Confident Cybersecurity by Dr. Jessica Barker - A Book Review
Posted on February 23, 2025 • 3 minutes • 596 words
Table of contents
The Book and the Author
Dr. Jessica Barker is a professional with over a decade of experience in cybersecurity. Her expertise focuses on human factors in the field. She has made speeches for NATO, Gartner, and many media corporations. She is the author of “Hacked: The Secrets Behind Cyber Attacks”, published in 2024, and co-author of “Cybersecurity ABCs”, published in 2021. Her books are available for purchase on Amazon. There is also an official website for the book: ConfidentCyber.com
She published her book in 2020. The book has five parts: First, she explains the concept of cybersecurity. The second part dives into the technical aspect. In the third, she focuses on the Human factor. In the fourth, the physical element is discussed. In the fifth and last part, she shares her and some other experts’ comments regarding the future of cybersecurity and its potential impact on different professions.
I want to cite certain points from her book:
Citations from the book
…constantly operating outside of your comfort zone can contribute to stress, burnout and further mental health challenges. (p.20)
….if an application has the ability to retrieve an image on your server, such as your profile image, an attacker could potentially exploit SSRF to retrieve a different file from the server which they would not ordinarily be authorized to see. (p.55)
In November 2022, one year after Log4Shell was discovered by Alibaba, Tenable reported that they had found that 72 per cent of organizations remain vulnerable to the Log4Shell vulnerability. (p.58)
We’re not protecting technology for the sake of the technology, or even protecting information for the sake of the information. We are doing it, ultimately, to protect people. To protect their finances, their jobs, their identities and sometimes even their physical safety. (p.63)
When an individual or organization is affected by ransomware, they can visit www.nomoreransom.org to access decryption tools for many different types of ransomware. (p.98)
It is vital that organizations build a cyber security culture in which people understand the importance of reporting phishing emails and feel safe that they can do so without fearing becoming the scapegoat. (p.101)
Another downside to both of these systems is when the wearer does not remove the badge and lanyard when they leave the building. This allows them to be identified, opening an opportunity for social engineering, and also enables an attacker to steal or replicate the badge if they are seeking access to the site. (p.106)
…we can be sure that cyberspace will increasingly be used by nation states as part of geopolitical conflict. (p.146)
Situational awareness: This is a baseline for anyone wanting to enhance their level of security. Situational awareness often comes down to observational skills, having an understanding of what is happening around you and the potential impact of that. (p.176)
The final piece of advice I’d give my younger self is this: no man or woman achieves anything great on their own. It always takes a community to truly make lasting change happen. (p.183)
Conclusion
That book has a good answer if you’re looking for a broader perspective on the field and a reference. We can not distinguish the people factor from any security programs. Dr. Barker’s expertise gives good insights for every security professional interacting with people in their organizations. It’s easy to blame users for unsafe behaviour or policy violations. However, if that is due to a lack of education and training, the security personnel should reconsider their education programs for those personnel.
Thank you, Dr. Barker, for your work in the field to help protect people in cyberspace.