I had the privilege of being a reviewer for this book before its release, and I read it again once it hit the shelves. Michael—who is not just a talented author but also a good friend—has crafted a practical, no-frills guide that delivers exactly what it promises.
For me, this book wasn’t groundbreaking. It wasn’t supposed to be. As someone deeply entrenched in cybersecurity and risk management, I live in the world of complex frameworks and high-stakes decisions. But for its intended audience—executives leading small- or medium-sized businesses—it’s spot on.
The strength of this book lies in its simplicity. Michael focuses on the basics: the “blocking and tackling” that often gets overlooked in favor of shiny, high-tech solutions. His advice is grounded in reality and accessible even for those who don’t speak cybersecurity fluently. He strips away the hype, jargon, and sales-driven noise to focus on what matters most: reducing risk efficiently and effectively.
Could it have gone deeper? Sure. But depth wasn’t the goal here. The goal was to meet SMB leaders where they are and give them a fighting chance against threats that are all too real, despite the belief that “we’re not a target.” Michael balances urgency with practicality, providing tools and strategies that are either free or cost next to nothing.
If you’re leading an SMB and feeling overwhelmed by the complexity of cybersecurity, this book is an excellent starting point. It won’t solve every problem, but it will lay a solid foundation. For me, it was a quick read that confirmed Michael’s knack for making the complex approachable. For those newer to the field, it’s a guide worth having on your desk.