broken industry?

288## Paperback

^{$}17.95

## Overview

Information security is a rigged game and we have no choice but to play it every day. Rules are mandatory for the good guys but optional for the bad guys. And the good guys are losing. Now’s the time to start playing offense and turn this game around. We can do it if we work together! *Unsecurity* sounds the call and lays out the plan for information security professionals to unite in strength and fix this broken industry.

## Product Details

ISBN-13: | 9781643439747 |
---|---|

Publisher: | Beaver's Pond Press, Incorporated |

Publication date: | 01/14/2019 |

Pages: | 288 |

Sales rank: | 782,521 |

Product dimensions: | 6.00(w) x 9.00(h) x (d) |

## Table of Contents

1 We're Not Speaking the Same Language 1

Problem #1 We Don't Have a Common Language 4

Solution #1 Agree on Our Common Language 6

Problem #2 We Lack a Common Understanding with Normal People 14

Solution #2 Find Our Common Ground 19

Problem #3 Foolish Conversations Occur between Organizations 32

Solution #3 Translate Security between Organizations 35

2 Bad Foundations 51

Problem #1 Building without Blueprints 52

Solution #1 Starting with Blueprints 53

Problem #2 Building without Permits 59

Solution #2 Building with Permits 59

Problem #3 Weak or Absent Foundations 61

Solution #3 Establishing a Solid Foundation 67

Problem #4 Overengineered Foundations 76

Solution #4 Simplification 77

3 Lipstick on a Pig 79

Problem #1 Lipstick Makes Us Appear More Attractive Than We Really Are 80

Solution #1 We Need to Get Real 84

Problem #2 Lipstick Makes Us Feel Better about Ourselves 86

Solution #2 We Need to Be Honest with Ourselves and One Another 91

Problem #3 Technology Is the Most Common Lipstick 96

Solution #3 We Should Use Technology Only When and Where It's Needed 98

Problem #4 Layering on Lipstick Makes Things Worse 99

Solution #4 We Need to Simplify 100

4 Pipe Dreams 101

Problem #1 Ignorance Is No Excuse for Poor Information Security 103

Solution #1 Understand What We Should Know and Learn It 106

Problem #2 Panic and Anxiety Stem from Our Lack of Understanding 109

Solution #2 Plan for the Worst and Hope for the Best, a Sense of Calm 110

Problem #3 Fantasies Make for Bad Decision Making 112

Solution #3 Expect Reality Using Logic and Facts 117

5 The Blame Game 127

Problem #1 There's No Shortage of People or Things to Blame for Our Shortcomings 129

Solution #1 Define Roles and Responsibilities 131

Problem #2 We All Live in Glass Houses 137

Solution #2 Accept That We All Have Our Problems 138

Problem #3 We Fear Blame and Reprimand 139

Solution #3 Cultivate Transparency and Incentives 141

Problem #4 We're Not Good at or Ready for Attribution 142

Solution #4 Plan for Attribution 142

Problem #5 There's No Recourse for Faulty Products and Services 143

Solution #5 Hold People Accountable 145

6 The Herd Mentality 147

Problem #1 There's a False Sense of Safety in the Herd 149

Solution #1 Use the Herd to Your Advantage 154

Problem #2 Herd Mentality Leads to Poor Choices 157

Solution #2 Take the Time to Research 162

Problem #3 Even If the Herd Is Right, Its Still Won't Fit Us 164

Solution #3 Focus on You and What You Can Control 165

7 Because I Said So 168

Problem #1 We Have so Many Laws, but So Little Direction 171

Solution #1 The Intent of the Law Is Key 175

Problem #2 We Have No Choice, but to Comply 177

Solution #2 How We Comply Is Where We Find Our Choices 179

Problem #3 Compliance Makes a Crappy Foundation 180

Solution #3 Focus on the Foundation 182

8 Empty Promises 183

Problem #1 Troubles with Commitments 184

Solution #1 Making Commitments Carefully 191

Problem #2 Money as a Demonstration of Commitment 198

Solution #2 Putting Out Money Where Our Mouth Is 201

Problem #3 Thinking Obscurity Makes Us Secure 202

Solution #3 Taking Our Head Out of the Sand 204

9 The Money Grab 205

Problem #1 There's Plenty of Snake Oil for Sale 207

Solution #1 Do Your Homework 213

Problem #2 Fear and Sex Sell Lots of Stuff 217

Solution #2 Fight FUD and Be a Little Less Sexy 221

Problem #3 Money Spent Poorly Is Bad Money 223

Solution #3 Buy What You Need 228

10 Too Many Few Experts 232

Problem #1 We Need More Good People, but We Don't Know Who 233

Solution #1 Define What Makes a Good Security Person 236

Problem #2 The Severe Talent Shortage Is Painful and Getting Worse 240

Solution #2 Commit to the Cause 256

Acknowledgments 263

About the Author 266