Few years ago, I wrote Information Security Leaders Handbook but it was not listed as a download on this blog. With this post, I would like to put it here and also check the level of interest from InfoSec community for an updated version (Second Edition). Please send your comments at my Twitter handle @rafeeq_rehman or through this blog.
The objective of this book is to make you a successful information security professional by learning from experience of great leaders in this field. This book is a little dated now but provides core fundamental models in a concise manner. It is easy to read and use in managing information security programs. Most of the chapters accompany visual mind maps, action items, and other visual tools for easy understanding.
Click HERE to download the PDF version of the book.
How is this book organized?
The book covers a set of carefully selected topics. This is to ensure that focus remains on principles that are the most important to the success of a security professional. The topics are arranged in six parts as listed below.
- Know The Business – List of topics important for understanding and knowing the business.
- Information Security Strategy – Elements of information security strategy, how to create strategy and put it into practice.
- Security Operations – Major areas related to running an effective security operations program.
- Risk Management – How to assess and manage risk.
- Personal Branding – Creating personal brand and establishing credibility to be effective as information security leader.
- Appendices – Miscellaneous data points and sources of information.
How to Use This Book?
I suggest that you read one chapter daily, take actions, set goals, and write those actions and goals on the “Goals and Activity Log” page at the end of each chapter. Next day, read another chapter and write the actions and goals with target dates. As you go along, start reading random chapters and keep on reviewing and updating your actions and goals to measure your progress and success.
A Systematic Way of Achieving Excellence
The book provides a systematic and measurable way towards excellence in your job. I have gone to great length to limit each topic to two pages or less. Please use the “Goals and Activity Log” page to record your progress and make the best use of your time. While you go along, record your experiences and share them on the book web site.
Subscribe to Blog for Release Dates and Updates
Please subscribe to this blog to keep yourself updated about the release date of the book. You can use “Follow Blog via Email” link on top-right corner of this page.
Your feedback is very important to me. Please share your thoughts on my Twitter handle at @rafeeq_rehman
Other Useful Links for InfoSec Professionals
- Building a Successful Security Operations Center: Part 1
- Building a Successful Security Operations Center: Part 2, Estimating SOC Budget
- Building a Successful Security Operations Center Part 3: SOC Budget Calculator
- CISO MindMap 2017 – What Do InfoSec Professional Really Do?
DISCLAIMER: All material presented is my own and not of my employer and does not constitute any recommendations, endorsements or professional consultation.