Preface

Imagine you are in a submarine submerged hundreds of feet below the surface surrounded by dark, freezing water. The hull of the submarine is under constant immense pressure from all directions. A single mistake in the design, construction, or operation of the submarine spells disaster for it and its entire crew.

This is analogous to the challenge that Chief Information Security Officers (CISOs) and their teams face today. Their organizations are surrounded on the Internet by badness that is constantly probing for ways to penetrate and compromise their IT infrastructures. The people in their organizations receive wave after wave of social engineering attacks designed to trick them into making poor trust decisions that will undermine the controls that their security teams have implemented. The specters of ransomware and data breaches continue to haunt CISOs, Chief Information Officers (CIOs), and Chief Technology Officers (CTOs) of the most sophisticated organizations in the world.

After conducting hundreds of incident response investigations for Microsoft’s enterprise customers, publishing thousands of pages of threat intelligence, and assisting some of Amazon Web Services’ (AWS) largest customers, I have had the opportunity to learn from and advise literally thousands of businesses and public sector organizations in almost every country around the world. I wrote this book to share some of the insights and lessons I’ve learned during this extraordinary journey.

The views and opinions expressed in this book are my own personal opinions and not those of my current or past employers.