These are some of my favorite books - I hope you enjoy them as well! - Justin
Book Reviews
STOP THE CYBER BLEEDING
By Bob Chaput
An excellent book for people at all levels in Healthcare.
NAVIGATING THE DIGITAL AGE
A COMPENDIUM BY PALO ALTO
-
“Navigating the Digital Age,” 3rd edition (must provide personal information)
-
“Navigating the Digital Age,” 1st edition (no information required)
WHY ARE YOU MESSING WITH ME?
By Peter Warmka
Senior Survival Guide on Fraud, Privacy, and Security.
This book is engaging - it provides many real life stories to back up the need for the security best practices laid out here. The book covers a wide range of scams and criminal acts and will be useful for people of all ages. Thank you Peter Warmka for writting this book! It is truly essential in today's world.
Crisis Communications
By Steven Fink
The Definitive Guide to Managing the Message.
An excellent book for those who wonder how to manage messaging during a crisis. Crises are occurring at a much more frequent rate. How would you manage messaging for your Hospital if it were hit with ransomware, for example? The book provides great examples of the dos and dont's. Essential for every leader today.
GET THE TRUTH
Former CIA Officers Teach You How to Persuade Anyone to Tell All.
If you do any kind of investigations - either as law enforcement or as part of an internal Corporate team - the you definitely need this book. It is fascinating reading even if you don't do this kind of work. It provides a lot of useful points that you can use in the workplace even when you're not investigating alleged misconduct.
Just Listen
By Mark Goulston
"Discover the Secret to Getting Through to Absolutely Anyone"
As someone who tends to talk too much, I find this book to be essential. The tips in this book are useful for everyday life. For example, I like the chapter "Be More Interested Than Interesting" - Isn't it true that you would much rather speak with someone who shows an interest in you and really listens? That is much more desirable than the person who just talks about themselves and their interests. Even if they are the most interesting speaker and led the most fascinating life, you will leave that conversation feeling unfulfilled. There is also a chapter about making the other person "felt" that is truly useful.
Espionage books
Some of the Best Books on the Topic
"To Catch a Spy — The Art of Counterintelligence" by John Olson - He also includes an appendix listing the top books to read if you are in Counterintelligence.
​
"Wilderness of Mirrors" by David C. Martin - an inside look at the James Jesus Angleton years and how paranoia and mistrust can ruin an organization.
​
"Spymaster: My 32 years in Intelligence and Espionage against the West" by Oleg Kalugin. Picture at right: Justin Armstrong and Oleg Kalugin.
​
"The Sword and the Shield: The Mitrokhin Archive and the Secret History of the KGB" by Christopher Andrew and Vasily Mitrokhin
​
"Spycatcher: The Candid Autobiography of a Senior Intelligence Officer" by Peter Wright.
​
​"The Secret World" by Christopher Andrew
​
"Essentials of Strategic Intelligence", Textbook, Loch K.Johnson, Editor
​
"Body of Secrets" by James Bamford, history of the NSA.
​
"The Puzzle Palace: Inside the National Security Agency, America's Most Secret Intelligence Organization" by James Bamford
​
"The Shadow Factory" by James Bamford
​
"Exercise of Power — American Failures, Successes, and a New Path Forward in the Post-Cold War World" by Robert M. Gates, Director of Central Intelligence under George H. W. Bush
​
"From the Shadows" by Robert M. Gates.
​
"The Spy and the Trator" - by Ben McIntyre - The story of Oleg Gordievsky.
"A Spy Among Friends — Kim Philby and the Great Betrayal" - by Ben McIntyre
"Double Cross — The True Story of the D-Day Spies" by Ben McIntyre
​
"Deep Undercover" by Jack Barsky - the amazing story of a deep cover agent right here in America. "Jack Barsky" was a Soviet spy from East Germany who lived here secretly for years, even becoming the CIO of Met Life in New York.
"Circle of Treason - A CIA Account of Traitor Aldrich Ames and the Me He Betrayed" by Sandra Grimes and Jeanne Vertefeuille - there is an excellent mini-series based on this book called "The Assets."
"Spy Handler - The True Story of the Man Who Recruited Robert Hanssen & Aldrich Ames" by Victor Cherkashin with Gregory Feifer - the other side of the story!
​
"Gray Day: My Undercover Mission to Expose America's First Cyber Spy" by Eric O'Neill - just one part of the Robert Hanssen story, but worth reading.
​
"Broker, Trader, Lawyer, Spy — The Secret World of Corporate Espionage" by Eamon Javers
​
"The Code Breakers" by David Kahn - the complete history of Cryptography.
​
"The Cuckoo's Egg" by Cliff Stoll - A fascinating account of the first time someone tracked down a hacker.
​
"The Billion Dollar Spy" by David E. Hoffman
​
"The Book of Honor - The Secret Lives and Deaths of CIA Operatives" by Ted Gup - The stories behind some of the stars on the Wall at Langley...those who lost their lives in the line of Duty.
​
"Active Measures - The Secret History of Disinformation and Political Warfare" by Thomas Rid.
​
I list these next few books here because these are the practical application of espionage and counterintelligence techniques in the workplace - detecting insider threat and fraud.
​
"The Art of Intrusion" and "The Art of Deception" by Kevin Mitnick
​
"The CERT Guide to Insider Threats" by Cappelli, Moore, and Trzeciak
​
"Fraud - Bringing Light to the Dark Side of Business" by W. Steve Albrecht, Gerald W. Wernz, and Timothy L. Williams.
​
"Investigator and Fraud Fighter Guidebook" by Charles E. Piper
​
"Anatomy of a Fraud Investigation" by Stephen Peneault
Technical Guides
-
Australian Signals Directorate - Cybersecurity Resources
-
Essential Eight – Eight best practices that prove to be most effective.
-
Information Security Manual – Lots of useful detail for the team!
-
DNS: https://www.quad9.net/ - Use quad9 for your DNS.
-
Windows Local Administrator Password Solution (LAPS) -https://learn.microsoft.com/en-us/windows-server/identity/laps/laps-overview
Incident Response Resources
-
DHS Cyber Tabletop Exercise (TTX) for the Healthcare Industry — A complete set of materials for running a TTX, including planning documents, presentation, online references, and more.
Crisis Management
-
ASPR (Administration for Strategic Preparedness & Response) TRACIE (Technical Resources, Assistance Center, and Information Exchange) provides many excellent resources on a wide variety of emergency preparedness topics, and you can subscribe to their listserv.
-
Carnegie Mellon “Guide to Effective Incident Management Communications” is a good place to start.
-
IBM’s Cyber Range in Boston provides a very realistic way of experiencing a cyber-attack and seeing how you and your team respond.
Industry Reports
These reports can be useful when you need to make the case to executives for
implementing specific security programs and controls.
-
The Verizon Data Breach Investigations Report (DBIR) – this report has been accepted as the best source of data - https://www.verizon.com/business/resources/reports/dbir/
-
Crowdstrike Global Threat Report — https://www.crowdstrike.com/resources/reports/?lang=1
-
Cybereason “Ransomware: The True Cost to Business” Annual Report —https://www.cybereason.com/ransomware-the-true-cost-to-business-2024
-
IBM Cost of a Data Breach Report — https://www.ibm.com/reports/data-breach