These Two Books Explain How to Fix Our Broken Security Industry

Organizations spend billions each year on security, but much of that spend is on the wrong things. These books will point you in the right direction.

  • Roger A. Grimes
  • CSO
  • April 4, 2019


Bruce Schneier’s Click Here to Kill Everybody

Bruce has been looking at the problems and solutions for decades. Across his career, he tends to focus on the very basic, underlying, foundational issues such as human biology or the larger, strategic issues around how countries and their governments should try to fix the problems. His latest book, Click Here to Kill Everybody: Security and Survival in a Hyper-connected World, focuses mostly on the latter. It’s his ultimate capstone book from decades of looking at the problems, analyzing how governments are trying to improve things, and what it would take to really get progress.

I don’t think anyone is better situated to see the big picture and know what the real solutions are. Bruce is a realist. He not only talks about the best possible solutions, but paints a picture of what he thinks, given the world’s governments, is really possible. I have no doubt that any country, culture or government that implements his solutions will be stronger for it. Any entity ignoring his advice is going to suffer worse problems and pain than they could have along the journey.

You should read these books to really understand the problems of and solutions to our failed industry. Interestingly, they don’t overlap much. Each presents its assessment of the problems and what the fixes are. What they agree on is that what we have been doing for over three decades is not working. We need radical transformation to fix our broken industry. It will be fixed one way or another. The only question is if it will happen because of thoughtful, considered planning or in response to some global pandemic compromise.

Categories: Click Here to Kill Everybody, Text

Sidebar photo of Bruce Schneier by Joe MacInnis.