Books IT security pros need

By on

I went through my library and picked out a few of the books that I think are the most useful and important for the security professional with little time for reading.

I will begin with a new three volume set that should be in every corporate information architecture (IA) library. The Handbook of Information Security (Wiley, 2006), edited by Dr. Hossein Bidgoli, is unquestionably the most complete reference work on information security extant. The dozens of editorial board members and contributors are a who's who of our industry.


Another valuable reference of similar content is the venerable Computer Security Handbook (Wiley, 2002), edited by Seymour Bosworth and Dr. Mich Kabay. It's not quite the weight of the three volume set, but full of important information from, again, a who's who of the IA world.


A new Auerbach book that should be on every IA book shelf is Information Security Architecture (Auerbach, 2006) by Jan Killmeyer. This is different from just about any IA architecture book I've ever read and has the answers you need when designing or updating your security architecture.


Another Auerbach must-have is the newest from my friend and colleague Rebecca (Becky) Herold, Managing an Information Security and Privacy Awareness and Training Program (Auerbach, 2005). This addresses what is arguably the hottest issue in security today: privacy. Becky is an expert on this topic. She has spoken, taught and written internationally and is a fixture at various industry conferences.


While I'm on the topic of Auerbach, any book from Tom or Justin Peltier belongs, not in your library but on your desk where you can get to it quickly. There are several volumes that cover policy, risk analysis and penetration testing.


Brian Carrier, a soon-to-be new Ph.D. from CERIAS at Purdue University, has written the definitive book on forensics, File System Forensic Analysis (Addison Wesley, 2005). Brian is the expert on this topic and his book has been lauded in digital forensic circles. Even if you are not doing sophisticated forensic analysis, this book has everything you need to know about how various file systems work.


Books, books, books. If you are doing just about any level of work in IA you need 'em. And the ones here are absolute necessities for your collection.

-Peter Stephenson, Norwich University

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?