Which books had the biggest impact on you - personally or professionally?


@stephen you know, the book with the biggest impact is probably Dan Ariely’s books on human rationality. They are not infosec books, but are immensely insightful into why we are where we are in infosec, and gave me ideas on how to make the situation better.

@stephen these books are a gateway drug into much more serious stuff from Richard Thaler, Dan Kahneman, and others.

@jerry @stephen

Yeah, I gotta agree with Jerry, not so much on the specific books, but in studying human behavior... there are two specifics... thinking like the criminal, and thinking like the target...

One you need to understand in order to be able to anticipate threat models, the other you need to effectively communicate and educate with end-users... also helps to understand how to design solutions that are workable to the user.

A solution that is perceived to sacrifice business functionality won't last long in the wild.

@jerry @stephen hmm…

… in that case…
Being Wrong: Adventures in the Margin of Error by Kathryn Schulz.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.