Acknowledgments

I have a lot of people to thank for this book, because without them it would have never been possible. My wife and son have my love and gratitude for their unwavering support through the research and writing process. Their understanding every time I had to disappear into the study for hours on end still amazes me, and I feel very lucky that they had my back.

I wish to sincerely thank all my colleagues who contributed to the book in one way or another. Doug Dexter, Mike Burg, Caroline Wong, and Craig Blaha wrote great case studies, and the book benefits enormously from this diversity of practitioner input. I’m also grateful to Joel Scambray for contributing his thoughts and insights in writing a very generous foreword. Caroline Wong did double duty as my technical reviewer, and I want to thank her for the many insights and constructive critiques she provided as I was writing. Several topics in the book grew out of experiences that Mike Burg and I shared working on various projects, and I owe him big time for his feedback. Thanks also to Pablo Salazar, who runs the SPA team at Cisco, for ideas that emerged from our many conversations on topics as varied as measurement in other industries, translating academia to the real world, human security behaviors, the Panopticon, and numismatics. And finally I want to sincerely thank David Phillips, my boss at Cisco, who steadfastly supported and encouraged me to make this book a reality.

Many of the concepts and techniques in this book grew from my doctoral program experiences at UT Austin, and I owe a debt of gratitude to my dissertation committee, particularly to my co-chairs Dr. Phil Doty and Dr. Mary Lynn-Rice Lively. These scholars taught me to be a social scientist and researcher, and they impressed upon me that exclusively focusing on quantitative or qualitative methods simply commits one to ever understanding only half of a question. The iSchool at the University of Texas has been my academic home for many years, and I want to express my appreciation to the mentors, colleagues, and students who have enriched my thoughts and my life time and time again.

I want to thank the team at McGraw-Hill who brought this book to fruition. My acquisitions editors, Jane Brownlow and Megg Morin, were wonderful, believing in the book and providing constant advice and support. Acquisitions coordinator Joya Anthony ran an incredibly tight ship, keeping me and everyone else on target and on time. And thanks to the excellent copyediting from Lisa Theobald and team who provided sharp eyes and great suggestions for improving the writing in the chapters, as well as to Vastavikta Sharma and everyone at Glyph for bringing the book to print.

Finally, I want to express my gratitude to the many security authors and practitioners who have inspired me and to the readers of the book who are the ultimate arbiters of its success. I hope you find it interesting and useful and that it serves its role as one more voice in the ongoing conversation about measuring and improving our security.