Site Map - Book Reviews

Network Security Assessment.

- That's where Network Security Assessment comes in. This well-organized book presents the tools and techniques necessary to identify and assess risks in computer networks. A professional security tester who has successfully penetrated many networks, the author explains how to conduct a structured and logical network security assessment.

Terrorism: Strategies for Intervention

- Scholarly books are dry--it's almost inevitable. Luckily, this book, a compilation of articles on terrorism intervention strategies, is an exception. Though erudite, the book is captivating and easy to read, offering something for almost anyone with an interest in terrorism or in preparing for mitigation and emergency response. By placing problems, issues, and incidents in a highly relational situational context, it promotes reader understanding.

Business Under Fire: How Israeli Companies Are Succeeding in the Face of Terror--and What We Can Learn From Them.

- Information from interviews is presented as Q&A, then discussed. The author interviews an Israeli CEO, for example, then discusses the main points. A summary follows. The book proceeds like this through three sectors: hotel/tourism, high technology, and transportation.

The Disaster Recovery Handbook.

- Disaster planning need not be merely a necessary administrative burden. It can be a marketing tool. As the authors of The Disaster Recovery Handbook shrewdly observe, disaster preparedness and recovery is really a service for the client. Customers in effect enter into a partnership with their suppliers for their business essentials, so a disruption in supply can be catastrophic to a customer. Thus, disaster planning can be sold to customers as a pledge that the provider will keep their businesses going even in adverse situations.

Security Consulting, Third Edition

- Sennewald divides security consulting into three specialties: security management consulting (covering issues such as organizational change and policy development), forensic consulting (such as analyzing evidence for lawsuits), and security technical or engineering consulting (which includes recommending equipment or hardware). The book explicitly focuses on the first two--Sennewald admits to having no technical experience--but the lessons from the book could apply to all three.

Loss Prevention Threats and Strategies: How People Steal from Your Business and What You Can Do to Stop It.

- Loss Prevention Threats and Strategies provides one good alternative for nonexperts. It encourages owners and managers to take responsibility for prevention and training, and it furnishes the necessary tools that managers will need to develop an effective security strategy.

Sleuthing 101: Background Checks and the Law

- Databases have assumed a large role in background checks, but Nadell cautions readers about depending on databases when they conduct any criminal history searches. The larger the database, the more potential for inaccurate information. The state criminal repositories, if available, are frequently out of date, at times by months. Information obtained from a database should be verified through direct contact with the courts, Nadell advises.

Pickett’s Primer on Explosives.

- Mike Pickett, a veteran firefighter and educator, has produced a primer on explosives, including four videos and a short manual entitled Explosives Identification Guide, Second Edition. The first three videos deal with, respectively, commercial explosives, military ordnance, and bomb threats and searches. The fourth video provides basic information on weapons of mass destruction (WMDs). The accompanying guide complements this material.

Security Management: An Introduction. Second Edition.

- It’s a pleasant surprise, then, that this introductory book is tight and on point—an efficient use of reading time. Intended to assist in preparation for the CPP exam, the book introduces learning objectives at the beginning of each chapter, followed by well-explained concepts and concise examples. Each chapter ends with a useful list of key terms and extremely beneficial discussion questions and exercises.

Information Security Policies and Procedures: A Practitioner’s Reference. Second Edition

- Part one covers infosec policies and procedures, and part two is an information security reference guide. The journey through both is pleasant, but familiar, somewhat like an afternoon stroll through well-trod terrain. Neither part contains any revelations, but each is well constructed and brims with relevant information that is easy to find.

Disaster and Recovery Planning: A Guide for Facility Managers.

- Specific disasters including fires, bomb threats, and earthquakes receive individual attention. Probably to illustrate the extent and magnitude of disasters, Gustin includes lists of disaster and emergency declarations made in 2002 and 2003 that run for pages, from flooding in Arkansas to typhoons in the Federated States of Micronesia. The author’s good intentions aside, the lists don’t merit that much space.

Essentials of the Reid Technique: Criminal Interrogation and Confessions

- Many experts consider the Reid Technique to be the leading method on interviewing and interrogation and Criminal Interrogation and Confessions to be the seminal textbook on the subject. Now the developers of the Reid Technique have created an abridged version of the classic textbook, called Essentials of the Reid Technique: Criminal Interrogation and Confessions.

Secrets of Computer Espionage: Tactics and Countermeasures

- Just who is spying on whom? The author explains that the typical person might be a target of bosses, friends, family members, hackers, and many others. Even people with nothing confidential or of value on their computers risk getting caught up in espionage and other cyber capers. For instance, hackers can use their computers as vehicles for staging attacks or as a location for storing illicit files, such as child pornography. And as more cell phones and PDAs connect to the Internet, the risks multiply.

Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.