What cyber security topics do Mark Hayward's books cover?

Mark Hayward's 144+ books cover a wide range of cyber security topics including Identity & Access Management (IAM), Incident Response, Wireless Security, IoT Security, OSINT, Governance & Policy, SOC2 Certification, PCI DSS compliance, the Cyber Assessment Framework, and AI standards like ISO 42001.

What formats are the cyber security books available in?

All books are available on Amazon in Kindle eBook format (with many on Kindle Unlimited), paperback, and hardcover editions. Digital versions offer instant download, while physical copies ship worldwide through Amazon.

Are these books suitable for beginners in cyber security?

Yes! The collection includes books for all skill levels. 'Cyber Security for Beginners' is the recommended starting point. From there, readers can progress through intermediate and advanced titles covering specialised topics like ethical hacking, threat detection, and enterprise security.

Mark Hayward is a UK-based cyber security expert with over 23 years of experience and a veteran of the UK Armed Forces. He has served both independently and within prominent organisations, providing cyber security services to local and central government departments. He is the author of 144+ published books on cyber security.

Can I purchase these books outside the United States?

Absolutely. All books are available worldwide through Amazon. Kindle eBooks can be downloaded instantly from any country, and physical copies (paperback and hardcover) ship globally through Amazon's international delivery network.

What is cyber security risk management?

Cyber security risk management is the process of identifying, assessing, and prioritising risks to an organisation's digital assets, then applying controls to reduce those risks to an acceptable level. It includes frameworks such as NIST RMF, ISO 27001, and the FAIR model to provide structured, repeatable approaches.

What is the NIST Risk Management Framework?

The NIST Risk Management Framework (RMF) is a US government-developed process that integrates security, privacy, and risk management into the system development lifecycle. Its seven steps — Prepare, Categorise, Select, Implement, Assess, Authorise, and Monitor — guide organisations in securing information systems systematically.

What is the FAIR model in cyber security?

FAIR (Factor Analysis of Information Risk) is a quantitative risk model that translates cyber security risk into financial terms. It helps organisations prioritise security investments by expressing risk as a probable range of financial loss, making it easier to communicate risk to executive and board-level stakeholders.

Cyber Security Risk Management ~ 1.5 Threat Modelling Approaches

Why Threat Modelling Matters

The landscape of cyber threats is continually evolving, making it essential for organisations to utilise structured threat modelling techniques to anticipate potential attacks before they materialise. Rather than waiting for an incident to expose weaknesses, threat modelling allows security teams to think like an attacker — systematically identifying vulnerabilities and prioritising defences based on real risk.

Three of the most widely used approaches are STRIDE, Attack Trees, and PASTA. Each brings a different lens to the problem, and the most effective organisations combine all three.

STRIDE

Developed by Microsoft, the STRIDE model provides a structured framework for identifying six categories of threat:

S — Spoofing — Impersonating a user, system, or service to gain unauthorised access.
T — Tampering — Maliciously modifying data in transit or at rest.
R — Repudiation — Performing actions that cannot be traced back to the attacker, undermining accountability.
I — Information Disclosure — Exposing data to individuals who should not have access to it.
D — Denial of Service — Disrupting the availability of a system or service.
E — Elevation of Privilege — Gaining higher-level access rights than authorised.

By walking through each STRIDE category for every component of a system, security professionals gain a comprehensive map of vulnerabilities and the attack methods most likely to exploit them.

Attack Trees

Attack Trees provide a visual representation of the paths an attacker might take to achieve a specific goal. Starting from a root node — the attacker's objective — branches extend outward to represent the different methods and sub-methods available to reach that goal.

This approach is particularly powerful for prioritising security investment. By assigning probability and impact scores to each branch, teams can quickly identify which attack paths are most likely and most damaging — focusing resources where they will have the greatest effect.

PASTA (Process for Attack Simulation and Threat Analysis)

The PASTA framework takes a risk-centric, seven-stage approach to threat modelling that begins by aligning security threats with business objectives. Rather than treating threat analysis as a purely technical exercise, PASTA ensures that every security finding is understood in the context of the impact it would have on the organisation's goals, finances, and reputation.

This makes PASTA particularly effective for senior stakeholder communication — translating technical risk into business language that boards and executives can act upon.

Case Studies: Threat Modelling in Action

Financial Institution — STRIDE Reduces Data Breach Risk

A financial institution facing a significant threat of data breaches implemented the STRIDE model to map out potential attack scenarios across their customer-facing systems. The analysis identified critical vulnerabilities in their access control architecture and exposed weaknesses in their secure coding practices.

Armed with this structured analysis, the institution made targeted investments in developer security training and strengthened access controls — substantially reducing their attack surface before any breach occurred. The proactive approach saved both the cost of a breach and the reputational damage that would have followed.

Technology Firm — Attack Trees Secure a Product Launch

A technology firm preparing for a major product launch used Attack Trees to analyse the new system before release. The exercise uncovered several exploitation points that could have been targeted by malicious actors post-launch — including an insecure API endpoint and a weak authentication flow in the onboarding journey.

By resolving these issues prior to launch, the firm not only avoided a potentially damaging early-life incident but gained a competitive advantage: a secure, trust-worthy product from day one.

Building Threat Modelling Into Your Risk Programme

Incorporating threat modelling into an ongoing risk management discipline can significantly bolster an organisation's cyber security posture. Key recommendations include:

Conduct threat assessments at every major stage of system development — not just at launch.
Combine multiple modelling techniques (STRIDE + Attack Trees, for example) for a well-rounded view of risk.
Establish a culture of continuous improvement, ensuring security reviews remain relevant as systems and threats evolve.
Invest in staff training so that developers, architects, and operations teams can identify and escalate threat signals early.

Every employee plays a role in preserving the integrity of sensitive information and systems. Threat modelling is not solely the domain of the security team — it is a discipline that, when embedded across the organisation, becomes one of the most powerful tools in the risk management arsenal.

📘 Read the Full Book