Book Review: One False Click
One False Click: How to Protect Your Company in the Coming Cyber War. By Jerry Hutcheson. Published by Jerry Hutcheson; available from amazon.com; 190 pages; $18.95.
Helping executives understand the challenges that cybersecurity poses is the goal of One False Click: How to Protect Your Company in the Coming Cyber War. The book explains cybersecurity from a business management perspective, instead of anchoring prevention in technology only. While technology is mentioned, the focus is on prevention using methodologies that can be found in risk management principles.
This is not a book about IT. It is a book about cybersecurity and how the business executive can understand the subject matter and apply prevention measures without having to be an IT expert. It is refreshing to see someone conceptualizing cybersecurity for what it is—a security issue rather than just an IT issue.
The author speaks in the language of executives, and there is no IT jargon. There are plenty of examples of risk management concepts from a business perspective such as return on investment, annual loss exposure, metrics, and results matrix. The author outlines the importance of leadership, roles and responsibilities, use of experts, security strategy, and policies and procedures. He underpins the prevention strategy in people and processes, these being the ingredients that are required to be successful in defending against the cybersecurity threat.
The book is well laid out. The first few chapters introduce us to cybersecurity, the current situation, where it is likely to go, the role of the security manager, and the four areas of cybersecurity. The rest of the book deals with security problem solving from a business management perspective and provides tools the executive can adopt while also drawing on the need for executives to become involved in preventing cybersecurity risks. The role and skills gap of CIOs and CISOs are also outlined.
This book will appeal to the business executive, business owners, general managers, and security managers. It will help them understand prevention from a business perspective while also providing them with the tools they need to oversee cybersecurity. IT professionals will value the book for its insight into how business executives think and what they need to know.
Reviewer: Dr. Declan Garrett is head of security unit at Louvre Abu Dhabi, visiting lecturer at Berlin Institute of Economics and Law, and a member of the ASIS Cultural Properties Council.