Tribe of Hackers Security Leaders

Tribal Knowledge from the Best in Cybersecurity Leadership

The Tribe of Hackers series continues, sharing what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure. Dozens of experts and influential security specialists reveal their best strategies for building, leading, and managing information security within organizations. Tribe of Hackers Security Leaders follows the same bestselling format as the original Tribe of Hackers, but with a detailed focus on how information security leaders impact organizational security.

Information security is becoming more important and more valuable all the time. Security breaches can be costly, even shutting businessesand governments down, so security leadership is a high-stakes game. Leading teams of hackers is not always easy, but the future of your organization may depend on it. In this book, the world’s top security experts answer the questions that Chief Information Security Officers and other security leaders are asking, including:

• What’s the most important decision you’ve made or action you’ve taken to enable a business risk?
• How do you lead your team to execute and get results?
• Do you have a workforce philosophy or unique approach to talent acquisition?
• Have you created a cohesive strategy for your information security program or business unit?

Anyone in or aspiring to an information security leadership role, whether at a team level or organization-wide, needs to read this book. Tribe of Hackers Security Leaders has the real-world advice and practical guidance you need to advance your cybersecurity leadership career.

Acknowledgments vii

Introduction viii

01 Marcus J. Carey 1

02 Ian Anderson 6

03 James Arlen 14

04 Mark Arnold 25

05 Andrew Bagrin 31

06 Zate Berg 36

07 Tash Bettridge 46

08 Philip Beyer 50

09 Kyle Bubp 58

10 Joanna Burkey 64

11 Bill Burns 70

12 Lesley Carhart 78

13 Christopher Caruso 83

14 Mike Chapple 91

15 Steve Christey Coley 98

16 Jim Christy 102

17 Chris Cochran 110

18 Edward Contreras 114

19 Dan Cornell 117

20 Mary Ann Davidson 124

21 Kimber Dowsett 132

22 David Evenden 136

23 Martin Fisher 141

24 Chris Hadnagy 147

25 Andrew Hay 153

26 Mark Hillick 157

27 Terence Jackson 165

28 Tanya Janca 168

29 David Kennedy 174

30 Joe Krull 180

31 Robert M. Lee 188

32 Rafal Los 194

33 Tracy Z. Maleeff 199

34 Jeffrey Man 202

35 Angela Marafino 209

36 James Medlock 212

37 Kent Nabors 221

38 Charles Nwatu 228

39 Greg Ose 232

40 Edward Prevost 239

41 Ray [REDACTED] 244

42 Stephen A. Ridley 249

43 David Rook 255

44 Marina Segal 259

45 Khalil Sehnaoui 262

46 Jackie Singh 267

47 Dan Tentler 271

48 Eugene Teo 274

49 Dominique West 279

50 Jake Williams 283

51 Wirefall 288

Appendix: Recommended Reading 293

MARCUS J. CAREY is a cybersecurity researcher and inventor with patents in cryptography and cybersecurity and over 25 years of experience in protecting the public, private, and government sectors. He was the Founder and CEO of Threatcare which was acquired by ReliaQuest. Follow Marcus on Twitter at @marcusjcarey.

JENNIFER JIN graduated from The University of Texas at Austin in 2017 and started her first job at Threatcare soon after. She became Threatcare's Head of Communications and Marketing before Threatcare was acquired by ReliaQuest. Jennifer is now the Product Marketing Manager at Mio and is the co-author of Tribe of Hackers. Follow Jennifer on Twitter at @jen_jin.

"TRIBE OF HACKERS" RETURNS—PROVIDING ESSENTIAL ADVICE ON CYBERSECURITY LEADERSHIP FROM INDUSTRY MAVENS

Cybersecurity leadership is about recruiting and leading teams of hackers—not always an easy task, but one that could make or break your organization's secure future. From the authors who brought you the bestselling Tribe of Hackers comes Tribe of Hackers Security Leaders, a collection of invaluable real-world insights from the world's leading cybersecurity experts. This book offers perspectives on cybersecurity leadership issues such as talent acquisition, working productively with teams across the organization, and leading teams to success.

Top security leaders including James Arlen, Lesley Carhart, Mike Chapple, Kimber Dowsett, Andrew Hay, Tanya Janca, Dave Kennedy, Robert M. Lee, Rafal Los, Tracy Z. Maleeff, Ray [REDACTED], Stephen A. Ridley, Khalil Sehnaoui, Jackie Singh, Dan Tentler, and Jake Williams share their best leadership tips and strategies, describing the toughest challenges they've faced and revealing what they've learned along the way. Inside, you'll find practical advice on identifying and recruiting top cybersecurity talent, communicating with executives, making difficult decisions, collaborating with non-technical colleagues, and much more. This is a must-read for anyone involved in or aspiring to a cybersecurity leadership role. Tribe of Hackers Security Leaders answers questions such as:

• What's the most important decision you've made or action you've taken related to a business risk?
• How do you lead your team to execute and get results?
• What are your communication tips for interacting with executive leadership?
• Do you have a workforce philosophy or unique approach to talent acquisition?
• Have you created a cohesive strategy for your information security program or business unit?
• Do you believe there is a massive shortage of career cybersecurity professionals?