On Writing A Security Book

Going back 15 years, every time we would be doing a security project and we would see something absurd, I would always say “write it down for your next book.” I’ve been saying it ever since. I had this goal of writing a book about all of my security escapades. Every torrid security story — anonymized — but retold in a riveting manner. I envisioned a 300 page hardcover novel published by Random House.

Then I realized that I wasn’t telling those stories very often. I was usually telling stories about how I grew my career or, in particular, what was good advice on growing their career. As some people can attest to, I’d usually say “did I tell you this already?” I felt like I was repeating the same stories over and over again. I started writing these down as blog posts. Many of them appeared on JaySchulman.com in various forms.

At the same time, I looked for books, blogs and other resources on growing your information security career. I found almost none. I asked my network why no one was writing security career advice and universally everyone said “because no one has time.” As a result, I’ve focused my hobby time for the past few months on putting all of these ideas on paper. The result is a book on how to grow your information security career.

The concept is that there are three parts to your career. A foundational part where you have to get good at what you do. A managerial component where you’ll need to not only do your job but manage people as well. And then an executive role where you’ll not only communicate to technology people but to business and non-IT executives.

Back in 2000 when I originally decided to write a book, it wasn’t an simple as throwing words into a document. You needed a proposal. Someone had to like the proposal and think it was a profitable book to create. You’d spend a year or longer writing and editing this massive piece of work. Then people would have to buy the book at $15 or maybe even $45. I laugh today thinking that someone would spend $20 on some goofy security stories.

This Monday I will be a published author through Amazon.com.

My objective in writing this book is not to make money, although Amazon.com forces me to charge a price for the book. (There will be 3 days when the book is available for free.) My goal is to serve two purposes:

1. Provide my point of view on what it takes to grow an information security career.
2. Start a dialogue on how to grow an information security career. Back to my earlier point, there are so few books on security career growth. I’m hopeful that others will join the conversation on what it takes to succeed in information security.

On Monday, I will officially release my new book, Building a Life and Career in Security: A Guide from Day 1 to Building A Life and Career in Information Security. It’s available for pre-order for $2.99 as an eBook and $6.99 in paperback today at Amazon.com. No matter where you are in your security career, I hope that you will find one takeaway. I can’t imagine anyone not getting $3 worth of advice out of the book. Encourage others to read it as well. And especially for those to may disagree with my philosophy, encourage them to write and speak on growing their security career.

More about the book on Monday.