Facing Cyber Threats Head On | Booz Allen Cyber Security

Facing Cyber Threats Head On

Protecting Yourself and Your Business
Facing Cyber Threats Head On
Brian Minick

About the Author

Brian Minick is a cybersecurity leader bringing forward-leaning managed detection, threat and mitigation expertise to clients in Booz Allen’s commercial market.

He has more than 15 years of diverse cybersecurity experience and leadership and prior to joining Booz Allen, Brian was the founder and CEO of Morphick, a Gartner-recognized Managed Detection and Response firm. He also served as the CISO at General Electric's (GE) Aviation, Energy, and Transportation businesses.

At GE, he was responsible for developing and implementing advanced cybersecurity strategies that protected GE's multi-billion-dollar infrastructure and resources worldwide. As the company’s infrastructure design leader, he led efforts to implement defense strategies to mitigate advanced persistent threats for the infrastructure supporting more than 122,000 employees worldwide.

Brian has also consulted with the White House and State Department on cyber policy and collaborated with the CIO of the Pentagon and members of the National Security Agency on cyber detection technologies.


News breaks all the time that hackers have attacked another company. Media outlets regularly cover cyber events. The President issues executive orders, and Congress explores cyber legislation. With all these events happening, business leaders must ask: what does this mean for my business and me?

Facing Cyber Threats Head On looks at cyber security from a business leader perspective. By avoiding deep technical explanations of “how” and focusing on the “why” and “so what,” this book guides readers to a better understanding of the challenges that cyber security presents to modern business, and shows them what they can do as leaders to solve these challenges.

Facing Cyber Threats Head On explains that technology is not the answer to cyber security issues. People, not technology, are behind emerging cyber risks. Understanding this brings to light that cyber protection is not a battle of technology against technology, but people against people. Based on this, a new approach is required—one that balances business risk with the cost of creating defenses that can change as quickly and often as attackers can. Readers will find here a ready resource for understanding the why and how of cyber risks, and will be better able to defend themselves and their businesses against them in the future.

Discussing Facing Cyber Threats Head On

At RSA 2017, SecureNinjaTV caught up with author Brian Minick to discuss his thoughts on cybersecurity, and his new book 'Facing Cyber Threats Head On'. The book deals with topics surrounding malware, malicious hackers, data breaches, and vulnerabilities in the cybersecurity world. 


Like many boys growing up, my friends and I used to play cops and robbers.  In that game you are either a “good guy” or a “bad guy” and I always liked being the good guy.  There was just something appealing about being the hero that could protect the innocent, stop the bad guys, and generally save the day.  While playing cops and robbers, we would invent elaborate and fantastical ways for the good guys to win.  They usually involved some level of super human strength and agility. 

As I got older I came face to face with the fact that I was not the super hero type.  In fact, I was more like the 90-pound weakling.  To further drive this point home to my developing mind, about this same time, I discovered that I’m a bit of a computer nerd.  My illusions of protecting people and saving the day were soon put behind me.  My cape would eventually be stuffed in the back of my closet with my safety blanket.

The upside to this is that I’m one of those people who have always known what they wanted to do when they grew up.  I got my first computer in the mid-80s and never looked back.  The only question in my mind was what exactly I would end up doing with computers.  Whether it would be writing programs for computers, teaching computer classes, or any of a large number of options in between, I wasn’t sure.  Generally speaking, I liked it all and would have been satisfied with any of them.

I spent a lot of time after college writing computer programs.  I loved solving problems for people by making computers do things that others couldn’t.  I still believe that computer programs are works of art.  Not only is there art and elegance in the algorithm, or the way the programmer instructs the computer, but the code itself and how it is formatted is artful as well.  At one point, I thought about printing some of my code and framing it.  Yep, that super hero cape was completely forgotten about and the dorky glasses and pocket protector had officially taken over.

Then, one day, something happened that forced me to dig deep into the closet and pull that cape out.  When I was first asked to be a cyber security leader, my primary directive was to keep bad guys from breaking into computers and stealing information.  It was like playing cops and robbers.  I was the good guy, once again trying to stop the bad guy and save the day, only this time it was for real.  To make it even better, the battleground was on computers.  I got to put on the cape and keep the pocket protector.  What could be better?

As a cyber security leader, I don’t really wear a cape, and for the record, I have never worn a pocket protector either.  However, myself and many other cyber security leaders like me do view ourselves as defenders of good.  In cyber security there really is a bad guy that is trying to break in, steal, harass, and take advantage of people.  It is the defender’s job to stop these bad guys.  I find doing that fascinating.

I personally find cyber security to be one of the most interesting topics.  It is not just good versus evil; it is not just technology against technology; it is strategy against strategy.  You have to out think the bad guy.  In some ways cyber security is like a chess game, and I love this element of the challenge.

As you read this book, we will explore not just the technical aspects of cyber security and how it got to be as large of a challenge as it is today, but we will also explore the personal nature of cyber security and how that needs to drive how we defend ourselves.  Cyber security is a rare discipline that combines technology with strategy.  I hope you come away from the book as intrigued and interested in cyber security as I am.


Ever wonder why the number of breaches continues to rise even though companies are now spending millions in cyber security? It is a chilling fact that most targeted attackers already know their cyber tactics will go undetected by all commercial security platforms. So what is a defender to do? Brian Minick's book Facing Cyber Threats Head On: Protecting Yourself and Your Business gets to the heart of this dilemma and provides a roadmap to success by changing how we think about cyber security. Minick provides real-world insight from his experience successfully defending the largest and most complex companies against the most advanced attacks the world has ever seen. A must read for all CIOs and executives responsible for implementing a successful cyber security program in any size company.

– Robert Schuetter, Chief Security Director, Ashland Inc.

A must read for “C-Level” executives as well as Corporate Board members. Brian Minick offers up some very clear insights into what is happening behind the digital walls in cybersecurity, and important guidance to the CIO and others on how to understand the motives, and respond to threats that are happening. This book is a must read!

– John M. Seral, Former CIO of five major GE businesses, IT Operating Advisor - Clayton, Dubilier & Rice

Every senior executive and board member of a publicly traded company should make Facing Cyber Threats Head On a must read. Brian Minick has done a service to the security industry by explaining complex security topics in an easy to read fashion. You will love the metaphors while comparing where the “bear” is relative to your organization.

– Brian Lawhorn, The Kroger Co., Corporate Vice President & Chief Information Security Officer