Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "The Executive Guide to Information Security", Mark Egan/Tim Mather

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKEGINSC.RVW 20070112 The Executive Guide to Information Security , Mark Egan/Tim Mather, 2005, 0-321-30451-9, U$34.99/C$49.99 %A Mark Egan %A Tim
    Message 1 of 1 , Mar 6, 2007
    • 0 Attachment
      BKEGINSC.RVW 20070112

      "The Executive Guide to Information Security", Mark Egan/Tim Mather,
      2005, 0-321-30451-9, U$34.99/C$49.99
      %A Mark Egan
      %A Tim Mather
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2005
      %G 0-321-30451-9
      %I Addison-Wesley Publishing Co.
      %O U$34.99/C$49.99 416-447-5101 fax: 416-443-0948 bkexpress@...
      %O http://www.amazon.com/exec/obidos/ASIN/0321304519/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0321304519/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0321304519/robsladesin03-20
      %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
      %P 268 p.
      %T "The Executive Guide to Information Security"

      The preface states that the book is intended as a crash course on
      information security for those at the executive management level who
      are not familiar with the security or technical field. The work is
      intended to present practical recommendations that can be implemented
      quickly, and to explain key principles in non-technical language.

      Chapter one notes that security is becoming an increasing concern to
      the corporation, and that new technologies, such as the Internet and
      wireless networking, are making this already difficult task ever more
      complicated. Some random aspects of security, mostly different types
      of security tools, are listed in chapter two. The recommendation
      about developing a security program, in chapter three, is limited to
      generic project management. Some general advice on staffing is given
      in chapter four. Chapter five outlines a few processes necessary to a
      security assessment and program. More technologies and utilities are
      catalogued in chapter six, more processes in seven. Chapter eight
      looks to the increasing complexity of information systems, new and
      harsher attacks, and the expanding problems in securing systems. Some
      important, but not comprehensive, points about an information security
      program are listed in chapter nine.

      The book includes a "security framework," in the checklist style
      favoured by so many authors of frameworks, but it has more gaps and is
      limited in comparison to the other available structures (such as Fred
      Cohen's "Security Governance," cf. BKSECGOV.RVW).

      This is much like a collection of reasonable magazine articles, and
      would be good for raising awareness and limited familiarity with the
      importance of security, and some of the major issues. It is, however,
      hardly the basis for a complete understanding of the security realm,
      even at the executive level. It certainly would not serve as the
      foundation for a security program.

      copyright Robert M. Slade, 2007 BKEGINSC.RVW 20070112


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      I base most of my fashion taste on what doesn't itch. - Gilda Radner
      Dictionary of Information Security www.syngress.com/catalog/?pid=4150
      http://victoria.tc.ca/techrev/rms.htm
    Your message has been successfully submitted and would be delivered to recipients shortly.