Against the Gods: The Remarkable Story of Risk – A Must-Read for Security Professionals

And oldie but a goodie……I was introduced to this book during my first corporate job, after serving eight years as Navy pilot, as an aviation insurance underwriter. It was a job where I learned the business of risk and the need to adhere to standardized methodologies to protect assets and minimize all categories of liability. I was introduced to risk standards and assessment standards globally recognized and expected by the world markets.

Today, most of my work is in physical security, where many self-proclaimed “professionals” lack standards, discipline, and structure, preferring a shoot-from-the-hip approach that often leads to outdated solutions like gates, guards, and, of course, guns.

In a risk-driven industry, many security professionals in cybersecurity and physical security still rely on gut instinct over structured analysis. This book, “Against the Gods: The Remarkable Story of Risk” by Peter Bernstein, reminds us that risk isn’t just reactive; it’s measurable, predictable, and manageable.

Bernstein masterfully explores the evolution of risk management, from ancient beliefs in divine uncertainty to modern mathematical frameworks shaping finance, insurance, and security. His insights into probability theory, statistical inference, and decision-making are relevant to both security professionals and financial analysts.

Why This Book Matters for Security

Cybersecurity: In the digital world, threats evolve rapidly, and organizations must make calculated decisions on vulnerabilities, attack vectors, and mitigation strategies. Bernstein’s discussions on probability theory align directly with AI-driven threat modeling, breach likelihood assessments, and risk-based security frameworks.

Physical Security: Unlike cybersecurity, physical security still lacks a structured, data-driven risk model in many organizations. Security measures are often reactive rather than predictive. Bernstein’s work highlights how quantifying and modeling risk can lead to more innovative investments in access control, surveillance, and emergency planning.

The Security Industry Needs a More Structured Approach

Security—both physical and cyber—remains too unstructured. Many professionals focus on compliance checklists instead of truly understanding and managing risk. Against the Gods can guide shifting security from a reactive discipline to a proactive, analytical science.

If you're a security “professional,” risk analyst, risk manager, decision-maker, or buyer of security services, this book is highly recommended. It’s time to drop the haphazard approach to security risk management, implement ad-hoc solutions, and start managing it like other industries have for centuries.