How Cybersecurity Really Works
A Hands-On Guide for Total Beginners
Sam Grubb's gentle, exercise-driven introduction for non-specialists who need a working mental model of attacker behaviour and basic defence.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Sam Grubb
- Published
- 2021
- Publisher
- No Starch Press
- Pages
- 216
- Language
- English
Read this if
Non-engineers who need the field demystified. Grubb is the gentlest serious introduction in print: malware, phishing, network attacks, defenses, all explained in plain language without dumbing down.
Skip this if
Engineers, IT people, or anyone who already understands how the internet works. The book assumes nothing; for technical readers it'll feel slow.
Key takeaways
- The chapter on threat modeling for individuals (not companies) is the one most teachers steal from: how to think about your own digital risk.
- The hands-on labs at the end of each chapter make the book usable for actual classroom teaching, not just self-study.
- Strikes the rare balance between respects-the-reader and explains-what-an-IP-address-is. Most beginner books fail one or the other.
Notes
Best book to give a parent, partner, or non-technical coworker. Pair with the user-facing chapters of Security Engineering (Anderson) for the deeper version, or with Foundations of Information Security (Andress) for the next step toward engineering depth. Grubb's tone is calm and respectful; the book makes a believer.
What to read before
What to read before How Cybersecurity Really Works →Beginner · 2019
Foundations of Information Security
Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.
Beginner · 2019
The Pragmatic Programmer
Thomas and Hunt's career-defining set of practical heuristics for writing software professionally — orthogonality, broken-windows, DRY, tracer bullets, and the underlying argument that craftsmanship is a posture, not a process.
Beginner · 2020
Alice and Bob Learn Application Security
Tanya Janca's hands-on AppSec primer covering threat modeling, secure design, secure coding, testing, deployment, and the social side of running an AppSec program — through a friendly, narrative-driven structure.
What to read next
What to read after How Cybersecurity Really Works →Beginner · 2019
Foundations of Information Security
Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.
Intermediate · 2021
Designing Secure Software
Loren Kohnfelder, the original PKI author, on how to weave security thinking through requirements, design, implementation and operations rather than bolt it on at the end.
Intermediate · 2012
Practical Malware Analysis
Still the gold standard textbook for static and dynamic malware analysis on Windows.
Explore similar books
Alternatives to How Cybersecurity Really Works →Beginner · 2019
Foundations of Information Security
Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.
Beginner · 2019
The Pragmatic Programmer
Thomas and Hunt's career-defining set of practical heuristics for writing software professionally — orthogonality, broken-windows, DRY, tracer bullets, and the underlying argument that craftsmanship is a posture, not a process.
Beginner · 2025
Linux Basics for Hackers
OccupyTheWeb's introduction to Linux from the angle that hackers and pentesters actually need it: shells, networking, scripting, and Kali tooling.