Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it is an argument he builds methodically across 17 chapters that draw from organizational psychology, change management, and usability research.
About the author
Leron Zinatullin is the CISO of Constantinople, a provider of AI-native banking. He’s also a speaker and advisor to startups. He has led large scale, global, high value digital and security transformation projects to improve cost performance and support business strategy.
Inside the book
The book divides roughly in half. The first half covers risk management, communication, decision-making psychology, stakeholder influence, and change management. The second applies that groundwork to policy design, usability, culture, and behavioural change. Chapter 7 closes the first half with the FBI Crisis Negotiation Unit’s behavioural change stairway model to make the point that influence requires investing in listening and rapport before attempting to change behaviour.
Chapter 9 is among the book’s more instructive sections. Zinatullin walks through…
