A Data-Driven Computer Defense, 3rd Edition is Available For Purchase

I’m excited to announce the release of the 3rd edition of my A Data-Driven Computer Defense (https://www.amazon.com/dp/B0BR9KS3ZF) book. Not so humbly, I think every single computer security practitioner should read and understand its lessons. It discusses how to discern the FUD from the real risks you really should be concerned about. It will help you decide where you need to be putting your efforts and resources to best defend yourself, your family, and your organization against cyber threats.

First released in January 2018, A Data-Driven Computer Defense has sold over 50,000 copies, which is pretty rare for any computer security book, much less one that focuses on cybersecurity risk management. Here are some reviewers of previous editions:

Steve Schuster says:

“Roger Grimes has been able to pull the veil off of many security myths. His account of the misalignment of cyber security efforts and how to fix them gives practitioners the tools needed to implement a strategy that matters. Gone are the days of "Headline Security" and buying shiny objects; neither of which will secure the organization. This is accomplished in a well-written, conversational tone that allows an easy-yet-informative read. This should be on the reading list of anyone who works in, or supports, cyber security.”

Anonymous Amazon Readers said:

“A must-read for anyone in the IT field. Highly recommended.”

“Great book, interesting insights that will get you thinking differently about InfoSec!”

Ben Rothke said:

“In the world of information security, the ability to actually implement something and bring ideas to fruition is commendable. In A Data-Driven Computer Security Defense: THE Computer Security Defense You Should Be Using, author Roger A. Grimes take his decades of experience and give the reader excellent advice on how they can secure their networks and do just that... The book notes that a data-driven computer security defense is not necessarily one of hardware and software; rather, it’s an approach to information security that uses a firm’s own data to understand specific threats and risks…

A Data-Driven Computer Security Defense is a great resource for those looking to slow down and escape the information security hamster wheel of pain and start a program to truly deal with information security.”

My favorite anonymous, humorous Amazon review is:

“It is a shame, nay, a tragedy and a most grievous injustice that there are neither words nor time sufficient to approach the level of praise that this book is due. The strategic value of this concise and well-written text simply cannot be overstated. If you are new to the field of cybersecurity this book should be carefully studied, and it's principles taken to heart. In so doing, you will have a right expectation that you will make a difference in the lives of the people and the organizations that you will soon be charged with protecting. If you are veteran in the field and worn from the struggle, in this book you will find a new and better way and with it, a renewed hope. It was written long ago that of the making of books there is no end and that much study is wearisome to the flesh (Ecclesiastes 12:12). Therefore, as our time and strength is limited we must all chose wisely regarding which books to invest either. I assure you, prospective reader, that this is indeed one such book and, should you use it's wisdom aright, you will not be disappointed.”

I don’t know who that reviewer is, but I want to have lunch with them.

I wrote A Data-Driven Computer Defense because I saw nearly every company making the same, huge, mistakes in computer security and wonder why it wasn’t working. Almost every company spends most of its IT security defense budget on the wrong things. Most environments can still be broken into at will by a determined hacker or their malware creation. It doesn’t have to be that way. You can break the cycle. You can make a stronger, more resilient computer defense. It just requires designing a computer security defense as it should be and not as it is practiced by most.

Nothing has made me prouder than the hundreds of IT people who have come up to me at conferences and told me that I had changed the way they do computer security defense and that my book made them much better defenders. It was what I was hoping for.

The third edition adds 75 additional pages over three new chapters, each focused on helping to make you a better security defender.

Buy the book for yourself or your favorite computer defender loved one. It will change the way you or they think about computer security forever for the better.

Paperback (https://www.amazon.com/dp/B0BR9KS3ZF)

Kindle (https://www.amazon.com/dp/B0BR8FQLWK)

</salesmodeoff>