The Business of Cyber

Peter Fagan has been working in the information security industry for well over twenty years, in a variety of roles and environments. About eight years ago, he asked himself the question "why isn't this working?". After all, if we're selling security, surely after a while there ought to be less of a need for it? Asking that question kicked off a journey of personal research, academic research, and the hands-on practical implementation of contemporary approaches, based on the way people actually behave rather than the way security teams would like them to behave. That journey ultimately led to this book, which presents the argument that an industry focused on profit is more concerned with selling compliance than it is with selling protection. Along the way, the author draws upon formal business knowledge gained through an MBA and an MSc in organisational psychology.