Zen and the Art of Information Security (Paperback)

~ Ira Winkler (Author)
Key Phrases: dive master, script kiddie, security countermeasures, Department of Defense, Ira's Golden Rules, United States (more...)

Editorial Reviews

Product Description

While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves. Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler's experiences making security understandable to the business world. Mr. Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year. Zen and the Art of Information Security is based on one of his most well received international presentations.

*Written by an internationally renowned author of "Spies Among Us" who travels the world making security presentations to tens of thousands of people a year
* This short and concise book is specifically for the business, consumer, and technical user short on time but looking for the latest information along with reader friendly analogies
* Describes the REAL security threats that you have to worry about, and more importantly, what to do about them

From the Back Cover

While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves. Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler's experiences making security understandable to the business world. Mr. Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year. Zen and the Art of Information Security is based on one of his most well received international presentations.

See all Editorial Reviews

Product Details

• Paperback: 192 pages
• Publisher: Syngress (March 1, 2007)
• Language: English
• ISBN-10: 1597491683
• ISBN-13: 978-1597491686
• Product Dimensions: 8.5 x 7 x 0.7 inches
• Shipping Weight: 10.4 ounces (View shipping rates and policies)
• Average Customer Review: 3.0 out of 5 stars  See all reviews (1 customer review)
• Amazon.com Sales Rank: #179,055 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #90 in

  Books > Computers & Internet > Business & Culture > Hacking

Customer Reviews

Most Helpful Customer Reviews

10 of 10 people found the following review helpful:

3.0 out of 5 stars Ideal for naive newcomers to information security, June 9, 2007

By	Dr. G. Hinson "NoticeBored.com" (New Zealand) - See all my reviews (REAL NAME)

The book is written for naive computer users with limited prior knowledge of information security. Readers familiar with Ira's previous books (Corporate Espionage and Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day) will probably recognize the style and examples. Ira avoids technical descriptions of information security risks and controls, thereby avoiding the technical jargon common in other infosec books. On the whole, he sticks to non-technical attack methods (such as social engineering) and defenses, with barely a mention of network hacking and malware. The subject matter is essentially the same as Ira's previous books so it could be said that this is another re-hash of those - however, Ira has made a conscious decision to write a more succinct and high-level book to make the topic more accessible to the layman who is less likely to have read the previous books. Given the stated intent to write a short book on such a complex technical subject, the writing is necessarily quite superficial in places, frequently glossing over the realities.

Two threads throughout the book are (1) it is necessary to understand security risks and (2) simple security controls are good enough to stop most threats. The Zen in the title appears to refer to martial arts rather than Eastern philosophies, and is used in the context of explaining that there is no need to be a `black belt' information security expert to be effective. There is some merit in the argument, in the same way that basic first aid techniques can help save lives. Personally, however, I wouldn't take the argument so far as to suggest that there is no need for trained professional medics.

A few technical inaccuracies caught my eye, some of which I could put down to the book's rather superficial coverage but others appear to be genuine misunderstandings by the author. In several places, the author makes disparaging remarks about script kiddies, fair enough, but he is also dismissive of skilled hackers. I find this attitude troubling since hackers can be worthy adversaries of even the best and most resourceful information security managers. There are far too many incidents to dismiss all hackers out of hand, therefore it would be foolhardy to discount hacking risks.

If you have no background in information security, this book makes an interesting introduction to the issues but falls short on useful advice. If you have read the author's previous books, you are unlikely to learn anything new.