Introduction

Companies, governments, and organizations are failing to secure information in today’s digital world, and the stories of those failures continue to mount. Crime has always been around. But the things a criminal can steal and the technology through which they can steal things has changed dramatically with the introduction of information technology. Cyber criminals, the people who use these new mediums to perform illegal activities, are finding ways to exploit faster than we can figure out how to defend against them. As a result, the criminals are winning and the defenders are by and large playing catch up.

So there’s nothing we can do, right?

If you had asked me that question five years ago, back when my only understanding of cyber security was based on the stories I heard in the media, I might have said yes. But in the process of starting a security company with a number of leading security professionals, I’ve learned how far from reality my understanding of security was. And, the more I’ve shared those learnings with other nonsecurity professionals, the clearer it is that the misconceptions about the world of hacking are widespread.

If you’re like most people I talk to, you’re more aware of cybercrime than ever and you might even be incorporating security into your job responsibilities. So you are eager to learn! But here’s the thing: I never had someone sit me down and reorient me to the real world of security because, unfortunately, ...