We are thrilled to be hosting George Finney's NO MORE MAGIC WANDS Virtual Book Tour today! Please leave a comment to let him know you stopped by!
Title:
NO MORE MAGIC WANDS
Author: George Finney
Publisher: Independent
Pages: 130
Author: George Finney
Publisher: Independent
Pages: 130
Genre: Business/Leadership/Management/Cybersecurity/Technology
Once
upon a time there was a company that made magic wands, but when they were
hacked all the magic in the world couldn’t prevent their data from being
stolen. If that company had a chance for a clean start, what would they have
done differently? The unlikely hero isn’t a security guy. She’s a business elf
who makes it her mission to change the way her company does business from the
top down.
Most books on Cybersecurity are written for highly technical professionals, focus on specific compliance regulations, or are intended for reference. No More Magic Wands is different...it takes complex security concepts and puts them into practice in easy to read, relateable stories.
Most books on Cybersecurity are written for highly technical professionals, focus on specific compliance regulations, or are intended for reference. No More Magic Wands is different...it takes complex security concepts and puts them into practice in easy to read, relateable stories.
No More Magic Wands is available at AMAZON
Security
is everyone’s job.
That’s
what we say as security professionals. It’s not a copout. It’s not as if we’re
trying to pass off our jobs on everyone else. It really does take everyone
working in concert to make an organization truly secure. So why, then, do we do
so little to enable those outside the cybersecurity field to do their part of
the universal security job? We often provide some training, usually in the form
of mandatory twenty-minute propaganda videos. But what about tools? Maybe we
create a button to encrypt email data or to report phishing. What about books?
Mostly we just provide a bunch of technical reference manuals, white papers, or
standards written for the highly technical security professional. In them are
policies that no one ever reads.
If
security is everyone’s job, everyone needs to have the right tools to actually
do the job. Not some of the tools. Not a little bit of the
information. All of it.
In
cybersecurity, all of us are on the frontlines of a complicated battle
involving governments, organized crime, activists, and more which makes
security being everyone’s job even more important. If that’s your goal, you
must empower your employees to take initiative. They should be able to think
for themselves. They should not have to ask for direction. If you constantly
tell people exactly what to do and how to do it, they’ll never develop the ability
to be self-directed. This is why cybersecurity should entail real-world,
experienced-based training—not just awareness—to create a culture of ownership.
Annual training should be progressive, and its lessons should build over
several years. The company should provide real examples of cybersecurity issues
in order to give the training efforts a specific direction and focus. If the
training involves reading from a binder or sticking to a narrow script, what
will happen when something off-script happens? Employees won’t know how to
react and will have to ask for input from their supervisors.
If
we improve our communal awareness of cybersecurity, we can start to develop a
kind of collective immunity to cybercrime. Today, it is cheap and easy to be a
cybercriminal: software isn’t difficult to hack, and people make even easier
targets. This means the victims are plentiful, and the risks of getting caught
or prosecuted are extremely low. However, if the cost of cybercrime increases
and the chances of getting caught go up, the volume of cybercrime will be
forced down (assuming cybercriminal’s ill-gotten profits remain the same).
There
needs to be an ecosystem of participation in security so that salespeople,
accountants, attorneys, bankers, doctors, librarians, barbers, and car salesmen
can all communicate with one another about the types of cybercrime they’ve
experienced: How they were hacked and what they did to improve their security
measures. What technologies worked and which ones didn’t. Which common techniques
hackers are employing today. Everyone should be able to look to the security
community for leadership and find answers.
Great
cybersecurity is possible, but it’s not easy.
Have
you ever felt like someone was asking you to waive your magic wand at a problem
and make it go away? You may have wanted to shout, “It’s not that easy!” This
is what’s happening in cybersecurity. Waive your magic wand and everything will
be better? Not in real life. If there really was a magic wand to be found, then
thousands of companies wouldn’t become the victims of cybercriminals every
year. Software could be made to run perfectly, business processes would be
designed without loopholes, everyone would follow policy, and employees would
be constantly vigilant. Cybersecurity would be a thing of the past.
This
book imagines what life would be like for a magic-wand manufacturing company,
staffed entirely by elves, after knockoff wands with their label start cropping
up. On top of that, their customers’ private information gets leaked and
becomes scattered all across the enchanted forest. But the elves still have one
magic wand. Can they use it to fix the mess? Or will they have to think of
something else—some other way to prevent the villains of the enchanted forest
from going one step further and stealing their greatest treasure?
The
unlikely hero isn’t a security guy. She’s a business elf who makes it her
mission to change the way her company does business from the top down. One of
the first things she does is build a coalition of partners inside and outside
the business to help make those changes happen. She looks for other fairy-tale
creatures who have had personal or professional experiences with cybercrime and
who have taken to heart the hard lessons of being hacked. She considers
weathering the trials of being hacked a badge of honor, not a failure on their
part. She has to learn how to talk to other business creatures about
security—and she has to do it in their language, not her own. On her quest, she
must challenge people to change their ways before the next breach happens,
which she does by simulating a hack on the company, thereby creating the
learning experience of being breached without the negative consequences. In
this new world, she learns that it needs to be okay for people to challenge
authority, even when it might normally be considered rude. Without a culture of
inquiry and vigilance, actual security will be out of reach. She realizes that,
just like a healthy immune system, there needs to be multiple interconnected
structures inside the organization to keep things working together.
