Winter Driving Best Books of the Month Men's Leather Watches Learn more nav_sap_SWP_6M_fly_beacon $5 Albums All-New Amazon Fire TV Subscribe & Save Amethyst Jewelry Find the Best Purina Pro Plan for Your Pet Amazon Gift Card Offer jstfd6 jstfd6 jstfd6  Amazon Echo Starting at $49.99 Kindle Voyage Shop Now SnS
Profile for Koala > Reviews


Koala's Profile

Customer Reviews: 32
Top Reviewer Ranking: 739,519
Helpful Votes: 180

Community Features
Review Discussion Boards
Top Reviewers

Guidelines: Learn more about the ins and outs of Your Profile.

Reviews Written by
Koala RSS Feed (Australia)

Page: 1 | 2 | 3 | 4
Just Start: Take Action, Embrace Uncertainty, Create the Future
Just Start: Take Action, Embrace Uncertainty, Create the Future
by Leonard A. Schlesinger
Edition: Hardcover
Price: $23.66
56 used & new from $10.61

0 of 1 people found the following review helpful
4.0 out of 5 stars Sidebars killed a fun read, December 4, 2014
I have nothing against sidebars, I enjoy reading them. But there is a reason why they are called "sidebars".... to have 2, 3 or 4 sidebars every chapters, they were a major distraction for me. Try flipping back and forth between sidebars and the core material, several times and every chapter, it breaks concentration, then you start wondering if you missed one and go back a few more pages.

I am reading Just Start for the second time. It is a fun, practical book. The following passages, in particular, resonate with me:

".. when facing the unknown, act your way into the future that you desire; don't think your way into it. Thinking does not change reality, nor does it necessarily lead to an learning."

"Let me take a first step and see what happens. And if I like the results, I'll keep going."

"Action always leads to evidence and learning; thinking does not..."

There were many others. I just wish the sidebars could be less of a distraction, may be include them at the end of each chapters ?!

The Lords of Strategy: The Secret Intellectual History of the New Corporate World
The Lords of Strategy: The Secret Intellectual History of the New Corporate World
by Walter Kiechel
Edition: Hardcover
Price: $18.69
73 used & new from $7.06

3.0 out of 5 stars Almost gave up, November 28, 2014
First it was the Learning curve, then came the Matrix and the 7S’s….then the embarrassing reengineering (never quite figure what was actually being engineered). Not exactly the most engaging book. I was about to give up, then Ch.5 started to get interesting. The personalities, the histories and the conflicts between the early players were fascinating. Readers should know a bit about the consulting industry and the major players to appreciate the book. A very small group of people basically created and shape the world of consulting. The last few chapters were quite dry.

Readers will walk away thinking the consultants are just as clueless as those who hired them. The consultants are good at selling models and tools. The industry is a multi-billion dollars industry. Their current success is hardly the result of any long term strategic planning.

To get a better understanding of the consulting industry, try The Firm, The McKinsey Way, McKinsey's Marvin Bower or Bad Leadership.

Understanding Michael Porter: The Essential Guide to Competition and Strategy
Understanding Michael Porter: The Essential Guide to Competition and Strategy
by Joan Magretta
Edition: Hardcover
Price: $15.49
104 used & new from $7.87

5.0 out of 5 stars A fun read and I learned much along the way, November 24, 2014
This book greatly contributed to my understanding of the five forces strategy. I really like the following quotes from the book.

"Great strategies are rarely, if ever, built on a particularly detailed or concrete prediction of the future." P.168

Alan Mulally (CEO of Ford) says, "That is what strategy is all about. It's about a point of view about the future and then making decisions based on that. The worst thing you can do is not have a point of view, and not make decisions." P.169

This doesn't mean I agree with everything in it. In the context of Continuity, strategies need time to mature. The needs to stay the course. The book argues that many management consultants substitute "flexibility" as an alternative to "strategy". I have not seen evidence of that. If anything, it was often the opposite that gets company into trouble. Why can't flexibility be part of the core strategy ? No one is arguing for flexibility without strategy.

I borrowed my copy from the library, will probably buy a hard copy, so I can read/re-read Porter's other books. Understanding Michael Porter is the most accessible strategy book on Porter's five forces.

Flash Boys
Flash Boys
by Michael Lewis
Edition: Hardcover
Price: $16.31
307 used & new from $2.29

5.0 out of 5 stars I liked the Liar's book but didn't become a fan, till now., November 20, 2014
This review is from: Flash Boys (Hardcover)
I must have read Liar's Poker 7 or 8 years ago. I liked the book but didn't become a fan. Then in the past four weeks, I read both The big short and Flash Boys. Who would have thought business books could be fun read. Flash Boys made me laugh and cry at the same time. I laughed so hard at the story of a worried secretary because the size of their new pager was too big for her boss, one of the character wanted to say (but didn't), "Why don't you just strap it onto his back, like a backpack ?" I dogear the page and I still laugh every time I read it.

