The only problem I have with Cyber Wars: Hacks that Shocked the Business World (Kogan Page 978-0749482008) by Charles Arthur is that these breaches really didn’t shock the information security community or the business world. These stories are simply narratives of firms that didn’t take information security seriously and suffered the consequences.
In this interesting book, he details some of the most devastating information security events of the last few years. These include Sony, HBGary Federal, John Podesta’s phishing attack, T.J. Maxx, and more.
While all of these stories have been told before at a high-level, Arthur digs much deeper and details the issues that led to the breaches. The book makes for some compelling insights around the importance of taking security seriously. There are countless lessons learned that can be gleaned from this book. While not a technical book, Arthur writes of the technical issues that led to many of these breaches. This is a very readable and engaging book that makes for a great reference to an information security awareness reference.
John Podesta was chairman of Hillary Clinton's 2016 U.S. presidential campaign, and as the book notes, it is rare that a hack changes the course of history. In the case of Podesta’s falling for a phishing attack, it did indeed.
There is some also humor in the book. In detailing the devastating Sony Pictures hack, he quotes then Sony Pictures Entertainment CEO Amy Pascal as telling Sony employees not to read any of the breached emails, because of their potentially divisive effect, both internal and external to the organization. Pascal was oblivious to the Streisand effect, and it’s likely the request had the opposite effect on her employees.
For anyone who is struggling to get people, be it management or the like, to take information security seriously, Cyber Wars: Hacks that Shocked the Business World makes for a great wake-up call.