The Book

About the Book

About the Book

Over the years we’ve seen the digital security profession transformed into an ­overhyped­ and­ fuzzy­ domain­ that­ is­ often­ referred­ to­ as­ cybersecurity.­ Since­ many­ authors­ have­ written­ a­ great­ deal­ on­ this­ subject­ in­ books,­ journals,­ and­ social­­ media ­blogs,­ our ­aim ­here ­is ­to ­enrich ­this ­field ­with ­our ­opinions, ­viewpoints,­ and­ expertise.­

Thanks­ to­ a­ combined­ total­ of­ forty-five­ years­ of­ experience­ – ­experience ­from ­our ­academic ­back grounds ­as ­well ­as ­from ­our ­work ­as­ security­ and­ tech­ leaders­ –­ we­ are­ able­ to­ focus­ on­ things­ that­ should­ work­ in­ theory ­but ­fail ­in ­practice ­due ­to ­all ­kinds ­of ­intangible, ­“silent” ­factors. ­

Our ­intention­ is­ not­ to­ be­ exhaustive,­ nor­ to­ criticize­ others,­ but­ to­ shed­ fresh­ light­ on ­crucial ­cyber-related ­allies, ­enemies, ­and ­issue ­that ­are ­rarely ­taken ­into ­account ­and ­talked ­about, ­but ­we ­believe ­you ­should ­know ­to ­help ­you ­combat ­the­ silent ­enemy­ of ­digital ­security.­

Download Here a short abstract of the book, including the table of contents, or press "Read More" to learn more about the sections of the book.

Contents of the Book

Making digital security a success is about more than implementing the latest security technologies or complying to the security "best practices" or IT governance frameworks.

This section is not only about the leader, e.g. the CISO, it’s also about how to lead the company through the cybersecurity challenges and how the CISO role emerges to a Chief Information Security Orchestrator balancing and leading multiple stakeholders. We will not come up with a new organizational design of the security system since we don’t think that this is a key differentiator to make information security a success.

In digital security the term strategy is often mixed up with plans and the execution of the strategy is lacking. Not because the identified technical improvements aren’t correctly identified, but because the strategy process and content itself is insufficient. Or the people executing the strategy lack the capabilities we have identified.

Changing the people working in digital security and the people who need to act in a secure manner. Because in order to make the human factor stronger, significant changes need to be made. These changes will ideally come from the intrinsic motivation that people want to do well. But why are people resisting this change? Why is it that this current technocratic approach mainly results in more resistance?

We will not design a new governance framework to manage risk, but we will give some tangible practices and metrics to measure and govern your digital security as well as the way to work practically and proactively with your governance, including regulators. Effective governance is about fact-checking, presenting and quantum communicating (communication needs to be done more intensively to keep everyone moving toward the collective destination)

All change has financial consequences that stakeholders want to know about and understand. We urgently need to move away from the Fear, Uncertainty and Doubt (FUD) decision-making and ostrich politics where decision-makers rely on others since “they don’t understand it or don’t want to understand it.” With economic models we bring more rational arguments, which enables more balanced decision-making and in the end more “bang for your buck.”

In the sixth section we discuss a possible digital security future in Trending, because as a wise man once said: “It’s not the strongest of the species that survives, nor the most intelligent that survives. It’s the one that is most adaptable to change”.

Where to Buy the Book

Corence Klop
Chief Information Security Officer (CISO)

When starting in my new CISO role, the book gave me an overview of key topics to consider. It learned me a lot about relevant leadership skills and how to behave in order to become successful as a CISO. By providing insights into relevant research it gives input for decision making and how to approach challenges I encounter.

Prof. Ron Meyer
Managing Director, Center for Strategy & Leadership
Professor of Strategic Leadership, Tilburg University, University of Antwerp

The approach taken by Bobbert and Butterhoff is unique and powerful in three mutually reinforcing ways. First, their approach to digital security is organizational rather than technical. The second distinguishing characteristic is that Bobbert and Butterhoff’s approach is strategic rather than operational. The third aspect of the authors’ approach, complementing their organizational and strategic perspective, is that they make digital security an organization-wide issue instead of only a topic for the IT department.

Digital security as organizational, strategic, and company-wide – make this book a “must read” for any manager involved in the topic of digital security, which in the digitalizing world basically means almost all of us. So, it’s time to put on your seatbelt on and enjoy the ride.

Amir Arooni
Board member and CIO at Discover Financial Services (DFS)

“Security is a complex topic and the authors brought the essentials and the complexity to me in a very understandable, usable and completing style.” Very exciting read, especially because the authors wrote the chapters from a practical perspective with a nice balance of academic and creative models. You can apply the “takeaway messages” immediately.

Prof. Hans Mulder
European Research Director of the Standish Group, Boston, USA

Leading Digital Security offers more than a dozen smart ways to combat the silent enemy; this book – just like Sun Tzu’s ‘Art of War’ – teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; nor on the chance of his not attacking, but rather on the fact that we have made our position unassailable. This book is a “must read” for professionals and students in the field of digital security.

Prof. Steven de Haes
Dean at Antwerp Management School

In many boardrooms and leadership teams, digital security is a key topic on the agenda. And, considering the rapid digital transformation of our society, its importance will only increase in the years ahead. Boards and leadership teams are aware of the challenges we face, but often seek guidance that is both robust and relevant. The authors of this book have responded to that call by writing a must-read reference guide that connects theories and models to practical instruments and approaches in the field of digital security.

Willie Appel
IT Leadership Coach and Presence Advisor

In our recent past, the “burning platform” was often technology. We needed to make the leap from mainframes to client-servers to PCs to mobile, and beyond. Today, the burning platform has moved to leadership. We are building a new business platform that requires genuine lead- ership, a platform that will empower and enable us to lead information availability and the underlying technology. A style of leadership that can turn data into a real asset with honesty, integrity, openness, and transparency. We’ll need to unlearn some of the traits that brought us to the current CIO role and adopt new ways of looking at the world and the future.

The authors did justice to the statement above, they did jettison some of the old school traits, and in their skilled writers’ wake they leave us with a dozen time-tested solutions to assist us taking on the Digital Security responsibility, and own it, lead it, control it, handle it, master it, govern it, understand it, fund it, describe it, delete it, ignore it, outsource it, but still run it, live it and love it to CONQUER IT!

Mathias Bücherl
Group CISO
Heidelberg Materials AG

This book effectively dismantles the complexity often associated with Security, offering a holistic, straightforward approach to making it actionable within enterprises. Bridging theoretical models with accessible explanations empowers readers to launch an enterprise security program with ease and comprehension.

Authors of the Book

Read more about the authors

Yuri Bobbert
Yuri Bobbert

Yuri is a scientific tech-leader, CISO, Academic Director / Professor and has advised more than 300 companies, including NN Group as Head of Digital Security. Currently he is Chief Information Security Officer at ON2IT and Academic Director / Professor at Antwerp Management School (AMS) Visiting lecturer at the Cyber Security Academy (Leiden University / TU Delft). He has advised more than 300 companies, including NN Group and UWV as Head

Yuri Bobbert
Mark Butterhoff
Mark Butterhoff

Mark is a Management Consultant, Interim/Program Manager and Author with over 20 years of experience in Information Security, IT Audit, IT Management and Governance.   Mark has gained experience in various roles. He has a long history at KPMG, where he worked in information security, IT auditing, and management consulting. After that he worked for several years as program manager and interim manager restructuring and changing mainly IT organizations as

Mark Butterhoff

Want to Learn more about Leading in Digital Security?

Order now

Contact Us

Should you have any questions or want to book us for a talk, please send us an email of fill in the form.