Site Map - Book Reviews

Data Hiding Fundamentals and Applications: Content Security in Digital Multimedia

- Aimed at the experienced content-security professional, the book begins with a brief introduction to the types and uses of steganography. Remaining sections and chapters take the reader, step by mathematical step, through data-hiding applications such as the use of hidden watermarks in images and video to verify ownership. Also discussed are intellectual property attacks and detection and response measures for thwarting those attacks.

Private Security and the Law, Third Edition

- Charles Nemeth has released the third edition of his highly acclaimed Private Security and the Law. For years, it has proved to be an indispensable guide to civil and criminal liability stemming from acts or omissions committed by the security function. This newest edition updates the principles with new case law.

Forensic Discover

- Forensic Discovery is not for technical novices; readers must have a solid understanding of computer file systems, networking concepts, and computer processes. The authors focus on computer forensics for UNIX (Solaris, FreeBSD, and Linux) computers, with scant information provided about Windows. The authors explain how to obtain reliable digital evidence from running UNIX systems, uncover changes to system utilities and kernel modules, and identify suspicious activity. Sample computer compromises illustrate the concepts.

The Ethical Hack: A Framework for Business Value Penetration Testing.

- Tiller does a fantastic job explaining the process of the ethical hack from beginning to end. By way of charts, diagrams, graphs, and comparisons, the reader is led step by step through a penetration test. Also provided are sample incident reports and response forms, examples of documentation needed for the test, and an example of how the finished penetration-test document should be presented.

Aggression in the Workplace: Preventing and Managing High-Risk Behavio

- In this book, author Marc McElhaney shares his experience, perspective, programs, and conclusions with regard to aggressive and threatening behavior in the workplace. His easy-to-read style blends comprehensive coverage with enough detail to make the book a practical tool.

Osama: The Making of a Terrorist.

- The face of terrorism today is Osama bin Laden. Yet for all the publicity surrounding him, he remains an elusive figure who has become larger than life throughout the Muslim world. Merely mentioning his name evokes adulation among his devotees and revulsion in the Western world. When he issues a video or audiotape, terror alerts spike all over the world. Therefore, knowing as much as possible about him is useful for those  tasked with trying to counter his activities and those of his supporters. This book is an excellent effort to do just that.

The Safe Hiring Manual: The Complete Guide to Keeping Criminals, Terrorists, and Imposters Out of Your Workplace

- One of the most useful, and untapped, security tools at any business is the human resources department. HR serves as the operational equivalent of an access control system, keeping problem employees off the payroll. Many companies fail to take full advantage of this department.


- When outsourcing security services, what key characteristics should you look for in a contractor? How can you figure out whether the rates a vendor charges are reasonable? What should you include in a request for proposal (RFP) for security services? In Value-Based Security Procurement, a book newly published by ASIS International, author David R. Serafine, CPP, answers these questions and more.

Fraud 101: Techniques and Strategies for Detection, Second Edition

- For the basics, one of the best chapters categorizes fraud into three primary types. One is duplicate-payment fraud, defined as the issuance of two or more identical checks to pay the same debt for a service. Second is multiple-payee fraud, which is similar, but the checks are not identical. The third type is shell fraud, the payment of alleged debts for fictitious projects or services. For each type, detailed analysis and case studies are provided.

Risk Revolution: The Threats Facing America and Technology’s Promise for a Safer Tomorrow

- Throughout the book, Smith plays the 9-11 card too much. If only the United States had had a massive database of financial transactions, surveillance images, and other personal data, Smith writes, the terrorists might have been stopped. He does admit, however, that technology such as databases and DNA can be used only to mitigate, not eliminate, threats to society.

Malware: Fighting Malicious Code

- Author Ed Skoudis provides amazing insight into the types of tools attackers use to bring down computers and networks or to steal and manipulate information stored on those systems. As would be expected, worms and viruses receive considerable attention, but Skoudis also is adept at explaining backdoors, Trojan horses, malicious mobile code, rootkits, and numerous other tools and scenarios.

Civil Liberties vs. National Security in a Post-9/11 World

- The book has six parts, with writings ranging from the historical to the latest in current thought. A discussion of civil liberties during wartime leads off the book. Selections from the U.S. Constitution and a federal habeas corpus statute round out the first chapter and provide a legal context for the subject.

Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.