March 06, 2006

Books IT security pros need

I will begin with a new three volume set that should be in every corporate information architecture (IA) library. The Handbook of Information Security (Wiley, 2006), edited by Dr. Hossein Bidgoli, is unquestionably the most complete reference work on information security extant. The dozens of editorial board members and contributors are a who's who of our industry.


Another valuable reference of similar content is the venerable Computer Security Handbook (Wiley, 2002), edited by Seymour Bosworth and Dr. Mich Kabay. It's not quite the weight of the three volume set, but full of important information from, again, a who's who of the IA world.


A new Auerbach book that should be on every IA book shelf is Information Security Architecture (Auerbach, 2006) by Jan Killmeyer. This is different from just about any IA architecture book I've ever read and has the answers you need when designing or updating your security architecture.


Another Auerbach must-have is the newest from my friend and colleague Rebecca (Becky) Herold, Managing an Information Security and Privacy Awareness and Training Program (Auerbach, 2005). This addresses what is arguably the hottest issue in security today: privacy. Becky is an expert on this topic. She has spoken, taught and written internationally and is a fixture at various industry conferences.


While I'm on the topic of Auerbach, any book from Tom or Justin Peltier belongs, not in your library but on your desk where you can get to it quickly. There are several volumes that cover policy, risk analysis and penetration testing.


Brian Carrier, a soon-to-be new Ph.D. from CERIAS at Purdue University, has written the definitive book on forensics, File System Forensic Analysis (Addison Wesley, 2005). Brian is the expert on this topic and his book has been lauded in digital forensic circles. Even if you are not doing sophisticated forensic analysis, this book has everything you need to know about how various file systems work.


Books, books, books. If you are doing just about any level of work in IA you need 'em. And the ones here are absolute necessities for your collection.

-Peter Stephenson, Norwich University

Similar Articles
Related Topics
close

Next Article in News

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.