News Tagged "Security Management"

Page 1 of 1

Book Review: We Have Root

  • James T. Dunne, CPP
  • Security Management
  • May/June 2021

By Bruce Schneier. John Wiley & Sons;; 304 pages; $19.99.

Bruce Schneier has been one of the most recognized authorities on cybersecurity for more than two decades. He has a talent for explaining the complexities of the cyber world to the layman without resorting to intimidating technical discourse. While sharing his extensive knowledge, he admits that he too continues to learn the ways of the cyber world.

A compilation of Schneier’s essays, We Have Root describes the heightened risk of cyber activity due to public policy and other timely issues, including election interference, privacy and surveillance, access to encrypted information, and leaks. Not surprisingly, the collection of separately published articles involves the frequent repetition of particular themes, which may be seen as a waste of time by some or a useful emphasis of key points by others. The single most useful piece, addressing a number of emerging potential threats, may be “Security and the Internet of Things,” which explains how some simple, everyday actions could result in death and destruction…

Book Review: Click Here to Kill Everybody

  • Coleman Wolf, CPP, CISSP
  • Security Management
  • July 2019

With the advent of Internet of things (IoT), artificial intelligence, and robotics, the threat to cybersecurity has entered a new stage in which risks to privacy, integrity, and availability are further amplified, and it has grown to include risk to personal safety and other catastrophic physical world consequences. Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World explains the state of cybersecurity, the impact on trust of our technical and social systems, and recommendations for getting to a safer and more secure future…

Liars & Outliers: Enabling the Trust That Society Needs to Thrive (Review)

  • Mayer Nudell, CSC
  • Security Management
  • April 2012

As security professionals, we mainly consider how we can establish procedures, plans, and policies focused on actions intended to protect people, places, and things. We rarely consider the societal mechanisms fostering the trust that allows us to prioritize our actions even though we recognize that we cannot protect everyone, everything, and every place all the time. Without a broad base of trust, society and all of our institutions would fail to function. This is the focus of Bruce Schneier’s new­est book, Liars & Outliers: Enabling the Trust That Society Needs to Thrive…

Cryptography Engineering: Design Principles and Practical Applications (Review)

  • Ben Rothke
  • Security Management
  • December 1, 2010

Cryptography Engineering: Design Principles and Practical Applications. By Niels Ferguson et al; published by John Wiley & Sons, Inc.,; 384 pages; $55.

Good cryptography can ensure that your data is readable only to authorized parties. The danger of bad cryptography is a false sense of data security. The line between the two is exceptionally thin, and the difference between the two is spelled out in great detail in this text.

The first edition of coauthor Bruce Schneier’s Applied Cryptography came out in 1994. What was revolutionary then, and launched a new generation of security mavens, is now obsolete in many parts. …

Secrets and Lies: Digital Security in a Networked World

  • Ben Rothke, CISSP
  • Security Management
  • February 2001

Secrets and Lies: Digital Security in a Networked World. By Bruce Schneier; published by John Wiley & Sons, 800/225-5945 (phone), 732/302-2300 (fax); 432 pages; $29.99.

Consider the scores of books about computer and network security available today. Many are fat tomes, exhaustively written with myriad details. But corporate networks remain extremely insecure. Is anyone buying or reading these books?

With its mantra that security is a process, not a product, Secrets and Lies is one of the most important security books to come out in the last ten years. It forces information security managers to focus on security at the macro level—the processes—rather than at the micro level, as in the installation of a firewall or intrusion detection system. And since so many managers do equate security with firewalls, it is easy to understand why corporate networks are at risk…

Sidebar photo of Bruce Schneier by Joe MacInnis.