How Cybersecurity Really Works
A Hands-On Guide for Total Beginners
Sam Grubb's gentle, exercise-driven introduction for non-specialists who need a working mental model of attacker behaviour and basic defence.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Sam Grubb
- Published
- 2021
- Publisher
- No Starch Press
- Pages
- 216
- Language
- English
Read this if
Non-engineers who need the field demystified. Grubb is the gentlest serious introduction in print: malware, phishing, network attacks, defenses, all explained in plain language without dumbing down.
Skip this if
Engineers, IT people, or anyone who already understands how the internet works. The book assumes nothing; for technical readers it'll feel slow.
Key takeaways
- The chapter on threat modeling for individuals (not companies) is the one most teachers steal from: how to think about your own digital risk.
- The hands-on labs at the end of each chapter make the book usable for actual classroom teaching, not just self-study.
- Strikes the rare balance between respects-the-reader and explains-what-an-IP-address-is. Most beginner books fail one or the other.
Notes
Best book to give a parent, partner, or non-technical coworker. Pair with the user-facing chapters of Security Engineering (Anderson) for the deeper version, or with Foundations of Information Security (Andress) for the next step toward engineering depth. Grubb's tone is calm and respectful; the book makes a believer.
What to read before
What to read before How Cybersecurity Really Works →Beginner · 2019
Foundations of Information Security
Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.
Beginner · 2019
The Pragmatic Programmer
Thomas and Hunt's career-defining set of practical heuristics for writing software professionally — orthogonality, broken-windows, DRY, tracer bullets, and the underlying argument that craftsmanship is a posture, not a process.
Beginner · 2020
Alice and Bob Learn Application Security
Tanya Janca's hands-on AppSec primer covering threat modeling, secure design, secure coding, testing, deployment, and the social side of running an AppSec program — through a friendly, narrative-driven structure.
What to read next
What to read after How Cybersecurity Really Works →Intermediate · 2022
Cybersécurité
Solange Ghernaouti's broad academic survey of cybersecurity — risk analysis, governance, technical and legal dimensions — the standard French university reference, now in its 7th edition.
Beginner · 2019
Foundations of Information Security
Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.
Advanced · 2013
Sécurité informatique
A principles-first treatment of information security for DSI, RSSI and sysadmins — architecture, cryptography, network defence and security policy — from two veteran French practitioners.
Explore similar books
Alternatives to How Cybersecurity Really Works →Beginner · 2019
Foundations of Information Security
Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.
Intermediate · 2022
Cybersécurité
Solange Ghernaouti's broad academic survey of cybersecurity — risk analysis, governance, technical and legal dimensions — the standard French university reference, now in its 7th edition.
Advanced · 2013
Sécurité informatique
A principles-first treatment of information security for DSI, RSSI and sysadmins — architecture, cryptography, network defence and security policy — from two veteran French practitioners.