George Finney, ESQ., has worked in Cybersecurity for over 15 years and is the author of No More Magic Wands: Transformative Cybersecurity Change for Everyone. He is currently the Chief Information Security Officer for Southern Methodist University where he has also taught on the subject of Corporate Cybersecurity and Information Assurance. Mr. Finney is an attorney and is a Certified Information Privacy Professional as well as a Certified Information Security Systems Professional and has spoken on Cybersecurity topics across the country.
Tell us about your book.
Much of what is written about Cybersecurity focuses on technology or compliance, so I wanted to write a book that was approachable and understandable by everyone. No More Magic Wands is a book for non-technical managers or executives inside corporations to help them better understand the basic concepts of Cybersecurity and how they can play a role in protecting their companies from cyber criminals. The book tells the fairy-tale story of a company using a case study model, with each chapter giving a new lesson for readers to digest.
Why did you choose to self-publish?
For me, self-publishing was a great way to help me finish writing the book, and to give me the incentive I needed to put everything I had into making the book the best it could be. If I had waited to find an publisher or to hope someone else would edit it for me, I wouldn’t have finished the book and it wouldn’t have lived up to my vision.
What did you learn on your journey as an author?
After spending most of my career in Cybersecurity, it was astonishing to see how much my perspective matured because of writing this book. Many of the concepts or practices that I took for granted, I challenged, and I found better ways to approach those issues. It has made me appreciate the advice “write what you know” in a whole new way. Writing the book also forced me to put my money where my mouth is, so I’ve been challenged to put my own advice into action, which has been extremely rewarding.
I’ve got a full time job and then some, so finding time to write every day is a huge challenge. I would write down notes into my phone randomly as inspiration struck me during the week. Then, on the weekend, I blocked off one morning and would spend about an hour compiling all the notes, and would spend another hour or two writing and editing. After I built the story and got to a place where I was ready to make a lot of progress all at once, I would take a week of vacation. The thing that really helped this schedule to work for me was building a good outline in the beginning.
What tips can you give other authors looking to self-publish?
Self-publishing is so easy, you can forget that you need to put a lot of work into getting the word out, aka marketing. Making a great book is only the first step and without a publisher, you’ll need to be ready to take that work on yourself.
Why did you want to write a book?
I wanted to tell a story that would reach ordinary people. Bookshelves are crowded with books on the technical aspects of security, or hacking, or reference manuals on compliance. But all this misses perhaps the most important group of people that need cybersecurity knowledge the most: CEOs, managers, everyone outside of the security world.
Tell us about the genre you wrote in, and why you chose to write this sort of book.
I know a lot of people think of my book as a Cybersecurity book, but it’s not extremely technical like most other books in that genre. I think of it as book on business or personal development. There are a few management books that are really special: Who Moved My Cheese or The One Minute Manager. What makes them timeless classics is that they don’t tell you about management, they show you.
What are your plans now your book is published?
I’ve head that reading one book a week on a subject will make you an internal expert in your field in a few years. This process is only accelerated with all the work, soul searching, and critical thought that goes into writing a non-fiction book. For a while, my hope was that the book would help propel a career in consulting, but after I published I am considering starting a company around some of the core concepts in the book.
What have you learned from this experience?
Going through the process of writing the book helped me discover what is really important to me in my own career and how that connects to Cybersecurity. I feel like I have a direction that I couldn’t have envisioned just 12 months ago. And it didn’t start to happen until I pressed the “publish” button.