Welcome to the SecAware blog

I spy with my beady eye ...

9 Oct 2018

NBlog Oct 9 - ten top infosec books

As a bookworm, these are my top ten information security books:
  1. The Cuckoo’s Egg by Clifford Stoll – the whodunnit that first got me seriously interested in hacking and IT security. A gripping story of intrigue and perseverance.

  2. Codebreakers by Hinsley & Stripp – the extraordinary tale of WWII cryptanalysis at Bletchley Park, and ultra-secrets.

  3. Secrets and Lies by Bruce Schneier – Bruce’s writing is always stimulating, thought-provoking. S&L was the first I read, and would remind me of the ones that followed.

  4. The Art of Intrusion by Kevin Mitnick – as with Bruce, the first book reminds me of the series. More social engineering than hacking, but ingenious nevertheless. The hacker mindset sings out.

  5. Information Paradox by John Thorp – the book that changed my way of thinking, treating IT and information as business tools. Underpins ISACA’s ValIT method.

  6. Managing an Information Security and Privacy Awareness and Training Program by Rebecca Herold – the book I wish I had written (and retitled!). Full to the brim with bright ideas.

  7. How to Measure Anything by Doug Hubbard – creative approaches to measure and analyse situations that seem unmeasurable.

  8. Security Engineering by Ross Anderson – my infosec textbook of choice, if a bit outdated now (a 3rd edition is long overdue!). Emphasizes a systematic, engineering approach to infosec.

  9. DTI Code of Practice for Information Security (BSI DIC PD003), or the Shell corporate infosec manual before that – the precursors to BS7799 and ISO27k. A chance to think about how far we’ve come and where we are, or rather should be, heading next with security standards.

  10. The Power of Resilience by Yossi Sheffi – the supply network and business continuity book I am thoroughly enjoying reading right now. 
What would you suggest for my Amazon wish-list?

No comments:

Post a Comment