I make me so angry the DAs are still going after techies on Wall Street. People lives are ruined, family lost .... and the lawyer gets a cosy job at big bank. Justice, guess they don't teach you that in law school.

I am going to read more of Michael Lewis' books.

The Strategy Paradox: Why Committing to Success Leads to Failure (And What to do About It)
The Strategy Paradox: Why Committing to Success Leads to Failure (And What to do About It)
by Michael E. Raynor
Edition: Hardcover
58 used & new from $0.01

1 of 1 people found the following review helpful
3.0 out of 5 stars Like having options, but other ideas fail., November 17, 2014
I really want to like this book, not the least of which is the idea that you can provide real strategic options. And in doing so a superior strategy, out of the many options, would emerge and presumably engineer a higher probability of success. While reading some of the case studies I got the feeling that I was reading another one of Jim Collins' (author of Build to Last, Good to Great). I think The Strategy Paradox suffers the same fate, retrofitting "insights" into a small selected group (carefully selected) of companies was always going to be... suspect. It didn't help that one of the cases was Microsoft - one of the most widely studied companies from the IT industry. Long story short, Microsoft did NOT cleverly engineered the strategic options of DOS, Windows, OS/2, NT....etc. They really did lose focus. They were fighting with their strategic partner at the time, IBM. There were having problems with Windows, losing the 32-bits platform mindshare, competing with Apple's better interface. But at the end it wasn't because of all these "strategic options" that Microsoft came to dominate the IT industry. In fact, looking back one could argue that the products or range of products didn't really matter. It was the clever licensing arrangement with OEM manufacturers.

I also disagree with the author on two other points: (1) the insistence of having high level strategy separate from tactical operations; (2) somewhat related to the first, adaptive strategy will only bring you mediocre results. After decades of business and management research, there are plenty of evidence to suggest that those at the top without a pulse of the operations are more likely to fail. And if being adaptive will only bring you back to the middle, Microsoft was late for the Internet game (in fact, threatened by it) but they adapted. Facebook didn't do business on mobile when IPO 12 months ago. Certainly wasn't in any of their strategic options. They also adapted and now 54% of their revenue came from the mobile platform.

That's some nice middle ground to be in.

For me, the book can be summarised by the following (I do like the idea of having options),

"For a company to take strategic uncertainty seriously, it must avoid making commitments in the face of uncertainty and instead create strategic options that can be exercised or abandoned depending on how those uncertainties are faced."

Smart or Lucky: How Technology Leaders Turn Chance into Success
Smart or Lucky: How Technology Leaders Turn Chance into Success
by Judith Hurwitz
Edition: Hardcover
Price: $22.27
42 used & new from $0.01

2 of 2 people found the following review helpful
1.0 out of 5 stars Don't read past the first six, March 9, 2014
I was ready to give this book a three or four, that was until Chapter 7. Then, one less star for each subsequent chapter. The first six chapters have enough feel good, high level business half-truths to make it an easy and entertaining read. I was even inspired.

Chapter 7 gave the game away.

It was clear the author doesn’t have deep knowledge in many of the topics. They were not different point of views, misinterpretations or minor inaccuracies. In many cases, the material demonstrated a clear lack of knowledge of the subject matter. Some may excuse it by pointing this isn’t a book for technical audience. Unfortunately, no such luck. Many of the discussions are part of the tech industry collective knowledge and lexicon, far from the hard core technical stuff. Any casual home PC magazine readers, weekend tech support warriors, or half decent graduates would have known.

Some examples from Chapter 7-10.

1. Not knowing the difference between Open System and Open Source.

Open Systems is about interoperability, allowing diverse and competing vendors (big and small) to create products that work/talk to one another. Vendors could and often did, create “closed” systems for their own products. As long as they all agree to use a common language (eg. drive on the right side), then all should be fine. TCP/IP is the best example of the benefits of Open Systems. The author thinks open system = open source, free and flexible...blah, blah, but no market, ....etc.

Open Source is a whole different ball game.

Clearly very limited understanding of what Open Systems is.

2. Eleven pages on why Client/Server is a failed technology. Somehow the author got the idea that Client/Server was a “graphical development approach”. As time progressed, more functions and capabilities are added as demanded by business, the technology got slow… presumably because of the more high end graphics. Client/Server was developed because,

“it was difficult to place images on a computer screen so as to allow a businessperson to work with a system….”

“This movement toward a more graphical development environment was the most important and most lasting innovation of the client/server era. “

“To meet business requirements, customers found ways around the limitations of client/server technologies. Vendors had to supplement the graphical tools with low-level, complicated programming tools…”

So the Client/Server era died/failed because “the technology simply wasn’t ready to deal with the magnitude of the customers’ needs.”

This is so far off the mark I don’t even know where to begin. Client/Server was partly a marketing term (just as Cloud is today), partly driven by the computing science community wanting to reduce the complexity of developing large systems (separating data structure from processing and frontends), and mostly taking advantage of the increasing powerful end users PC in an interconnected environment. The applications and tools have become “network aware”. Client/Server was designed to scale. By the way, what do you think all those javascripts, cloudfronts…etc are doing when you use Amazon or Salesforce ? They are basically layers of Client/Server technologies. You don’t have an Amazon database sitting on your PC, your clicky front ends doesn’t touch Salesforce backend, and when you pay the card detail is being processed at a 3rd party or merchant bank, and the application doesn’t leak data back to the sellers.

3. Object-oriented technology is another failure…. just look at IBM and Microsoft with its OS/2.

“The companies that succeeded were companies like Apple and Google, which have successfully leveraged object-oriented technology across their product offerings to achieve significant growth.”

I wonder what OO technology the author was referring to.

I have dog-eared about 10 pages from Chapter 7 onward and grew frustrated noting all of them down. The content for Cloud computing was equally shaky.

Very attractive title. I wish more books would examine the science of luck behind many of the success stories. How much of the success in a startup can be attributed to luck ? Unfortunately, you won’t find the answer in this book.

The 4-Hour Workweek: Escape 9-5, Live Anywhere, and Join the New Rich
The 4-Hour Workweek: Escape 9-5, Live Anywhere, and Join the New Rich
by Timothy Ferriss
Edition: Hardcover
Price: $13.09
274 used & new from $7.98

3.0 out of 5 stars Flashy, but still useful, February 17, 2014
The book is probably a little bit too infomercial for my tastes, but some of the resource links can be very useful. One doesn't have to believe ALL the stories, nor work ONLY 4 hours a week. There is no 4 hours law. If after reading the book someone gets off his/her backside and actually put action to work, that can only be a good thing.

Security Metrics Management: How to Manage the Costs of an Assets Protection Program
Security Metrics Management: How to Manage the Costs of an Assets Protection Program
by Gerald L. Kovacich
Edition: Hardcover
Price: $84.95
36 used & new from $28.61

1 of 1 people found the following review helpful
2.0 out of 5 stars A disappointment, September 2, 2013
This book is a collection of security topics with a few metric terminologies in the mix. The authors insisted on using their own acronyms like CAPP, SMMP and ISSO, even though there are perfectly acceptable industry alternatives that every practitioner understands. The first few chapters basically said having a CAPP is critical and a SMMP will help you to do that, repeatedly.

CAPP stands for Corporate Assets Protection Program; SMMP stands for Security Metrics Management Program and ISSO is Information Systems Security Officer.

Forget about the superficial treatment on the so called methodologies, I reserve the greatest criticism for the very poor quality of the diagrams, flowcharts and drawings. They were embarrassingly amateurish. Different font sizes, style, shadings were often used ... within the same figure. A lot of the diagrams/flowcharts were clearly "forced" in an attempt to demonstrate "high level thinking". They added nothing to the understanding of the material. And with caption like this, "The loss of versus damage to corporate assets in total in a year", I gave up after reading about 12 chapters.

Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement
Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement
by W. Krag Brotby
Edition: Hardcover
Price: $64.96
28 used & new from $13.01

1 of 2 people found the following review helpful
2.0 out of 5 stars Think twice before buying, July 7, 2013
As one reviewer noted, the coverage is very superficial. The book included some rather obscure models that I have never seen it used in the real world. Perhaps the book is simply mis-titled. For the practitioners in the field who read the book and start digging a little deeper, you'd get the sense that the author really didn't have much hands-on experience. One particular paragraph and chart caught my eye.

Page. 68, the paragraph and chart on a study of the ROSI of various activities, based on a whitepaper from @Stake. The author provided no interpretation for the chart. The book claims it's based on an analysis of over 600 organisations. And wrote an insightful observation, "These results will undoubtedly be controversial and lead to energetic protests..." The following was what trouble me.

