Read more
Many existing titles provide introductions to security concepts and technologies. However, they are typically presented in the style of either academic textbooks or 'how to' guides. A business manager, for example, will be more interested in the problems that he may face, and their impact, before being told about the technological solutions
The comprehensively researched text makes reference to many real-life examples to illustrate the points being made, which help to provide evidence of security incidents and the consequences.
The book helps to answer the question of why we, particularly if working in corporate roles, should care about IT security, by presenting examples of how insecure systems can be open to exploitation. The aim is to instil readers with a sense of security awareness and foster a more security-conscious IT culture.
The text does not focus upon the technological solutions required - it instead concentrates upon the variety of possible vulnerabilities and the likely consequences.
List of contents
The problem of IT insecurity.- The need to raise awareness.- Common failings that compromise security.- The widespread nature of vulnerability.- Attack and exploitation of IT systems.- Responses from the security industry.- Final thoughts.
About the author
Dr. Steven Furnell is a reader in information systems security at the University of Plymouth, and has already published one book: "Cybercrime: Vandalising The Information Society", Paperback: 336 pages ; Publisher: Addison-Wesley Pub Co; 1st edition (December 21, 2001), ISBN: 0201721597.
Aside from the assigned reviewers and a number of Dr Furnell’s academic colleagues, the manuscript has also been read by Dr Jeremy Ward, Service Development Director of for Symantec UK, who provided summary feedback describing it as "really excellent".
Summary
Many existing titles provide introductions to security concepts and technologies. However, they are typically presented in the style of either academic textbooks or ‘how to’ guides. A business manager, for example, will be more interested in the problems that he may face, and their impact, before being told about the technological solutions.
The comprehensively researched text makes reference to many real-life examples to illustrate the points being made, which help to provide evidence of security incidents and the consequences. The book helps to answer the question of why we, particularly if working in corporate roles, should care about IT security, by presenting examples of how insecure systems can be open to exploitation. The aim is to instil readers with a sense of security awareness and foster a more security-conscious IT culture. The text does not focus upon the technological solutions required – it instead concentrates upon the variety of possible vulnerabilities and the likely consequences.
Additional text
Date Reviewed: Mar 21 2006
"Security is a journey rather than a destination”. If you want to know how to
protect your computer system, this is not the book for you. If you want to know why you
should protect your computer system or convince someone else of the need, this book may
very well be appropriate. The approach taken by Furnell is to describe a variety of potential
system vulnerabilities and then present case studies and surveys to show that these
vulnerabilities are real and should be of concern to systems managers and their
organizations.
The first two chapters provide an overview of computer security problems, including a
perceived lack of sufficient awareness about them. In the three chapters that follow, major
security problems and potential attacks are surveyed. The last two chapters discuss
potential approaches to providing information assurance and computer security, as well as
the limitations of these approaches. The situations discussed include, but are not limited to,
some of the more notorious security incidents. The ISO/IEC 17799:2000 Code of Practice for
Information Security Management is summarized, and several other security standards and
guidelines are mentioned.
Reviewer: C. M. Eastman Review #: CR132583
‘In today’s connected world no-one can afford to ignore computer security, this book tells you why, and what you should do about it, in simple non-technical language.’
Dr Jeremy Ward, Director of Service Development, Symantec (UK) Ltd
‘Computer Insecurity contains loads of practical advice supported by an abundance of real world examples and research. If you don’t understand what all the fuss concerning computer security is about then this book was written for you.’Jeff Crume, CISSP
Executive IT Security Architect, IBMand author of ‘Inside Internet Security – What hackers don’t want you to know’
‘I have long been looking for a book that would give answers to why rather than how we cater for Information and Communication Systems Security ... I recommend it wholeheartedly to anyone that wishes to extend their knowledge’
Professor Sokratis K. Katsikas, University of the Aegean, Greece
