Site Map - Book Reviews

Fraud 101: Techniques and Strategies for Detection, Second Edition

- For the basics, one of the best chapters categorizes fraud into three primary types. One is duplicate-payment fraud, defined as the issuance of two or more identical checks to pay the same debt for a service. Second is multiple-payee fraud, which is similar, but the checks are not identical. The third type is shell fraud, the payment of alleged debts for fictitious projects or services. For each type, detailed analysis and case studies are provided.

Risk Revolution: The Threats Facing America and Technology’s Promise for a Safer Tomorrow

- Throughout the book, Smith plays the 9-11 card too much. If only the United States had had a massive database of financial transactions, surveillance images, and other personal data, Smith writes, the terrorists might have been stopped. He does admit, however, that technology such as databases and DNA can be used only to mitigate, not eliminate, threats to society.

Malware: Fighting Malicious Code

- Author Ed Skoudis provides amazing insight into the types of tools attackers use to bring down computers and networks or to steal and manipulate information stored on those systems. As would be expected, worms and viruses receive considerable attention, but Skoudis also is adept at explaining backdoors, Trojan horses, malicious mobile code, rootkits, and numerous other tools and scenarios.

Civil Liberties vs. National Security in a Post-9/11 World

- The book has six parts, with writings ranging from the historical to the latest in current thought. A discussion of civil liberties during wartime leads off the book. Selections from the U.S. Constitution and a federal habeas corpus statute round out the first chapter and provide a legal context for the subject.

Larstan’s The Black Book on Corporate Security

- Jim Kennedy’s chapter, “Business Continuity and Disaster Recovery,” deserves special mention because it is an excellent overview of the changes to traditional disaster planning brought about by the World Trade Center attacks. Less successful is a chapter entitled “Blending Corporate Governance with Corporate Security,” which discusses Sarbanes-Oxley. The author asserts that Section 404 of the act deals with “systems of control,” which he says are by their very nature computer information systems. Yet Section 404 does not specifically mention computer systems, and any security requirements beyond those necessary to ensure accurate financial accounting and reporting are beyond the scope of Sarbanes-Oxley. To flatly state that increased information security measures are required under this law is misleading.

Intruder Alarms, Third Edition

- Learn the skills and tools necessary to install and maintain effective intrusion alarm devices and systems.

From the Terrorists' Point of View: What They Experience and Why They Come to Destroy

- What makes Islamist terrorism tick?

Separating Fools From Their Money: A History of American Financial Scandals

- Financial scandals follow a pattern, and learning how this pattern plays out is essential to preventing future business crime and financial meltdowns.  

Security Law and Methods

- Author James F. Pastor weaves together security standards, best practices, and the law to help lawyers who litigate civil premises liability cases.

Counterdeception Principles and Applications for National Security

- The term "instant classic" is an oxymoron, but it nevertheless may apply to Counterdeception Principles and Applications for National Security.

Unconquerable Nation: Knowing Our Enemy, Strengthening Ourselves

- Among the many books that purport to point the way forward for America in the wake of 9-11, this one stands out, chiefly for its clarity and sensibility. It is often difficult to deny the common sense of Brian Michael Jenkins' commentary.  

Slamming Spam: A Guide for System Administrators


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.