Books

'Black Book' offers tidbits, but not worth keeping

The Black Book on Corporate Security

439 pages $49.95                                     Larstan Publishing

The "little black book" is synonymous with your college roommate's address book and your Rolodex of industry contacts. Larstan Publishing has taken this concept and applied it to information security with The Black Book on Corporate Security, a collection of security management essays on topics ranging from intellectual property protection to identity theft. As a play on the title, the phone numbers and e-mail addresses of the book's 17 authors are also listed, along with numerous vendor and organizational contacts.

Information Security Bookshelf

Read Chapter 7, Defending the digital you

Read the forward by Howard Schmidt

Share your opinion of this book

Each essay is written by a different author, and the quality varies from easily digestible to barely readable. The essay Identity-Aware Business Service Management makes some valid points, but the authors' writing style obscures rather than illuminates their arguments. In contrast, Preempting Data Warfare: The Art of Comprehensive Vulnerability Management is well written and makes its points quite plainly. Author Maria Cirino (a VP at VeriSign) makes clear the often murky distinction between vulnerability scanning and true vulnerability management, and blueprints a comprehensive business strategy.

Although the book strives for neutrality, virtually all of its contributors work for vendors. So, it wasn't surprising to see product names pop up; the case studies and the appendix often read like marketing brochures. Also not surprising, rather than approaching individual agnostic authors, Larstan solicited chapter proposals that appealed to corporate PR departments looking to get their executives (and their products) in print.

The book's biggest flaw, though, is its complete lack of focus. Put together, these essays cover a lot of ground, too much for any single volume to handle. No chapter contains sufficient information to start implementing a new process or policy, and further research is necessary to produce actionable plans.

The inclusion of a bibliography or a reading list for each chapter would have increased the book's value.

In the end, The Black Book on Corporate Security has some interesting nuggets of insight, but little else. This could be the only "little black book" you won't want to keep.

This was first published in June 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: