Computer Security Sourcebook and Communications Security Sourcebook. Edited by Wilma R. Caldwell; published by Omnigraphics, 800/234-1340 (phone), www.omnigraphics.com (Web); 514 pages and 375 pages, respectively; $68 each.
Until just before publication, Computer Security Sourcebook and Communications Security Sourcebook constituted a single work, but they were broken into two books due to the sheer volume of material included. Both books are compilations of previously published material, much if not all of it available free online or in periodical archives at a university library.
While pulling all the material into one convenient bound reference saves the reader a tremendousamount of legwork, these articles are compiled without effective editorial oversight. Wilma Caldwell presents the views of many others, but she fails to add insights of her own. That might be acceptable if the articles stood on their own, but they are of varying quality, and the criteria for their inclusion are unclear. A computer or communications security professional may well be able to discern the higher-quality articles from the rest, but such a professional wouldn't need these references in the first place.
When taking on the task of providing a self-proclaimed sourcebook, one also takes on the duty of editorial judgment. Without critical analysis of the selected articles, such a compendium provides little more value than a point-in-time clipping service, dated even before it rolls off the press.
If a compilation of continually updated material were placed on a Web site, it would provide a valuable service. If professionals provided expert feedback on the articles posted, it could be even more valuable. That's something to keep in mind if there are future iterations of these books.
Reviewer: Lee Imrey, CPP, CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), is a program development manager and lead instructor with the International Information Systems Security Certification Consortium. He serves on the ASIS International Information Technology Security Council.