Secrets and Lies: Digital Security in a Networked World
Secrets and Lies: Digital Security in a Networked World. By Bruce Schneier; published by John Wiley & Sons, 800/225-5945 (phone), 732/302-2300 (fax); 432 pages; $29.99.
Consider the scores of books about computer and network security available today. Many are fat tomes, exhaustively written with myriad details. But corporate networks remain extremely insecure. Is anyone buying or reading these books?
With its mantra that security is a process, not a product, Secrets and Lies is one of the most important security books to come out in the last ten years. It forces information security managers to focus on security at the macro level—the processes—rather than at the micro level, as in the installation of a firewall or intrusion detection system. And since so many managers do equate security with firewalls, it is easy to understand why corporate networks are at risk.
Anyone looking for a quick fix to their security problems will not find it here. As each day passes, more and more security vulnerabilities, network breaches, and digital disasters are occurring. Without processes in place to manage these incidents, all of the security products in the world will be for naught.
Readers looking for a matter-of-fact, no-nonsense initiation into the world of information systems security should consider Secrets and Lies required reading.