Zen and the Art of Information Security

Nav:Home > Computers & Technology > Certification > Zen and the Art of Information Security

Press:Elsevier Science Ltd Syngress; 1 edition (April 4, 2007)
ISBN:9781597491686
Author Name:Winkler, Ira
Pages:158
Language:English
Edition:1st Edition

Content

While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. 
Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves.
Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler’s experiences making security understandable to the business world.
Mr.
Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year.
Zen and the Art of Information Security is based on one of his most well received international presentations.Written by an internationally renowned author of Spies Among Us who travels the world making security presentations to tens of thousands of people a yearThis short and concise book is specifically for the business, consumer, and technical user short on time but looking for the latest information along with reader friendly analogiesDescribes the REAL security threats that you have to worry about, and more importantly, what to do about them

About the Author

Ira Winkler, CISSP is President of the Internet Security Advisors Group. 
He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media.
He obtained this status by identifying common trends in the way information and computer systems are compromised.
He did this by performing penetration tests, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure.
He continues to perform these penetration tests, as well as assisting organizations in developing cost effective security programs.
Ira also won the Hall of Fame award from the Information Systems Security Association.
Ira is also author of the riveting, entertaining, and educational book, Spies Among Us.
He is also a regular contributor to ComputerWorld.com.
Mr.
Winkler began his career at the National Security Agency, where he served as an Intelligence and Computer Systems Analyst.
He moved onto support other US and overseas government military and intelligence agencies.
After leaving government service, he went on to serve as President of the Internet Security Advisors Group and Director of Technology of the National Computer Security Association.
He was also on the Graduate and Undergraduate faculties of the Johns Hopkins University and the University of Maryland.
Mr.
Winkler has also written the book Corporate Espionage, which has been described as the bible of the Information Security field, and the bestselling Through the Eyes of the Enemy.
Both books address the threats that companies face protecting their information.
He has also written over 100 professional and trade articles.
He has been featured and frequently appears on TV on every continent.
He has also been featured in magazines and newspapers including Forbes, USA Today, and Wall Street Journal.

Tags

Computers & Technology,Certification,CompTIA,Internet & Social Media,Hacking,Business & Money,Management & Leadership,Training



 PDF Download And Online Read: Zen and the Art of Information Security



Comment

 
 

Comment List (Total:3)

  •     From page 1, this book strikes me as essentially a summary of common sense, while the author is continually condescending.However, in one chapter, he actually misses the point completely--he states that asking "what percentage of an IT budget should go to security" is a "bad question". That's actually an incredibly difficult question that changes from business to business and requires detailed analysis in every situation.
  •     The book is written for naive computer users with limited prior knowledge of information security. Readers familiar with Ira's previous books (Corporate Espionage andSpies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day) will probably recognize the style and examples. Ira avoids technical descriptions of information security risks and controls, thereby avoiding the technical jargon common in other infosec books. On the whole, he sticks to non-technical attack methods (such as social engineering) and defenses, with barely a mention of network hacking and malware. The subject matter is essentially the same as Ira's previous books so it could be said that this is another re-hash of those - however, Ira has made a conscious decision to write a more succinct and high-level book to make the topic more accessible to the layman who is less likely to have read the previous books. Given the stated intent to write a short book on such a complex technical subject, the writing is necessarily quite superficial in places, frequently glossing over the realities.Two threads throughout the book are (1) it is necessary to understand security risks and (2) simple security controls are good enough to stop most threats. The Zen in the title appears to refer to martial arts rather than Eastern philosophies, and is used in the context of explaining that there is no need to be a `black belt' information security expert to be effective. There is some merit in the argument, in the same way that basic first aid techniques can help save lives. Personally, however, I wouldn't take the argument so far as to suggest that there is no need for trained professional medics.A few technical inaccuracies caught my eye, some of which I could put down to the book's rather superficial coverage but others appear to be genuine misunderstandings by the author. In several places, the author makes disparaging remarks about script kiddies, fair enough, but he is also dismissive of skilled hackers. I find this attitude troubling since hackers can be worthy adversaries of even the best and most resourceful information security managers. There are far too many incidents to dismiss all hackers out of hand, therefore it would be foolhardy to discount hacking risks.If you have no background in information security, this book makes an interesting introduction to the issues but falls short on useful advice. If you have read the author's previous books, you are unlikely to learn anything new.
  •     Winkler makes some good points, but repeats himself over and over again. For a book that boasts about being short and concise, it could cut its length by a third if not half by cutting redundancy. He also puts too much weight on risk assessment. If you are worried about anything beyond script kiddies, both probability and consequences are difficult to predict. Even a marginal assessment can often cost more than the countermeasures being considered. He also contradicts himself. Case in point his view on hackers. He says they serve no purpose and can't be trusted yet on his his team he not only employs a hacker but also an ex KGB agent.

Relation Books

Recommand Books

 

Legal Theory & Systems,Cooking Methods,Physics,Dentistry,Other Team Sports,Infantil y juvenil,Cars, Trains & Things That Go,Christian Denominations & Sects Book,。 FreeBook 

FreeBook @ 2018