Close your eyes and think of the word cybersecurity. What do you visualize? Nine out of ten people I have asked to conduct this mind exercise have come back with something like, “I see a dark room with a number of computers with blinking screens, and someone in a hoodie or sometimes a mask, trying to scramble through some code as if stealing something!” It’s a compelling vision of a dark art that is practiced by someone that we refer to by various names: hacker, adversary, threat actor. Seldom do I come across someone who has a more positive vision. And this is the challenge that cybersecurity presents. It appears to be a very bleak and involved topic that only experts can understand and decipher, and we had better leave it to them. And it is this esoteric aspect and a painful absence of simplicity that have gotten us into this challenging circumstance, where we have fewer and fewer experts trying to address an overwhelming amount of challenges.
As the chairman and founder of Cyber Future Foundation (CFF), I have had the opportunity to meet and work with some remarkable leaders around the world. Several executives and prominent global leaders have personally expressed to me a desire to simplify cybersecurity so that they can engage the whole of a nation, enterprise, and society. As we work on the challenging mission of bridging the gap between global leaders and technically astute and inclined cybersecurity industry and business, we still see cybersecurity challenges being con ned to the cybersecurity experts and the industry.
We have to turn this on its head and make cybersecurity a problem that everyone can understand, comprehend, and engage in. Not just because we want to get more experts on the subjects, but because security in cyberspace is everyone’s business and responsibility and without harnessing this collective capacity, we cannot be successful in securing cyberspace, neither as individual consumers nor as citizens of a connected world, and definitely not as employees of a digital enterprise.
That describes exactly why we need this book by George Finney. It is not only timely, but I believe it will be timeless in terms of being an objective and compact reference for those who need to understand cybersecurity and how they can make the changes they seek. In over two decades of a career that has involved cybersecurity through different dimensions, George has been able to see the issues from various perspectives: as an end user, as a technology executive, as an educator, and in his current role as a chief information security officer of a sprawling enterprise.
While cybersecurity has its fair share of technological problems and jargons, George brings a very human and relatable approach to studying and learning the topic. Humans are creatures of habits, and it is in this power of habits that George sees the opportunity to advance our learning and engagement as workers, citizens, and consumers, and to develop patterns of behaviors that will improve our security posture.
I believe as the reader goes through this book, they will be enlightened by how everyone can get engaged in cybersecurity by following the habits that George lays out. The concepts are supported by the brilliant recollection of anecdotes, events, and incidents, which makes it abundantly easier on the reader to embrace them. I believe through this book that the reader will become intimately familiar with their role in securing their journey, embrace security as a behavior, and be able to actively contribute in securing our digital life.
As a cybersecurity professional, as a business leader, and definitely as a parent, this book has been a validation of my thoughts. With George’s book as a reference, a lot of the work we are doing at CFF—whether the executive engagement at the Cyber Future Dialogue in Davos or the engagement of young cybersecurity professionals through the CFF Society of Mentors—becomes a tad bit easier.
Next time someone has a recollection of the bleak vision of cybersecurity—of a teenager in a hoodie in their mom’s basement hacking away at networks—a definite action is going to be referring them to the positive, uplifting, and engaging story of the Girl Scouts and their keen enthusiasm in earning cybersecurity merit badges.
The world we live in is becoming more connected and is rapidly changing to where we need to understand what ties it all together and how we can keep it safe and secure. George has done his part, and now it is up to us to take the lessons from this book and change our behavior. As we say at CFF, let’s work to build a more trusted cyberspace—the much-needed help is here!
—Valmiki Mukherjee
Chairman & Founder, Cyber Future Foundation Chairman & Convener, Cyber Future Dialogue, Davos, Switzerland Convener, Cyber 20 Engagement Group for G20 Heads of States www.cyberfuturefoundation.org