Which books had the biggest impact on you - personally or professionally?

@stephen -- Little Brother by Cory Doctorow -- -- Mostly because it made it easier to explain some of the concepts of the basics to bosses, co-workers, and friends who worried about the big and flashy without paying attention to the small, common, and mundane.

@stephen you know, the book with the biggest impact is probably Dan Ariely’s books on human rationality. They are not infosec books, but are immensely insightful into why we are where we are in infosec, and gave me ideas on how to make the situation better.

@stephen these books are a gateway drug into much more serious stuff from Richard Thaler, Dan Kahneman, and others.

@jerry @stephen

Yeah, I gotta agree with Jerry, not so much on the specific books, but in studying human behavior... there are two specifics... thinking like the criminal, and thinking like the target...

One you need to understand in order to be able to anticipate threat models, the other you need to effectively communicate and educate with end-users... also helps to understand how to design solutions that are workable to the user.

A solution that is perceived to sacrifice business functionality won't last long in the wild.

@jerry @stephen hmm…

… in that case…
Being Wrong: Adventures in the Margin of Error by Kathryn Schulz.

This one's a personal favorite. Social Engineering: The Art of Human Hacking by Christopher Hagnady

- Hacking the human
- Liars and Ouliers

- The book of risk
- Web app hacker handbook

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.