'Black Book' offers tidbits, but not worth keeping

The Black Book on Corporate Security 439 pages $49.95                                     Larstan Publishing

The "little black book" is synonymous with your college roommate's address book and your Rolodex of industry contacts. Larstan Publishing has taken this concept and applied it to information security with The Black Book on Corporate Security, a collection of security management essays on topics ranging from intellectual property protection to identity theft. As a play on the title, the phone numbers and e-mail addresses of the book's 17 authors are also listed, along with numerous vendor and organizational contacts.

Information Security Bookshelf Read Chapter 7, Defending the digital you Read the forward by Howard Schmidt Share your opinion of this book

Each essay is written by a different author, and the quality varies from easily digestible to barely readable. The essay Identity-Aware Business Service Management makes some valid points, but the authors' writing style obscures rather than illuminates their arguments. In contrast, Preempting Data Warfare: The Art of Comprehensive Vulnerability Management is well written and makes its points quite plainly. Author Maria Cirino (a VP at VeriSign) makes clear the often murky distinction between vulnerability scanning and true vulnerability management, and blueprints a comprehensive business strategy.

Although the book strives for neutrality, virtually all of its contributors work for vendors. So, it wasn't surprising to see product names pop up; the case studies and the appendix often read like marketing brochures. Also not surprising, rather than approaching individual agnostic authors, Larstan solicited chapter proposals that appealed to corporate PR departments looking to get their executives (and their products) in print.

The book's biggest flaw, though, is its complete lack of focus. Put together, these essays cover a lot of ground, too much for any single volume to handle. No chapter contains sufficient information to start implementing a new process or policy, and further research is necessary to produce actionable plans.

The inclusion of a bibliography or a reading list for each chapter would have increased the book's value.

In the end, The Black Book on Corporate Security has some interesting nuggets of insight, but little else. This could be the only "little black book" you won't want to keep.

BROWSE BY TAG SSL and TLS VPN Security,   Secure VPN Setup and Configuration,   Enterprise Network Security,   NAC and Endpoint Security Management,   Secure Remote Access,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT SSL and TLS VPN Security Expert calls SSL protocol vulnerability a non issue How SSL-encrypted Web connections are intercepted Best Remote Access Products How to set up a split-tunnel VPN in Windows Vista Securing the intranet with remote access VPN security A short enterprise VPN deployment guide Creating an SSL connection between servers Can S/MIME, XML and IPsec operate in one protocol layer? Can secure USB devices prevent man-in-the middle attacks How to secure SSL following new man-in-the-middle SSL attacks Secure Remote Access Endpoint protection best practices manual: Combating issues, problems Best Mobile Data Security Products Perimeter defense in the era of the perimeterless network Securing the intranet with remote access VPN security What security software should be installed on Internet café computers? Information security book excerpts and reviews Diverse mobile devices changing security paradigm Cisco warns of security appliance flaws How to configure NAP for Windows Server 2008 Can home PCs provide a way for viruses and spyware to enter a corporate LAN?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Secure Shell  (SearchSecurity.com) Secure Sockets Layer  (SearchSecurity.com) server accelerator card  (SearchSecurity.com) SSL VPN  (SearchSecurity.com) Transport Layer Security  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary