While I was at ETCon, I picked up a copy of Stealing the Network: How to Own the Box. A friend of mine, John Elsey, recommended the book to me at dinner last week and so I was looking for it. From the title, you'd think this is an instruction book, and it is in a way, but with a twist.
How to Own the Box is written as a series of vignettes into the activities of ten fictional white-hat and black-hat hackers. While the stories are fictional, the commands are real. The book contains detailed information on tricks, techniques, tools and even the right options to use. The book is so interesting and enjoyable, that I started reading it on the plane home and couldn't put it down.
If you're a CIO or IT Director I urge you to read this book. If you don't know much about security and hope the people on your team are handling it, then you must read this book. You'll at least come away scared. You probably also come away overwhelmed, but you'll also come away much more knowledgeable about the threat and that's a step in the right direction.