Today, when most people hear “security,” they think of protection against hackers on the Internet. Indeed, the explosion of information available online has exposed an almost infinite number of vulnerabilities. However, many forget that every vulnerability starts with a human actor. Understanding that attacker’s psychology, therefore, provides a paramount route of defense. In this book, Maxie Reynolds, a security analyst, seeks to teach readers how to master the attacker mindset so that they can anticipate future attacks.
I work in IT, and I wanted to read this book to better anticipate cyberattacks. It did not meet that goal, lamentably, but it taught me much more about how to think about social factors that go into an attack. It taught me how to recognize when a human tries to gain secretive information. By itself, this first step can teach how to protect oneself through later actions.
Many of the examples here are from the physical world. They talk about infiltrating something like a business or an office… or talking someone into divulging information… or how acting and security relate intimately. This book does not talk in detail about attack vectors in cyberspace, though, aside from gaining reconnaissance information. Many cybersecurity professionals – and more importantly, many organizations – do not adequately address the human side of an attack well. Reynolds introduces us specific ways to master this mindset in ourselves so that we can better defend ourselves, our workplaces, and our careers.
Although it did not fulfill my initial desires, this book taught me a lot. It began a daily habit of looking for ways that others might take advantage of vulnerabilities I present. As a main drawback, however, it overuses acronyms and jargon. She uses terms like “AMS” (Attacker Mindset) and “EA” (Ethical Attacker) way too much. She should just use the actual words so that I, as a reader, don’t have to mentally “look up” what those words mean.
As described in the subtitle, this book’s intended audience is security professionals. That’s somewhat of a misnomer. It should also be read by organizational leaders and other prime targets of attackers. Today, many of us cannot hide behind security professionals to anticipate our needs and teach us how to behave. We need to carefully apprehend the attacker mindset ourselves. This book provides an excellent way to do so. I still seek to read another book or two on technical details of cybersecurity, but Reynolds has masterfully taught me the often-overlooked psychology.
The Art of Attack: Attacker Mindset for Security Professionals
By Maxie Reynolds
Narrated by Stephanie Dillard
Copyright (c) 2021
Ascent Audio
ASIN B09KWLGDJF
Length: 9:50
Genre: Security, Business
www.amazon.com