Book Review: 7 Rules To Become Exceptional at Cyber Security

by | Oct 3, 2022

Cybersecurity Excellence, cyber resilience, cybersecurity

Image credit:

UPDATED: Technology has become the core of business today. Today everything is interconnected and consumers are increasingly dependent on the Internet for digital services. In a hyperconnected world powered by technology, the importance of cyber security to our collective prosperity and progress has never been greater.

We trust technology to just work and do its job. But that trust can be misplaced when there are service disruptions or outages. And that often happens due to security breaches. How then can organizations prevent this through cybersecurity excellence?

Business leaders will embrace technology only if they trust it. They need to understand how to derive maximum benefit from technology. But the rate at which security breaches and fraud happen these days, can break that trust and make one hesitant to adopt new technology.

That’s where good cybersecurity practices come in. Cybersecurity can protect systems, devices and individuals. And it’s no surprise why interest in cybersecurity (and demand for cybersecurity professionals) is increasing every year.

Cyber Security Delivering Value

But for cybersecurity to deliver value, cybersecurity leaders and professionals need to develop a business-aligned mindset. They must have a good understanding of the business, its products and services. They must be aware of the ongoing projects, which may not necessarily be technology-led. And they should definitely know their organization’s mission, vision, roadmaps, and the industry landscape. What are the different lines of business and how do they work together?

This can only be achieved by speaking to people on the business side. Cybersecurity professionals spend too much time talking to technology folk and vendors. They are too focused on the technology and the operational aspects. If that’s the case, how can they show cybersecurity value to the business?

The 7 Rules

The seven rules purport to bridge the gap between business and cybersecurity, maximizing the value from cybersecurity, enabling organizations in pursuit of strategic goals, and helping professionals become truly exceptional.

Using practical and real-world experiences, this book introduces seven rules for cyber security leaders and professionals to deliver immense value to their organisations while rapidly progressing in their own careers. The book also gives senior executives a view of what good looks like from a cyber security perspective so they can be more effective in accomplishing their objectives and supporting their teams.

One of the rules is about understanding the risks. Organizations invest in cybersecurity to manage their risk and mitigate system failure, downtime and outages. Hence, cybersecurity leaders should take a risk-based approach to cybersecurity investments. Every dollar invested should show the value of cybersecurity to the business.

Cybersecurity professionals also need to understand and articulate the risks – and manage them effectively.

The book is written in an engaging, conversational style with a focus on real-world outcomes. Moving beyond unnecessary technical jargon, buzzwords, and hype, the book delivers valuable insights into the strategies, opportunities, and approaches associated with building and running exceptional cyber security programs that truly enable organisations. These insights include:

  • Tangible ways to adopt a business-aligned mindset, incorporate risk-based approaches and relevant measurements to demonstrate progress, inspire confidence, and optimise investments.
  • Addressing the critical roles of human factor and culture to the success of cyber security endeavours.
  • Elements for building and executing fit-for-purpose and comprehensive cyber security strategies.
  • Mastering differentiating skills and brand building, including writing, storytelling, networking, and communication for continued professional and personal career growth and success.

About the author

The author, Chirag Joshi is a Cyber Security Executive, Keynote Speaker, Board Director, Podcaster and Author. He has an ambitious goal to enable human progress through trust in technology. To accomplish this, he wants to help build a world where there is trust in digital systems, protection against cyber threats, and a safe environment online for communication, commerce, and engagement.

Joshi also authored the book 7 Rules to Influence Behaviour and Win at Cyber Security Awareness which has been purchased in over 11 countries across the world.

During the course of his career spanning multiple sectors and countries, he has built, implemented, and successfully managed cyber security, risk management, compliance, and awareness programs. The success of these programs was a result of unyielding focus on business priorities, a pragmatic approach to cyber threats, and, most importantly, effective stakeholder engagement.

Updated on Oct 5, to include additional notes presented in bullet point form.

7 Rules To Become Exceptional At Cyber Security:
A Practical, Real-world Perspective For Cyber Security Leaders and Professionals

Author: Chirag D. Joshi

Available on

Available on Kindle.


Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
Why Landing On The Moon Is Difficult

Landing an uncrewed vehicle on the surface of the moon or any planet is not easy; space institutions have made multiple attempts after seeing their spacecraft crash on the surface.

Similar Articles