{"id":14506,"date":"2025-07-25T07:15:27","date_gmt":"2025-07-25T07:15:27","guid":{"rendered":"https:\/\/newestek.com\/?p=14506"},"modified":"2025-07-25T07:15:27","modified_gmt":"2025-07-25T07:15:27","slug":"the-books-shaping-todays-cybersecurity-leaders","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=14506","title":{"rendered":"The books shaping today\u2019s cybersecurity leaders"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n
<\/div>\n<\/section>\n

From strategy and psychology to history and decision-making, these are the books CISOs recommend to sharpen your thinking, influence your leadership style, and help navigate the complexity of modern security careers.<\/p>\n

Exploring risk from different angles<\/h2>\n

CISOs, not surprisingly, are interested in risk as it relates to cybersecurity, with some keen to understand future risk measurement and how to make better decisions.<\/p>\n

How to Measure Anything in Cybersecurity Risk<\/strong><\/a> <\/em>by Douglas W. Hubbard and Richard Seiersen, was recommended by several CISOs including Daniel Schatz, Qiagen\u2019s CISO, and Wolfgang Goerlich, faculty IANS and Oakland County\u2019s CISO.<\/p>\n

James Blake, Cohesity\u2019s CISO, said it\u2019s a useful resource that provides spreadsheets and methods for semi-quantitative risk assessment. Similar to FAIR (factor analysis of information risk), this book provides tools and approaches for more accurate risk measurement beyond the traditional risk matrix. \u201cI\u2019d recommend this book to anyone working in cyber risk because it offers meaningful ways to analyze and communicate risk to business leaders,\u201d Blake says.<\/p>\n

Superforecasting: The Art and Science of Prediction<\/a> by Philip E. Tetlock and Dan Gardner, was also recommended by Schatz.<\/p>\n

The book takes a closer look at what makes or breaks good forecasts in a well-written and entertaining manner. \u201cI think this is a useful book for anyone trying to wrap their head around what the future might bring and consequently it should be of particular interest to risk managers,\u201d tells Schatz. \u201cAlong with the fundamentals of good forecasts and many examples, the authors provide good guidance on how to get to better estimates based on some basic steps.\u201d<\/p>\n

Improving focus and decision making in complex environments<\/h2>\n

In a role defined by continual alerts and competing priorities, CISOs need to rely on their decision-making skills and an ability to find focus. These books explore how to reduce digital noise.<\/p>\n

Daniel Schatz suggestedThinking, Fast and Slow<\/a> by Daniel Kahneman that explores the dual systems of the brain \u2014 fast, intuitive thinking, and slow, rational thinking \u2014 how the human mind can be tripped up by error and prejudice, and strategies for making better decisions.<\/p>\n

Schatz recommended the book for the insights into how humans make decisions and when they\u2019re most vulnerable to mistakes. \u201cThis understanding is essential for effectively managing human risk and selecting security strategies that account for real-world behavior,\u201d he says.<\/p>\n

On a related topic and co-written by Daniel Kahneman, Noise<\/a> explores why humans are so susceptible to noise in judgment \u2014 and what we can do about it. It was recommended by Wolfgang Goerlich.<\/p>\n

\u201cSecurity leaders operate in high-stakes environments where constant alerts, evolving threats, and business pressures create a cycle of burnout and reactive decision-making,\u201d said Elliott Franklin, CISO at Fortitude Re.<\/p>\n

Franklin recommended Yeah, But: Cut Through The Noise To Live, Learn, And Lead Better<\/a> by Marc Wolfe because it provides readers with strategies to find clear headspace for thinking and making better decisions \u2014 something that\u2019s important for busy CISOs. \u201cWolfe speaks directly to the internal dialogue that often holds leaders back \u2014 those rationalizations that delay change or innovation. It encourages cutting through noise, both external and internal, to lead with clarity and confidence,\u201d Franklin says.<\/p>\n

Gretchen Rubin\u2019s Better Than Before<\/a> <\/strong>and Cal Newport\u2019s Digital Minimalism<\/a> offer tools to protect what matters most \u2014 your time, focus, and well-being, says Franklin.<\/p>\n

\u201cSecurity leaders often operate in \u201calways on\u201d mode, but Cal Newport\u2019s push toward intentional tech use is a vital reminder: your attention is a resource, and boundaries are not a luxury, they\u2019re a necessity. Meanwhile, Rubin\u2019s habit framework helps leaders design systems to support their goals, whether that\u2019s better sleep, less email, or more presence at home. Together, these books form a toolkit for leading better \u2014 not just at work, but in life,\u201d adds Franklin.<\/p>\n

Human Hacked: My Life and Lessons as the World\u2019s First Augmented Ethical Hacker<\/a> by Len Noe was recommended by George Gerchow, faculty at IANS Research and Bedrock Security\u2019s CSO.<\/p>\n

The book goes beyond the hype to explore the complexity of augmented decision-making and the unintended consequences we\u2019re already seeing. \u201cLen pulls back the curtain on how humans, not just machines, are being reshaped by AI. His point of view is grounded, provocative, and seriously worth reading. Full disclosure: Len is a good friend. People like him are rare and, honestly, a little scary. I\u2019m just glad he\u2019s on our side,\u201d he says.<\/p>\n

Understanding human risk in cybersecurity<\/h2>\n

When it comes to security, CISOs know better than most that managing risks and vulnerabilities lies in human behaviour as much as technical tools. These books provide expert insights into the human side of cybersecurity, such as social engineering.<\/p>\n

