Daniel Lohrmann - Cyber Mayday and the Day After: A Leaders Guide to Preparing, Managing, and Recovering from Inevitable Business Disruptions

1. Chapter 2
2. Chapter 8
3. Chapter 11

This is the first practical book on cybersecurity I could not put down it wouldn't let me. It is filled with easily relatable true stories and facts. It's exceptionally well-written and engaging, and nearly every page contains a gem of practical advice. This work is simply indispensable for all public managers to read, absorb, and act. Lohrmann's and Tan's frontline cyber experience brings years of collective wisdom together into one wonderful fact-filled book that one will treasure and will want to always have by their side.

Dr. Alan R. Shark, Executive Director of CompTIA's Public Technology Institute (PTI)

Most leaders I speak with have cybercrime headlines fatigue. We all need a guidebook and to know we are not alone. A must-read on every leader's list is the collaborative book project by Dan and Shamane; they hit it out of the park with Cyber Mayday and the Day After! This is an extraordinary book, brilliantly put together for today's leaders as our modern world of cyberattacks does not discriminate between businesses and individuals. They have done a splendid job in storytelling and capturing battlefront lessons, revealing degrees of knowledge and wisdom in such a riveting way.

If you are in the cybersecurity industry, a business leader, or an executive, this is the book you should read next. Readers will walk away with insights and knowledge gathered from behind the scenes. They summarize their findings in an effective guide to preparing, managing, and responding to future cyber maydays.

Theresa Payton, The White House's first female CIO, author of Manipulated, CEO of Fortalice Solutions

Cyber Mayday and the Day After is a book that everyone who cares about the survivability of their business should read. The insights and suggested approaches to the vast problem we face in setting up our defenses and better responding to cyberthreats in this book are top-notch. The authors have made a complex problem clear and easy to understand and have based their guidance on methods that make a difference. To be blunt, read this book now!

Dr. Chase Cunnnigham, cybersecurity expert, known as Dr. Zero Trust, author of Cyber WarfareTruth, Tactics, and Strategies and the new novel gAbrIel

In my long career in cybersecurity, I have read and written about incident response, what it is, and why CISOs and their businesses should care. In Cyber Mayday and the Day After authors Daniel Lohrmann and Shamane Tan take it a step further and provide an exceptional guide on how businesses today can prepare and survive an incident. It is well-written with excellent insight into what it takes for security and business leaders to be resilient. I really enjoyed the chance to read this book and believe it will be an excellent resource for our community.

Gary Hayslip, CISO of Softbank Investment Advisors

As organizations face the continual onslaught of cyberattacks, leaders need a practical guide to understand where to start, how to prioritize, and what to do when the inevitable breach occurs. The amount of data available today describing what leaders can and should do is overwhelming. Cyber Mayday and the Day After provides a roadmap with specific examples, where leaders can learn from their peers and chart a course that fits their organizations to ensure that they are prepared for today and tomorrow. The book is a must-read for business and government CIOs, CISOs, and other government leaders.

Teri Takai, Executive Director of the Center for Digital Government, former CIO for the U.S. Department of Defense (DoD), and former CIO for the states of California and Michigan

Dan Lohrmann and Shamane Tan have written a truly important book on what to do when cyber calamity inevitably strikes. It is both an extensive resource and an operating manual for anyone in cybersecurity leadership roles (plus anyone connected online). With the growing digital ecosystem of billions of devices and sensors, we are all potential (and likely) targets of sophisticated hackers abetted by automated technologies searching for cyber vulnerabilities. Their book provides strategies and plans for gap analysis, incident response, and especially resilience. Disruptive breaches are going to happen no matter what. Reading and keeping Cyber Mayday and the Day After: A Leader's Guide to Preparing, Managing, and Recovering from the Inevitable as a ready reference is indispensable.

Chuck Brooks, President of Brooks Consulting International, Georgetown University Adjunct Professor, Named Top Tech Person to Follow by LinkedIn

Loved the book! In a world of never-ending shock statistics and cyber doom mongering, Shamane and Dan combine the power of storytelling and practical checklists in a refreshing way to help cyber and risk management professionals increase their cyber resilience. Read the airport data leakage or CISO hire-gone-wrong examples in and ask yourself, Could that be my company? If so, I highly recommend that you read the rest of the book. Learn from it. Apply the many resilience blueprints. And then share it with someone you care about.

Written in their usual engaging and deceptively simple style, Cyber Mayday and the Day After is an invaluable reference guide for today's cyber risk management community.

Ellie Warner, Global Head, Training and Awareness, Trust Data and Resilience, Standard Chartered Bank

Writing a book on cybersecurity is a tricky business. It could dive into low-level technical details or float too high, proffering overly general advice, either way losing the reader. A practicing or aspiring CISO is looking for pointers to prevent, manage, and recover from cyber incidents. This book, organized in three sections of pre-attack preparation, on-attack actions, and post-attack recovery, hits the sweet spot by driving home the points through context-appropriate case studies presented in lively prose. The case studies presented by the authors, mostly from recent times, offer a rich trove of knowledge for any security practitioner. The authors have taken the extra step of interviewing the CISOs in these case studies and brought out subtle nuances of their thought processes and how they execute their actions. This easy-reading book is a must in every security practitioner's bookshelf.

Dr. Siva Sivasubramanian, Chief Information Security Officer, Singtel Optus

DAN LOHRMANN AND SHAMANE TAN

Copyright 2022 by John Wiley & Sons, Inc. All rights reserved.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Published simultaneously in Canada.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.