Recommended Book: Cybersecurity for executives

A new book from 2014 “Cybersecurity for Executives: A Practical Guide” is a great book, and definitely worth for reading for persons working on the security management, or as the title says, for executives.


  • Title: Cybersecurity for executives
  • Author : Gregory J. Touhill, C. Joseph Touhill
  • Publisher: Wiley
  • Date: 2014
  • Number of pages: 416
  • Overview
    • Book has a practical approach with many examples, very good reading for security managers
  • Purpose
    • Provide a practical approach for executives on how to address cybersecurity
  • Background information
    • The intended target group is executives but this is great material for security managers as well
    • In the book executive is defined as “an executive is someone who has administrative and managerial responsibility for a shareholder-owned business, or a publicly-owned organization committed to the protection and promotion of the health, welfare, and safety of its constituents”
  • Evaluation
    • The value of the book is in it’s practical approach. It aims to explain to an executive what the cybersecurity is, and what it means for the business. It teaches to ask the right questions, and by examples guide the executive into a mature mindset. The statement “Cybersecurity is about risk management ” with reasoning is introduced in the preface and introduction chapters, and for me one should read chapters 1 and 2 before going into other chapters.
    • Authors mention that the chapters are independent modules that could be read in any order. Alltogether there are many pages to read, but if you can find the time, then I would recommend to read the book in the written order.
  • Summary
    • A generalistic management approach on cybersecurity without going into too many technical details, and without limiting into a certain set of best practises or standards, but talking about things as they are, what it can mean for the business, and what one can do about it.


  1. Introduction
  2. Why be concerned?
  3. Managing risk
  4. Build your strategy
  5. Plan for success
  6. Change management
  7. Personnel management
  8. Performance measures
  9. What to do when you get hacked
  10. Boardroom interactions
This entry was posted in ICT Books, ICT Leadership and Management, Security Management. Bookmark the permalink.

Comments are closed.