Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Other Sellers on Amazon
+ $3.99 shipping
+ $4.99 shipping
Into the Breach: Protect Your Business By Managing People, Information, and Risk Hardcover – August 1, 2008
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
About the Author
Michael Santarcangelo is a human catalyst. As an expert who speaks on information protection -- including compliance, privacy and awareness -- Michael energizes and inspires his audiences to change how they protect information. His passion and approach gets results that change behaviors. As a full member of the National Speakers Association, Michael is known for delivering substantial content in a way that is energetic and entertaining. Michael connects with those he works with, and helps them engage in natural and comfortable ways - he literally makes security relevant and simple to understand! Michael pioneers new ways to engage others in the process of information protection. He has created the Security Salon to facilitate the exchange of ideas in a way that allows people to learn and apply their knowledge for immediate results and program success. In 2007, Michael was named one of the The 59 Top Influencers in IT Security, and was selected to serve on the Symantec Advisory Council. He actively supports various industry associations and remains a secure member of the FBI InfraGard program. Michael is a graduate of Cornell University. When not traveling North America in their RV, Michael and his family reside in Upstate NY.
If you buy a new print edition of this book (or purchased one in the past), you can buy the Kindle edition for only $0.99 (Save 67%). Print edition purchase must be sold by Amazon. Learn more.
For thousands of qualifying books, your past, present, and future print-edition purchases now lets you buy the Kindle edition for $2.99 or less. (Textbooks available for $9.99 or less.)
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
The allure of commoditized security should not come as a surprise. The culture at large is intolerant of uncertainty, and packaged solutions offer a welcome alternative to the bitter taste of ambiguity. The ugly truth of the security industry is that certainty curtails the dialogue that keeps vulnerable organizations vital and makes ambiguous risks tolerable. Michael invites his readers to step back from their preoccupation with "security crash diets" and to brave candid discussions about the real problems of working with and protecting information.
There is nothing magical about Michael's approach to risk management. The reader will have missed the point to expect another quick fix. "Into the Breach" includes a set of exercises aimed to strengthen the quality of mind by which organizations engage their people, information, and risk. There are no shortcuts to a strong defense. Neither are there extra points for mastery. Measurable improvements in risk responsiveness are earned through discipline and a commitment to real dialogue between decision makers and employees who handle information directly. These practices foster increased awareness and equip decision makers to align risk response with the practical needs and objectives of the organization and the workforce. Such benefits stand in stark contrast to the spotty results and likely dangers of crash dieting.
One of my favorite sections in Part 1 reminds that many policy violations happen because people just want to do their jobs better (the author also claims that people "want to do the right thing" if such choice is easy enough). I loved the "compliance is not a video game" theme, where your faults do not have real world consequences, as well as "security as something inflicted upon the organization" and "security as a crash diet" themes. What is also interesting is that the book seeks to solve one of the key problems of "what is risky?" vs "what is only perceived as risky?"
The part of the book is Part 2 where author's "strategy to protect information" is unveiled. The author then goes into some level of details on how to implement the strategy (run a pilot, "build a flywheel", etc).
On the negative side, I was saddened that Michael succumbed to a popular insider myth (on page 11 - "70% of attacks are by insiders") while trying to dispel another security myth. That is the risk anybody runs while quoting too many questionable surveys. Also, the book sounds too fluffy at times (e.g. the strategy is "understand-engage-optimize", frequent advice to "be effective", etc), but does seem to convey its message pretty well.
Overall, if you are managing security on a high level, or manage IT or even the whole business, read this book. It is short enough so that such people will read it and get the ideas! If you are a security pro and can handle a non-technical volume, grab it as well and keep in mind that this is a management book. After reading it, please give it you your manager!
Most recent customer reviews
Michael Santarcangelo shows why he's known as a "human catalyst" with his...Read more