Here is a short version of what the "saving to cost ratio" chart suggests: (1)Screen Locking has a 71.9% effectiveness in improving security; whereas things like (2) Nightly Back-up (only 0.2%) and (3) Central Access Control (0.1%). Firewall, IDS, patches...etc are in between (all below 10%)

Any security professional who saw the chart and read the "insight" would question the findings and probably dig a bit deeper. I did. As it turns out, through a thin connection of mine who knows a guy who knows another guy who used to work for @Stake.

They couldn't find any whitepaper on a ROSI study of 600+ organisations. (Doesn't mean it's not there, but he couldn't find it.)

The cited source of the chart did worked for @Stake for a year or so. However, the chart actually came from the source's PhD thesis while he was an economic graduate at Stanford University. (I am actually reading his paper from my desktop as I type this) I am just going to copy the following verbatim, straight from the PhD thesis... in reference to the "saving to cost ratio" chart,

"The savings were calculated by assuming that each safeguard was implemented in isolation."

So.... how many of you implemented screen saver locking "in isolation" ? or turn on your nightly backup "only" and nothing else as a security measure ? Don't get me wrong, it was actually quite an interesting paper, well worth the read. I believe the paper actually got quite a bit of press coverage when it was first released.

The only thing "controversial" about this is How did the author miss that ? (book author, not the original source)

Two stars for the end of chapters References.

IT Architecture For Dummies
IT Architecture For Dummies
by Kalani Kirk Hausman
Edition: Paperback
Price: $24.01
54 used & new from $10.24

26 of 32 people found the following review helpful
1.0 out of 5 stars What Architecture ?, December 30, 2011
I dreaded writing this review because I could only manage to read the first 7 chapters, and skimmed the rest. There was minimal "architecture" discussion. The best I can describe it is an assortment of miscellaneous trendy IT topics - Identity management, Virtualisation, Green IT, Cloud, Mobile computing. In the true Dummies style, each topic was treated with a basic definition and some high level fluff. Nothing you can't Google for and get a more in-depth reading. There was no attempt to tie any of these technologies into anything. Where is the architecting ?

The following stopped me from reading the book after seven chapters:

1) Making the Hard Software Choice: Open Source or Closed Source (Page 33)
2) Basically, an enterprise security strategy must include a layered framework to protect the data. [followed by an illustration: A diagram with concentric rings with Data as the center and an arrow point inward with the phrase "Defense In Depth", and called this a layered framework.] (Page 68, 69)
3) Risk assessments are critical tools for showing management the value of the procedures outlined in the security policy. (Page 74)
4) The emergence of cloud computing has introduced difficulties for organizations using strict ITIL service management practices due to the block-box nature of the cloud service host details. (Page 77)
5) Reducing the probability of a threat event involves employing countermeasures appropriate to the vulnerabilities associated with the threat. (Page 90)

- Several pages were devoted on the Pros and Cons of Open Source vs Closed Source softwares. The suggested judging criteria was - if you don't need to see the code, pick commercial software. The world has moved on from the Either/Or argument 15 years ago. 99% of the companies have both, and decisions are made based on fit-for-purpose and functionality.
- Figure 5-1 on Page 69 is not a framework, it's a diagram with concentric circles and some words throw at it. A framework needs to provide a structured approach to build a foundation. Where is the structure ? What elements constitute as the building blocks ? What is the relationship between the different elements within the structure ?
- Risk assessments to show the "value of the procedures..." I am not sure what this mean. However, you should try to avoid including procedures in policy documents. Risk assessments are done to understand the company/system security posture and evaluate the effectiveness of security controls and risk mitigation strategies.
- Seriously..... with all the publicity of Cloud immaturity: extended outage; lack of proper backup; data leaks...etc. all areas of many active research, and you worry about ITIL compliance ? Really ?
- Threats are generally external entities that we can't do much about, except to understand, manage and try to mitigate the associated risks. How do you change the probability of a threat ? By putting in place effective security controls, the likelihood (probability) of risks being realised can be reduced. You can also reduce vulnerabilities. Not running certain applications or turning off services for example, can reduce the overall % of risks by virtue of the fact that there are less exploitable vulnerabilities. But I still can't do much about the number of hackers out there or how often they like to hack. Readers are encouraged to do their own research on these security fundamentals.

Perhaps the book was simply mis-titled. But what is the architecture ? where is the discussion on business alignment with technologies ? what was the repeatable methodology used to translate business objectives into IT strategies ?

But if you read the book and thought - "huh, that's not so bad. I too can call myself an architect." I urge you to Google "TOGAF 9" and download the framework. You will learn more about enterprise architect after reading just the first two chapters.
Comment Comment (1) | Permalink | Most recent comment: Sep 22, 2012 7:27 PM PDT

Page: 1 | 2 | 3 | 4