Book Review: Big Breaches: Cybersecurity Lessons for Everyone

Big Breaches: Cybersecurity Lessons for Everyone

by Neil Daswani and Moudy Elbayadi

The key to understanding the value of the new book, Big Breaches: Cybersecurity Lessons for Everyone, by Neil Daswani and Moudy Elbayadi, is the word “everyone” in its title. The authors go into significant detail recounting the most destructive and notorious data breaches of the last decade. These are cybersecurity disasters that “everyone” surely knows about. Tout le monde! We know all about these breaches, or so we think. As the book makes clear, “everyone” clearly doesn’t have much of a real clue how bad things are—and how much worse things are about to get. Thus, “everyone,” me included, needs some cybersecurity lessons.

The book goes into depth on the breaches at Capitol One, Marriott, Equifax and more. It reviews what went wrong at Office of Personnel Management (OPM), Yahoo, Target and JP Morgan Chase. The authors also delve into some of Facebook’s data leaks and irregularities. Throughout, they look at how these incidents almost always involve a failure to prioritize, invest in and execute cybersecurity initiatives.

Big Breaches deals with one of the great ironies of this era: Despite spending tens of billions of dollars on security, the world seems less and less secure with every passing year. Hundreds of thousands of security jobs remain unfilled, a problem that doesn’t seem to have an immediate solution. Thus, the authors have undertaken this ambitious book as a step toward empowering more people (everyone!) to become informed and more active in mitigating cyber risk.

Case by case, Daswani and Elbayadi lay out effective prevention and detection countermeasures. They explore the meta-level causes of breaches and suggest seven crucial habits for optimal security in the organization. One of their main points is that security needs to evolve beyond its current scope. The sophistication of today’s threats demand it. Companies can no longer rely on the traditional “InfoSec” policies. The security perimeter that once supported these ideas no longer exists.

Instead, it’s up to everyone to get more involved. That’s the only way to avoid more Marriotts, Yahoos and Equifaxes going forward.

Book details:

Publisher : Apress; 1st ed. edition (March 12, 2021)

Language : English

Paperback : 475 pages

ISBN-10 : 1484266544

ISBN-13 : 978-1484266540