The Art of Deception<\/a> by Kevin Mitnick, was recommended by Gaurav Kapil, CISO at Bread Financial, because its core message remains relevant today. \u201cOne of the original and most well-known hackers, Kevin Mitnick shares fascinating real-world examples of social engineering and the human side of cybersecurity vulnerabilities. While it\u2019s an older book, it remains a foundational read for anyone interested in understanding how attackers exploit trust to breach systems,\u201d Kapil says.<\/p>\n

Secrets and Lies: Digital Security in a Networked World<\/a> by Bruce Schneier is also recommended by Kapil because it breaks down technical concepts in an accessible way.<\/p>\n

\u201cA highly respected voice in cybersecurity, Bruce Schneier offers timeless insights into the complexities of digital security. It also explores why focusing solely on technology isn\u2019t enough and requires addressing human behavior, in addition to reevaluating organizational practices,\u201d Kapil says.<\/p>\n

The Art Thief<\/a> by Michael Finkel, about the world\u2019s most prolific art thief who stole hundreds of valuable pieces from museums and evaded law enforcement for years, had a remarkable number of connections to cybersecurity, according to Katie Jenkins, CISO at Liberty Mutual.<\/p>\n

\u201cThe overarching theme of theft in plain sight had connections to social engineering and how \u2014 similar to cyber adversaries \u2014 skill in deceiving others can yield remarkable gain for the criminal actor,\u201d says Jenkins.<\/p>\n

It also highlights the critical role in identifying and managing vulnerabilities \u2014 whether it\u2019s physical security in museums and galleries or virtual security in the case of cybersecurity. \u201cIn both this literary world and the world of a cybersecurity professional, the core connection is about protecting valuable assets from resourceful, motivated adversaries. Both highlight human elements \u2014 trust, psychology, ingenuity \u2014 as well as technical\/physical controls,\u201d she says.<\/p>\n

Rethinking what effective leadership means<\/h2>\n

It takes dedication to be the best leader. Cybersecurity leaders can turn to books that offer guidance and lessons on developing strong leadership skills, but they\u2019re not always the standard management books.<\/p>\n

\u201cAs a CISO, I\u2019ve learned that effective cybersecurity leadership isn\u2019t just about technical experience or even business strategy. It\u2019s also about possessing the necessary skills to be a trusted and empathic leader,\u201d says Vanta CISO Jadee Hanson.<\/p>\n

Hanson nominatedDare to Lead<\/a> by Bren\u00e9 Brown because it challenges the traditional notion of leadership by emphasizing emotional intelligence and resilience \u2014 qualities that are essential for leading in high-stakes environments. \u201cThe book helps leaders foster cultures of accountability and openness, which are crucial for building transparent and adaptive organizations. It\u2019s a must-read for leaders looking to cultivate trust through genuine connection and authenticity, within their teams and across their organizations.\u201d<\/p>\n

Good leadership is also about providing the right feedback and with this in mind, Radical Candor<\/a> <\/strong>by Kim Scott was recommended by Bethany DeLude, Carlyle Group\u2019s CISO. The book highlights the value of honest, specific and direct feedback delivered in an empathetic, timely and respectful manner.<\/p>\n

\u201cHer use of a practical and actionable framework, bolstered by real world examples, creates an instructive and compelling map for building a culture of open communication, accountability and employee development,\u201d says DeLude.<\/p>\n

Books are a reminder that there\u2019s more to life than work<\/h2>\n

In a profession that rarely switches off, books offer CISOs a chance to reflect, recharge, and reconnect with meaning beyond the day job. As a CISO, it\u2019s easy to get drawn into the never-ending work day and Thornton Wilder\u2019s Our Town<\/a> <\/strong>is a reminder to put work into perspective.<\/p>\n

\u201cWhen I read \u2014 and reread \u2014 the book, I\u2019m reminded to nurture and be present in my whole life,\u201d says DeLude.<\/p>\n

DeLude recommended this book because it\u2019s a reminder that paying better attention to balance unlocks creativity and leads to greater impact in professional life. \u201cBy reflecting, I\u2019ve solved more of the hardest work problems after a weekend of family fun or while out on a walk than stationed in my office.\u201d<\/p>\n

The Alchemist <\/a>by Paulo Coelho, a book with a simple story but a powerful message, was recommended by Nicole Dove, head of security engineering, Games, at Riot Games.<\/p>\n

\u201cThe main character is on a journey to follow a dream \u2014 he\u2019s unsure and knows he\u2019s deviating from what tradition says he should do \u2014 but he follows his heart. That\u2019s something I truly relate to. I\u2019ve read the book numerous times, and each time I walk away with a new gem. No matter the phase of life I\u2019m in, I can always relate to the character and a stop along his journey. In the end, what he discovers is even greater than he imagined. And that is a story that I too hope to tell,\u201d she says.<\/p>\n

The final recommendation is a book that challenges professionals to rethink their purpose and value in IT, according to Fortitude Re\u2019s Elliott Franklin.<\/p>\n

Get Out of I.T. While You Can: A Guide to Excellence for People in I.T.<\/a> <\/strong>by Craig Schiefelbein.<\/p>\n

\u201cFor CISOs and cybersecurity leaders, it\u2019s a bold reminder that excellence isn\u2019t just technical \u2014 it\u2019s about strategic impact and personal fulfillment. If your role no longer aligns with your values, it might be time to reimagine your path, not abandon it.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

From strategy and psychology to history and decision-making, these are the books CISOs recommend to sharpen your thinking, influence your leadership style, and help navigate the complexity of modern security careers. Exploring risk from different angles CISOs, not surprisingly, are interested in risk as it relates to cybersecurity, with some keen to understand future risk measurement and how to make better decisions. How to Measure… <\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-14506","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14506","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14506"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14506\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14506"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14506"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14506"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}