This
book isn’t written for technology professionals, although it may help them as
well. It’s written for anyone and everyone who wants to make a difference and
improve cybersecurity. The first lesson that students of cybersecurity learn
about cybersecurity is that there’s a constantly evolving cycle of improvement.
Although basic principles will remain the same, you must always grow and adapt
to various threats as they emerge. You will never arrive at a state of perfect
security.
No
matter how good you are, you will be hacked at some point.
It
may be a surprise to hear, but hackers are an important part of the security
ecosystem. Hackers help the security ecosystem improve, particularly when they
reveal the vulnerabilities they find or disclose the methods they used to
expose weaknesses in a company’s security measures. Imagine a young infant: we
don’t want the baby to get sick, but if she were never exposed to germs,
her immune system wouldn’t properly develop and she could wind up being very
weak and vulnerable later on in life. Without hackers, our cyber immune system
wouldn’t develop and could be susceptible to worse cyber threats: attacks from
government-sponsored actors, large-scale organized crime, or malicious inside
jobs. Therefore, this book is for hackers too. Keep us honest. Make us better.
About the Author
GEORGE FINNEY, ESQ., has worked in
Cybersecurity for over 15 years and is the author of No More Magic Wands:
Transformative Cybersecurity Change for Everyone. He is currently the Chief
Information Security Officer for Southern Methodist University where he has
also taught on the subject of Corporate Cybersecurity and Information
Assurance. Mr. Finney is an attorney and is a Certified Information Privacy
Professional as well as a Certified Information Security Systems Professional
and has spoken on Cybersecurity topics across the country.
Interview:
Where are you from?
We have this saying inTexas since
there are a lot of transplants from other states. We say, “I wasn’t born here, but I got here
as fast as I could.” We moved to Dallas when I was around
2. I’ve lived lots of other places, but
I keep coming back.
Tell us your latest news?
My next project is a series of several choose your own adventure style stories for cybersecurity training. A lot of people learn through experience and it's too late to learn after you've been breached. Being able to play in a choose your own adventure style world will help people recognize the common ways that hackers are exploiting people without the consequences of learning the hard way.
When and why did you begin writing?
When I was in the 5th grade, we had an assignment to write a story for Halloween. Most people took the whole hour to write one. I ended up writing over 20 different stories. That was the year I caught the bug to be a writer. Several of my classmates wrote a play in that same class that we put on in front of the class. We paired off into teams and wrote commercials and made those for the class. I wrote a science fiction story that was had to be longer than 5 pages. I remember it being one of my favorite times in school.
When did you first consider yourself a writer?
That took a lot longer. After I finished law school, I realized I was starting to get burned out and wouldn’t make it unless I started giving myself time to be a writer. It took 3 years, but after I finished my first book I was finally comfortable calling myself a writer.
What inspired you to write your first book?
I had this dream while I was studying for the bar exam. The exam itself is 3 days long, and you put in the same amount of studying you usually did in a year of law school into the 6 weeks prior to the test. My brain was fried. Sometime in there, I had this dream that was so vivid and interesting, I woke myself up and raced to find a piece of paper to get it down while I remembered.
Do you have a specific writing style?
I like using different styles for each project. I try and find the style that works best for the story that I’m working on. I think it keeps me growing as a writer.
How did you come up with the title?
The title, No More Magic Wands, is a play on the fallacy that some people believe that they can waive their magic wand and make their problems go away. So I wrote a story about a company that makes magic wands. The company is hacked and nearly go out of business, so they have to figure out a way to solve their cybersecurity problems without using magic.
Is there a message in your novel that you want readers to grasp?
The main character of the story is a business woman who saves her company from being hacked. One of the biggest messages is that she isn’t a cybersecurity expert, but she is able to help her company change and get better at cybersecurity. You don’t have to be a security expert to make a difference.
How much of the book is realistic?
The situations in the book are all based on real life hacking scenarios.
Are experiences based on someone you know, or events in your own life?
I’ve spent the last nine years working as the head of cybersecurity for a large urban University, so I’ve taken a lot of my experiences and worked them into the fairy tale world that I built.
What books have most influenced your life most?
One of my wife’s friends wrote this book, How to Find Lost Things. It was only maybe 20 pages, and was hand-made. It was just something funny and cute that she made for a handful of friends, but more than anything, I think that was the inspiration I needed to make me think I could actually write a book.
If you had to choose, which writer would you consider a mentor?
Stephen King. I had always seen the movies based on this books, but had never read any of them. The first book of his that I picked up was his book, On Writing. This was after I had written my first book, and I was stunned that his description of the experience was so similar to what I had gone through. I spent the next year reading his books, in order, to see how his writing evolved over time.
What book are you reading now?
Just one? I usually read several all at the same time! I’m reading Leaders Eat Last by Simon Sinek, Spaceman by Mike Massimino, and The Fold by Peter Clines.
