How to Cheat at Managing Information Security Paperback – 13 Oct 2006
|New from||Used from|
- Choose from over 13,000 locations across the UK
- Prime members get unlimited deliveries at no additional cost
- Find your preferred location and add it to your address book
- Dispatch to this address when you check out
Frequently Bought Together
Customers Who Bought This Item Also Bought
Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
From the Author
This book was the book I needed when I first started to
work in Information security.
I needed a book for newcomers that spanned the breadth of
the subject and concisely demystified areas across the
whole spectrum of administrative, regulatory and technical security. A book that focussed on my need to know "Why?"
not just "How?", and perhaps put into context the other
books I had to read.
Fifteen years later, having worked for most of the Fortune
500 companies as either an Information Security manager or
consultant, I have gone back and written it my way of
paying-forward the folks that helped me.
It is intended for people new to Information Security, but
not Information Technology And I have tried to fill it
either with subjects that I think every security professional need to know or subjects that are simply not
covered in other texts on the security. So if you read it
cover to cover, it will provide a great foundation for your career.
I have written it to be read, so it is light and concise. But most of all, I have tried to make it funny. To meet that aim, I have packed it full of true live anecdotes so
that the reader can have a laugh at my fallibility and my
expense or see the funnier side of bad security. I cant
bear these security texts that are overly academic and talk
down to readers. Consequently, I take a few swipes at
many of the traditional mindsets and preconceptions of the Information Security community but hopefully that just adds to the fun.
I have been told that the book is also a suitable primer for those readers that are already security professionals, working in a very specialist field (for example. firewall admin, pentester or intrusion analyst) but who want to expand out of that specialist area.
In keeping with notion of helping people starting out, I will donate 10% of my cut to the NSPCC and the Princes Trust. I need it they need it more.
About the Author
Summitt has a masters degree in mass communications. Currently the IT Director for the Missouri County Employees' Retirement Fund, Paul has served as network, exchange, and database administrator as well as Web and application developer.
What Other Items Do Customers Buy After Viewing This Item?
Top Customer Reviews
I have a number of other handbook style books - one that cost nearly six times more but was really a collection of articles written by a dozen different people (some with obviously conflicting views) bound under the same cover.
What I liked:
This book simply sets out the things I need to know about Organisations, Strategies and Audits then progresses into firewall design and security testing. And it is so funny - the cover is right this man does make security light going.
What could be better:
The guy is obviously technical so at the end some of it is a bit hard going - just had to skip bits. But each chapter is laid out so that the chapter gets more complex at the end so this wasn't a problem.
I would have liked more on Virus technology and Wireless security - especially as after work on Google, I understand that the fat-bloke was a leading researcher in wireless security
Overall conclusion: Great.
One win of this Information security book over others is that it includes information about UK legislation, rather than just US.
Every chapter has an anecdote to set the scene and this makes the book easy and light to read.
A little out of date (e.g. only passing reference to PCI) but principles and most of the tech is still true.
If you take his advice you'll go far: Strategy, then tactics, then processes, procedures etc, do good audits of everything, proper planning - sounds obvious but most people rush headlong into trying to tick off the gap analysis points without defining and designing and implementing an overall solution properly. Do a Risk Analysis (or whatever you want to call it)!
I am new to this business and found the book really useful as groundwork.
Jargon and acronyms are explained and, although I'll never be 'technical', I do at least have some idea what the techies are talking about.
Most Recent Customer Reviews
Some great guidance and advice. Chapters are well structured and the anecdotes generally amusing, but with a more subtle point to them.Published on 9 Nov. 2013 by Mr. A. G. Watkins
Most of these type of books are written by Americans for Americans so they rarely acknowledge the rest of the world. Read morePublished on 8 Aug. 2012 by M. Harper
This is an excellent book.
It told me everything I needed to know and the pace was just right for me as a high level technical manger. Read more
This book is a must for those attempting to understand security management. The anecdotes at the beginning of each chapter are great this book is very easy reading. Read morePublished on 19 Oct. 2009 by jmp esp