REVIEW: "Mapping Security", Tom Patterson
- BKMAPSEC.RVW 20050805
"Mapping Security", Tom Patterson, 2005, 0-321-30452-7,
%A Tom Patterson www.tpatterson.net Online@...
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%I Addison-Wesley Publishing Co.
%O U$34.99/C$49.99 800-822-6339 Fax: 617-944-7273 bkexpress@...
%O Audience n- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P 405 p.
%T "Mapping Security"
A sort of preface seems to indicate that this book lists countries and
assigns them a security score.
Chapter one repeats this same material.
Part one gives general security advice. Chapter two reiterates the
point that business is increasingly global in nature, and that
information technology has enabled activities that can create problems
for business. We shouldn't waste time with risk assessment, says
chapter three. What we should do sounds an awful lot like risk
assessment. (We are also told that "things are different elsewhere,"
as in, other countries.) Chapter four seems to start out by promoting
traditional cost/benefit analysis (with regard to "return on security
investment"), but quickly diverts into a list of security technologies
that the author considers to be worth it (presumably regardless of
your business or situation). The idea that certain security
technologies can enhance business and profits is promoted in chapter
five, which also lists some examples to support the concept. Chapter
six appears to advocate developing an ongoing awareness or facility
for determining the existence of security threats and attacks. This
idea is extended, in chapter seven, and there is also a reminder that
threats, and protections, change rapidly.
Part two is the list of security indices by country and region.
Chapter eight reiterates the notion that things are different
elsewhere, and also finally (somewhat tersely) delineates the Mapping
Security Index (MSI). Europe is covered in chapter nine, first in
general and then by country. Countries are not given equal space, and
the assignment does not seem to be on any particular basis. Much less
space is devoted to the Middle East and Africa, in chapter ten.
(Africa's forty-some countries are represented by South Africa, which
is hardly representative. I'd rather hoped to check out Nigeria, but
it isn't there.) Likewise missing are several nations from the
Americas (Central America is one entity), in chapter eleven, possibly
due to the space dedicated to explaining the United States (presumably
to those from the United States). Chapter twelve discusses the Asia
Pacific region. (Interestingly, although China gets a significant
amount of space, no mention is made of the unique nature of some
blackhat groups in China, the "red guests.") A conventional essay on
outsourcing is presented in chapter thirteen.
Part three collects some other, related, topics. Chapter fourteen is
a brief introduction to this section. Laws are different elsewhere,
we are informed in chapter fifteen. Distinctive uses are made of
technology, in other countries, although chapter sixteen could have
used more, and more effective, examples to point that out.
The chapters in the book are difficult to follow, in terms of a
central theme or thread. The text seems to jump from topic to topic,
possibly under some commonality apparent to the author, but not
explained to the reader. I'm not really clear on the audience for
whom this book was supposed to be written, nor anyone to whom I could
copyright Robert M. Slade, 2005 BKMAPSEC.RVW 20050805
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Vikings? There ain't no vikings here. Just us honest farmers.
The town was burning, the villagers were dead. They didn't need
those sheep anyway. That's our story and we're sticking to it.
- Dan Sorenson
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade