Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Enterprise Security Architecture: A Business-Driven Approach 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Frequently Bought Together
Customers Who Bought This Item Also Bought
More About the Author
Top Customer Reviews
However, I am very disappointed with this book from an application of methods standpoint. I was expecting so much more.
At the very least I expected some 'real-world' scenarios to be covered in some detail so the practitioner can use material, techniques presented in the book on the job. In several places, this book comes close to revealing the application of methodology being propounded under the trade name of SABSA but then fails to do so. Time and again, I turned over to the next page in anticipation but was left disappointed and exasperated! The author simply refers the reader to contact him for further details- well that's the point of reading the book isn't it? I bought this book for the details but left with an imitation of the Zachman Framework, which by the way is still more directly applicable to information security than SABSA in my most humble opinion. If I am wrong in having said that, it is because I did not learn how or why based on my reading of this book.
I still give it 4 because I like to round up from 3.5- there is too much good information here for the novice for me to rate it 3.
The book is in two distinct parts - this first outlines the philosophy and approach of SABSA (Sherwood Applied Security Architecture) and the second draws on the authors' considerable experience in using SABSA in real-life scenarios, giving a set of "standard" services and mechanisms that should be considered when building an Enterprise Security Architecture.
If you are looking just to do techie "black box" security engineering with routers and servers then this book is not really for you. This is a book for those with a responsibility for enterprises where security can be seen as enabling the business rather than fighting it.
Like others with whom I have spoken, I liked the "quick notes" in the left hand column of every page that let's you speed read each chapter. They made it really easy to set a good insight into the subject quickly and focus on the areas that I really wanted to know more about.
One hidden gem in this book is the approach to Measuring Return on investment in security - it opened my eyes to using security as a business enabler.
I had the oppurtunity to attend training given by David Lynas on Enterprise Security Architecture. I would also recommend attending, as David walks through several exercises in how to apply this methodology.
In the end, if you are responsible for any security architecture, using the principles/concepts/methodologies in this book will assist in making more concious, sound, security decison making.
Most Recent Customer Reviews
Useful for preparing for the CISM exam, much more so than the Security Engineering book also sometimes recommended. Read morePublished 20 days ago by NS
I looked at a number of different books for Enterprise Security Architecture and was hoping to find one for the kindle, which I usually read on my iPad when it comes to books with... Read morePublished on October 17, 2012 by Tirioka
I gave the book 4 stars as it covers the theories of security very well and was somewhat easier to read than the CISSP books. Read morePublished on April 12, 2011 by Sketchie