The CISO Handbook: A Practical Guide To Securing Your Company is written by several Certified Information Systems Security Professionals who have set out to write the ultimate information officer’s handbook.
The book is well structured but it has two major shortcomings. One is inconsistent style and tone. This is the apparent result of having multiple authors. One of the authors likes pithy quotes; another, multiple headings; another, ineffective diagrams. This forces readers to work too hard.
The second shortcoming is the book’s ineffectiveness as a handbook. A good handbook is not meant to be read as a narrative; it can be snatched off a shelf to address a particular issue. That’s not achieved here.
Does this book contain all the information needed to become a chief information security officer? No. But it may enhance and supplement a CISO’s knowledge.
The CISO Handbook: A Practical Guide To Securing Your Company, by Michael Gentile, Ron Collette, and Tom August, is published by Auerbach Publications. It is available from www.crcpress.com for $69.95.
(Reviewed by Derek Knights, CPP, CISSP, CFE, a senior security governance specialist with Sun Life Financial in Toronto, Ontario, Canada.)