Foreword

After having worked in information security for over 20 years, I have come to a simple conclusion: unless we move beyond technology alone and start addressing the human element, we are in a no-win situation. Technology is where every organization should start when managing its cyber-risk, but technology can only go so far. We have hit that point of diminishing return. We can no longer ignore the human factor in information security. Lance’s book is a breath of fresh air. He creates a new chapter in how organizations should manage their risk, not just at the technical level but at a human level. What makes Lance’s book so powerful is that he not only backs the book with tremendous research and academic studies, but also brings in real-world ...

Get People-Centric Security: Transforming Your Enterprise Security Culture now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.