No Safe Harbor: The Inside Truth About Cybercrime, and How to Protect Your Business is the untold story of digital crime written by Mark Sangster, VP of Industry Security Strategies at eSentire. It delves into how the key to changing the locks isn't in our computers, but in our corporate culture through real life story-telling that shows how organizations need to shift the security discussion away from technology gates alone toward a focus on leadership, team behaviors, and mutual support. This is a prelude to what you’ll read in Mark’s new book, which you can pre-order now.
A decade in cybersecurity is like a lifetime in other industries. There isn’t a day that goes by without a headline about cyberheists, election tampering or the exposure of some celebrities’ private life spilling onto the internet. And amongst this maelstrom, cybersecurity vendors line up with everything from innovation approaches to snake oil to create a cybersafe solution for three easy payments of $39.99! If only it was that easy.
I’ve witnessed everything from simple fraudulent invoice scams to military-grade campaigns against companies that inadvertently offended some government. I’ve stood in countless boardrooms as a visiting “Rosetta Stone” with IT security folks hoping to convince their executives of the risks and free up the resources necessary to protect their businesses from these threats.
And while there isn’t a “three-easy-payments” solution to the problem, I recognized a common thread that ran through these narratives. Many leaders don’t see their business as a target which means they don’t take measures to protect themselves. And when they are attacked, they suffer in silence. Data breach headlines rarely tell the whole story. The details that matter are well below the fold. Suffering in silence robs us of the opportunity to collectively learn and improve our defenses.
That’s why I decided to write the book, No Safe Harbor: The Inside Truth About Cybercrime, and How to Protect Your Business. I knew I could keep running from boardroom to boardroom or I could do what the headlines had failed to do. I could tell the stories. Not to point the finger or cast blame. My goal is to expose the fundamental causes of cybercrime, to offer new ways of looking at the problem and to start a conversation to help businesses protect themselves from the next cyberattack.
Through December and January 2020, I locked myself away and worked with some great editors and publishing experts to up my game from authoring simple blog posts and articles to tackling a 50,000-word behemoth! And just as I finished early manuscripts, the world was hit with the 2020 pandemic, which again brought untold side effects in terms of cybersecurity. More rewrites.
The book is written as much for the general public as it is for security practitioners looking for a vocabulary they can use to convey cyber risk to their business executives and board members. And I tell stories from other industries like aviation, construction and mining to rise above the trees so we can see the forest. So often we can’t see the way forward. The book provides a liminal place. A safe vantage point from which to face our own discomfort and uncertainty. By doing so, we sidestep the chaos to focus on what matters, and thereby emerge stronger.
And that’s the point of the book. Tell the stories to demystify the issues, clarify the risks and prioritize objectives with clear guidance.
Early reviews from peers, colleagues and journalists have been very kind and I’d like to share a few here.
“With the world experiencing an all-encompassing digital revolution that is reshaping seemingly every aspect of our business and personal lives, cybersecurity is more important than ever. No Safe Harbor is an engrossing journey into cybercrime that cleverly illustrates the chaos underneath the shiny façade of the modern internet.” Mirko Zorz, Editor in Chief, Help Net Security
"I can't think of anyone better qualified to tell cybersecurity war stories than Mark. This book is a riveting read, filled with details that people don't normally get to hear about." - Danny Bradbury, DarkReading
“Mark Sangster’s advice could not have arrived at a more propitious moment, as the work paradigm changes to remote information systems access as a default rather than an exception. The book reads like a collection of short stories, all revolving around a central theme: Cybersecurity is a business risk and a people challenge and the approach to those people should be made, as Mark does so well, by appeals to common sense and documented in easy-to-understand frameworks. This book should be essential reading for senior management and corporate directors.” Kenneth Rashbaum, Partner, Barton LLP
The book is the culmination of so many people’s work. The SOC analysts who defend our clients everyday. Industry experts with whom I’ve teamed over the years. Law enforcement and regulatory agents. The unstoppable marketing team at eSentire. I am humbled by a community with one collective objective: keeping our world safe from cybercriminals. It’s as much their story as it is mine. I hope you enjoy No Safe Harbor: The Inside Truth About Cybercrime, and How to Protect Your Business