| | |  | | Home » Scrappy Information Security: The Easy Way to Keep the CyberWolves at Bay | | | | | | | Description: | | The Internet, like Elvis, is everywhere. It is in our homes, our places of work, our phones. Unfortunately, cyberspace is teeming with bad people who want to steal our identities, pilfer our corporate secrets, get their grubby little fingers into our online wallets, and -- to add insult to injury -- latch onto our PCs to perpetuate their crimes.
Modern corporations do their best to hammer home the message of security through training, communications, and outright begging. The message often falls on deaf ears, not because employees want to make their workplaces unsafe, but rather, because the topic is so complex and wide-ranging that it simply is overwhelming. As an information security professional, it is my charge to make the online world safer for all of us. None of us tolerates a crime spree in our neighborhood. Likewise, we should not tolerate the current crime wave that is sweeping the Internet, one which truly threatens to stifle the e-commerce and e-communications that we have come to know and rely on.
They say a little knowledge is a dangerous thing. I agree. People need more than a little knowledge to be safe online. They need to understand how encryption, the Internet, and wireless work so that they can put the pieces together -- literally like a jigsaw puzzle -- to reveal the image of a more secure online world. It is my goal to craft those pieces in such a way that the average reader will understand these technologies, and therefore understand how to apply them to both their corporate and personal cyberselves.
This book should be read by anyone who cares about the security and privacy of their online information, and wants to know how to take steps to protect it ... and that should be everyone. This book should be read by anyone who wants to "do the right thing" and ensure that they do not inadvertently compromise their employer's, or their own, sensitive information ... and that should be everyone. This book should be read by anyone who believes that crime is crime, it should be stopped, and wants to know what concrete steps he or she can be take to reduce cybercrime and minimize its impacts ... and that should be everyone.
| | | Product Details: | | | Average Customer Rating:
|  based on 7 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 7 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
1 of 1 found the following review helpful:
 Informative yet informalJun 23, 2009
By P. Nofel
"Sierra Hotel Editor"
Michael Seese's "Scrappy" book about information security is an informal, yet succinct set of instructions and examples about information security topics ranging from physical security of business information systems to advice for avoid identity theft. It conveys all of the information needed for a solid groundwork in the information security field without becoming an uninteresting, overweight tome suitable only for double-duty as a doorstop.
His engaging writing style draws the reader into what could have been a dry, boring topic by making it interesting and useful, often citing current cultural references to enforce his points.
For those who deal with information technology, whether as informally as being a home computer user, or as formally as an IT careerist, his book is a useful and careful analysis of information security.
3 of 4 found the following review helpful:
 Patchy IT securityJul 29, 2010
By Dr. G. Hinson
"Gary"
The book is promoted as a guide to information security essentials for "everyone" (meaning, it seems, ordinary IT users, not IT professionals) in plain English. I take that to mean a basic, entry-level and largely non-technical book about the protection of information in all its forms, accessible and of interest to the general population. [Read on to find out what it actually delivers.]
The book covers a decent range of commonplace physical, technical and administrative issues around IT security and to some extent the wider aspects of information security (the 6 pages on social engineering, for example, are worthwhile). However, organizations tend to have rather more information security concerns and controls than home IT users (lots of legal, regulatory and standards compliance issues, for instance, and a raft of security policies and procedures), not all of which are mentioned or well covered.
On a notional `depth scale' ranging from 0% (barely skims the surface) to 100% (PhD material), the content is about 25% with a few higher peaks in certain areas and a few lows. Identity theft, for instance, which is surely a topical and important subject for non-technical Internet users to understand, merits just over one page of coverage - 371 words according to the author. Bridges and routers get the preceding four pages. This is quite inconsistent with the needs of the stated audience.
The insets marked "What it Means" use analogies, it appears, that are presumably intended to illustrate or explain the surrounding points. Most are obscure and, despite understanding the context, some are stretched so far as to leave me perplexed. What drunk-driving has to do with host hardening I still have no idea. My main beef, though, is with the disproportionate amount of "technobabble" in the book. It's even identified as such. After the author's and reviewers' notes pushing this as a non-technical guide, I was surprised to find it covering TCP/IP headers, packet spoofing and so forth in the technical security section: why ordinary users would be expected to know or be interested in such details puzzles me. The physical security section talks about security controls appropriate to a corporate IT facility: it seems rather unlikely that most home users would seriously consider fire suppression and CCTV coverage (other than webcams perhaps, which are not mentioned), let alone access cards - in other words, the content of the book appears to be aimed at office workers, not home users after all. I guess IT people might appreciate the notes on host hardening and DMZs, but the depth, breadth and quality of coverage in such technical matters is way below what would be needed to harden hosts or design/install/manage DMZs.
Scrappy Information Security does not fulfill the promise of being a plain English guide to information security for everyone. There are some minor but annoying technical errors and, more importantly, significant omissions. Of the classic CIA triad at the core of information security, integrity and availability issues are barely mentioned, while privacy and some other confidentiality concerns (such as industrial espionage) are just skimmed. Security aspects of desktop/home software development such as securing spreadsheets and software testing are not mentioned. The only advice I noticed about backups consists of less than a page, for some obscure reason inserted into the section on phishing. "Patchy IT security" would have been a more accurate title.
Despite the glowing endorsements by some well-known industry figures in the preface and marketing blurb, I wouldn't recommend this book to its intended audience: there is too much inappropriate and unnecessary technical content. I also wouldn't recommend it for IT or information security professionals: it is far too superficial. I'm afraid it's hard to think who else might benefit from the book: Generation Y teens, maybe? All in all, it's a disappointing purchase. I seriously wonder whether the endorsers read the same book as me.
smaller than a breadboxNov 14, 2010
By Doug Nibbelink
I just wanted to say a few words of appreciation in praise of this little book. Scrappy Information Security is an accurate, readable and (gasp) funny walk through the basics of Information Security. It is rare that one of the more technical phone book size InfoSec tomes causes me to laugh out loud (usually I snore). This book got me fired up enough to start planning basic security awareness training around the topics covered within this gem of a paperback. That alone is more than worth the price of admission.
I Used to Feel Safe Using My ComputerOct 20, 2009
By Scrappy Kimberly Wiefling
"Scrappy Kimberly Wiefling"
Before I edited Michael's book I felt fairly safe using my computer. I even entered my credit card number to purchase items without having a chill run up my spine. No more! His easy to understand tour through the terrors of cyberspace have left a scar on my psyche.
There are thicker books out there on this topic, but unless you're a cyber-jock, this book is a great introduction to cyber security for individuals and businesses. I'm a scientist by education, with a masters degree in physics and undergrad degrees in chemistry and physics. I certainly COULD understand all of the jargon, but I've got better things to do. And I wouldn't have bothered to support this book as a Scrappy Guide(R) unless I was sure it was an essential guide to getting results in the real world.
1 of 2 found the following review helpful:
Great book for the security indimidatedOct 29, 2009
By John F. Bauer III
I've finally found a book I can strongly recommend to those people that ask the most basic security questions. As a security professional, there are some great books out there for readers that already have a basic grasp of security, especially when it comes to the Internet. But I've struggled to find a book to recommend to those individuals that would get overwhelmed by the major of existing Internet security books. Michael Seese has filled this gap. His text simply and in plain, easy to understand common language, walks users through important security concepts such as phishing, password management, multi-factor authentication and safe Internet surfing.
I whole heartedly recommend this book to those looking for that straight forward, simple explanation of the most important day to day security concepts. A great security awareness text indeed!
See all 7 customer reviews on Amazon.com
| | |
|