Are there any new authors that have grasped your interest?
I’m in awe of James S. A. Corey (it’s actually a pseudonym for the collaboration of two writers, Daniel Abraham and Ty Franck). The work they’ve done with The Expanse series has changed how I think about science fiction. And the television adaptation by the SyFy channel is amazing. As a Trekkie, I’m actually a little worried that the new Star Trek, or even Star Wars might start to suffer in comparion. I think it’s the best Sci Fi on TV ever.
What are your current projects?
My next project is a series of several choose your own adventure style stories for cybersecurity training. A lot of people learn through experience and it's too late to learn after you've been breached. Being able to play in a choose your own adventure style world will help people recognize the common ways that hackers are exploiting people without the consequences of learning the hard way.
Name one entity that you feel supported you outside of family members?
My current boss, Joe has been an amazing source of support for a number of years. I don’t think I would have been able to work and be an author in my spare time without his support.
What would you like my readers to know?
I love hearing from my readers. Look up my blog and let me know what you think, www.strongestelement.com.
Interview:
Where are you from?
We have this saying in
Tell us your latest news?
My next project is a series of several choose your own adventure style stories for cybersecurity training. A lot of people learn through experience and it's too late to learn after you've been breached. Being able to play in a choose your own adventure style world will help people recognize the common ways that hackers are exploiting people without the consequences of learning the hard way.
When and why did you begin writing?
When I was in the 5th grade, we had an assignment to write a story for Halloween. Most people took the whole hour to write one. I ended up writing over 20 different stories. That was the year I caught the bug to be a writer. Several of my classmates wrote a play in that same class that we put on in front of the class. We paired off into teams and wrote commercials and made those for the class. I wrote a science fiction story that was had to be longer than 5 pages. I remember it being one of my favorite times in school.
When did you first consider yourself a writer?
That took a lot longer. After I finished law school, I realized I was starting to get burned out and wouldn’t make it unless I started giving myself time to be a writer. It took 3 years, but after I finished my first book I was finally comfortable calling myself a writer.
What inspired you to write your first book?
I had this dream while I was studying for the bar exam. The exam itself is 3 days long, and you put in the same amount of studying you usually did in a year of law school into the 6 weeks prior to the test. My brain was fried. Sometime in there, I had this dream that was so vivid and interesting, I woke myself up and raced to find a piece of paper to get it down while I remembered.
Do you have a specific writing style?
I like using different styles for each project. I try and find the style that works best for the story that I’m working on. I think it keeps me growing as a writer.
How did you come up with the title?
The title, No More Magic Wands, is a play on the fallacy that some people believe that they can waive their magic wand and make their problems go away. So I wrote a story about a company that makes magic wands. The company is hacked and nearly go out of business, so they have to figure out a way to solve their cybersecurity problems without using magic.
Is there a message in your novel that you want readers to grasp?
The main character of the story is a business woman who saves her company from being hacked. One of the biggest messages is that she isn’t a cybersecurity expert, but she is able to help her company change and get better at cybersecurity. You don’t have to be a security expert to make a difference.
How much of the book is realistic?
The situations in the book are all based on real life hacking scenarios.
Are experiences based on someone you know, or events in your own life?
I’ve spent the last nine years working as the head of cybersecurity for a large urban University, so I’ve taken a lot of my experiences and worked them into the fairy tale world that I built.
What books have most influenced your life most?
One of my wife’s friends wrote this book, How to Find Lost Things. It was only maybe 20 pages, and was hand-made. It was just something funny and cute that she made for a handful of friends, but more than anything, I think that was the inspiration I needed to make me think I could actually write a book.
If you had to choose, which writer would you consider a mentor?
Stephen King. I had always seen the movies based on this books, but had never read any of them. The first book of his that I picked up was his book, On Writing. This was after I had written my first book, and I was stunned that his description of the experience was so similar to what I had gone through. I spent the next year reading his books, in order, to see how his writing evolved over time.
What book are you reading now?
Just one? I usually read several all at the same time! I’m reading Leaders Eat Last by Simon Sinek, Spaceman by Mike Massimino, and The Fold by Peter Clines.
Are there any new authors that have grasped your interest?
I’m in awe of James S. A. Corey (it’s actually a pseudonym for the collaboration of two writers, Daniel Abraham and Ty Franck). The work they’ve done with The Expanse series has changed how I think about science fiction. And the television adaptation by the SyFy channel is amazing. As a Trekkie, I’m actually a little worried that the new Star Trek, or even Star Wars might start to suffer in comparion. I think it’s the best Sci Fi on TV ever.
What are your current projects?
My next project is a series of several choose your own adventure style stories for cybersecurity training. A lot of people learn through experience and it's too late to learn after you've been breached. Being able to play in a choose your own adventure style world will help people recognize the common ways that hackers are exploiting people without the consequences of learning the hard way.
Name one entity that you feel supported you outside of family members?
My current boss, Joe has been an amazing source of support for a number of years. I don’t think I would have been able to work and be an author in my spare time without his support.
What would you like my readers to know?
I love hearing from my readers. Look up my blog and let me know what you think, www.strongestelement.com.
No comments:
Post a Comment