Read more
This book takes a fresh look at the psychology of cybersecurity and IT management, discussing the role of cognitive bias and human factors on poor decisions. The book considers the psychology and motivations of those involved with cybersecurity both as cyber attackers and cyber defenders.
List of contents
Foreword
Part 1: Enter the world of cybercrime
Chapter 1: Most cybercriminals are made, not born
Chapter 2: Hackers: the good, the bad and the ugly
Hacktivism
Once a hacker, always a hacker?
Notorious hackers
Interviews with real-life cybercriminals
Chapter 3: How an attack is devised
Selecting targets
Skills that make attacks succeed
Social engineering attacks: hacking people's minds
Ransomware attacks
Exploiting misconfigurations
Chapter 4: Special cases
Insider threats
Whistleblowers
Third party and supply-chain risks
Impact of cyber-attacks on trust
Part 2: Inside the line of defence
Chapter 5: Operational cybersecurity context
Pressures of the job
Cybersecurity needs diversity
Why work in cybersecurity
Chapter 6: Human fallacies and how to overcome them
Biases affecting threat analysis
Biases affecting risk management
Chapter 7: Operational resilience relies on adequate cybersecurity
People
Processes
Technology
Business continuity
Chapter 8: Organisational psychology
Chapter 9: Improving organisational cybersecurity
Good governance
Better training and education
Security by design
Organisational cybersecurity culture
Cybersecurity champions
Nudge programs
Situational crime prevention
Part 3: The target¿s perspective
Chapter 10: Psychology applied in cybersecurity
Opening the black box
Brains: natural prediction machines
Chapter 11: How we take the bait
Technical people have human brains too
Know yourself to protect yourself
Part 4: The Psychology of a Chief Information Security Officer (CISO)
Chapter 12: Responsibilities of a CISO
The SECCRRT to effective CISOs
Leading the psychology and cybersecurity integration
Shaping the organisation¿s psychological security posture
Getting security buy-in across the board
Chapter 13: The psychological toll on CISOs
Managing risk
Managing the executive team
Overcoming stress and building resilience
Chapter 14: Concluding remarks
Glossary
About the author
Tarnveer Singh is an award-winning Chief Information Security Officer (CISO) with decades of security experience across a wide range of sectors. He is Director (Security & Compliance) at Cyber Wisdom Ltd, an Information Security and Compliance Consultancy helping clients to address security threats affecting their business. He is also a Fellow of the Chartered Institute of Information Security and a Chartered IT Professional with the British Computer Society.
Sarah Y. Zheng, PhD is a neuropsychologist investigating emerging crime and security risks from technological advances. Through her research, she helps organisations become more resilient to phishing attacks and improve people's awareness of new cybersecurity threats. Before returning to academia, she developed AI applications and worked in data science for financial, retail and government institutes for several years. With her unique understanding of both people and technology, her mission is to put the human element in technological development.
