For most professionals not directly involved in the realm of cybersecurity, reading a book on the topic might sound like a cruel and unusual form of punishment. However, the reality is that everyone who regularly uses technology, social media, wireless internet and other staples of modern life should have some modicum of understanding of the issue. In No More Magic Wands, author and cybersecurity expert, George Finney, takes an extremely unique approach to educating the masses on this critical topic, but it may just be strange enough to work.
Through an extended allegory, Finney shares his more than 15 years of cybersecurity experience with readers, mirroring the trials and tribulations of a real-world corporation with a magical wand-making company that has been mercilessly hacked. At first glance, the premise seems outlandish – even condescending to readers. However, the level of comprehension that most people have when it comes to cybersecurity is limited, so breaking things down to their simplest form is required.
Magical elves, enchanted forests, talking forest animals, leprechauns and astronauts soon give way to discussions about firewalls and various strategies to restore the wand-making company to its prior level of security. While the plots of these short, parable-like stories can often be weak, with language that is unnecessarily choppy and simplistic, the underlying point that Finney tries to make is strong, and relevant to readers’ needs, such as rapidly identifying malicious activity on your network, familiarizing yourself with the types of attacks your company has handled and succumbed to in the past, and creating training opportunities for employees regarding cybersecurity.
There are excellent summaries at the end of each chapter, with the key takeaways that can be applied to your own company and behaviors regarding cybersecurity, breaches, and the appropriate responses to such infringements on privacy. Many of the concepts are surprisingly simple, yet they come across as profound for those who have only ever viewed cybersecurity issues as “above their head” or “someone else’s responsibility.” Perhaps the most important lesson that Finney shares in these pages is the idea that everyone in a company, community, social circle or even nation has some accountability and responsibility to participate in cybersecurity.
As the title suggests, in clever double meaning, there has never been a magic wand that can suddenly wipe away all the security risks or damage done by hackers or malware; one needs to be proactive as a member of the online community to report breaches, pay attention to the sites you choose to visit, and be honest about your activities online (risky or otherwise). In other words, cybersecurity isn’t just about tech, it’s about awareness.
It’s a quick read with a minor number of grammatical errors, but a good editorial polish to make the stories/parables a bit more fluid and entertaining could make this a 5-star book. However, despite the book’s few failings, the purpose of Finney’s approach is clear. For those people who are completely in the dark regarding cybersecurity, as well as their own potential to participate in this critical field, No More Magic Wands is the book that can put them in the proper frame of mind.