Beautiful Security: Leading Security
Experts Explain How They Think
Beautiful Security Is Timely, Important And Readable
In this thought-provoking anthology, todays security experts describe bold
and extraordinary methods used to secure computer systems in the face of
ever-increasing threats. Beautiful Security features a collection of essays
and insightful analyses by leaders such as Ben Edelman, Grant Geyer,
John McManus, and a dozen others who have found unusual solutions for
writing secure code, designing secure applications, addressing modern
challenges such as wireless security and Internet vulnerabilities, and much
more. Among the books wide-ranging topics, youll learn how new and
more aggressive security measures work--and where they will lead us.
Topics include: Rewiring the expectations and assumptions of
organizations regarding security Security as a design requirement
Evolution and new projects in Web of Trust Legal sanctions to enforce
security precautions An encryption/hash system for protecting user data
The criminal economy for stolen information Detecting attacks through
context Go beyond the headlines, hype, and hearsay. With Beautiful

Security, youll delve into the techniques, technology, ethics, and laws at
the center of the biggest revolution in the history of network security. Its a
useful and far-reaching discussion you cant afford to miss.
Personal Review: Beautiful Security: Leading Security Experts
Explain How They Think
Books that collect chapters from numerous expert authors often fail to do
more than be a collection of disjointed ideas. Simply combining expert
essays does not always make for an interesting, cohesive read. Beautiful
Security: Leading Security Experts Explain How They Think is an
exception to that and is definitely worth a read. The books 16 chapters
provide an interesting overview to the current and future states of security,
risk and privacy. Each chapter is written by an established expert in the
field and each author brings their own unique insights and approach to
information security.
A premise of the book is that most people don't give security much
attention until their personal or business systems are attacked or
breached. The book notes that criminals often succeed by exercising
enormous creativity when devising their attacks. They think outside of the
box which the security people built to keep them out. Those who create
defenses around digital assets must similarly use creativity when designing
an information security solution.
Unfortunately, far too few organizations spend enough time thinking
creatively about security. More often than not, it is simply about deploying
a firewall and hoping the understaffed security team can deal with the rest
of the risks.
The 16 essays, arranged in no particular theme are meant to show how
fascinating information security can be. This is in defense to how security
is often perceived, as an endless series of dialogue boxes and warnings,
or some other block to keep a user from the web site or device they want
to access. Each of the 16 essays is well-written, organized and well-
argued. The following 4 chapter are particularly noteworthy.
Chapter 3 is titled Beautiful Security Metrics and details how security
metrics can be effectively used, rather than simply being a vehicle for
creating random statistics for management. Security metrics are a critical
prerequisite for turning IT security into a science, instead of an art. With
that, author Elizabeth Nichols notes that the security profession needs to
change in ways that emulate the medical professional when it comes to
metrics. She notes specifically that security must develop a system of vital
signs and generally accepted metrics in the same way in which physicians
work. The chapter also provides excellent insights on how to use metrics
and how metrics, in addition to high-level questions that can be used to
determine how effective security is within an organization.

Chapter 6 deals with online-advertising and the myriad problems in
keeping it honest. Author Benjamin Edelman observed a problem with the
online supply chain world, as opposed to brick and mortar (BAM) world, in
that BAM companies have long-established procurement departments with
robust internal controls, and carefully trained staff who evaluate
prospective vendors to confirm legitimacy. In the online world,
predominantly around Google AdSense, most advertisers and advertising
networks lack any comparable rigor for evaluating their vendors. That has
created a significant avenue for online advertising fraud, of which the on-
line advertising is a victim to.
Edelman writes that he has uncovered hundreds of online advertising
scams defrauding hundreds of thousands of users, in addition to the
merchants themselves. The chapter details many of the deceptive
advertisements that he has found, and shows how often web ads that tout
something for free, is most often far from it.
Chapter 7 is about the PGP and the evolution of the PGP web of trust
scheme. The chapter is written by PGP creator Phil Zimmerman, and
current PGP CTO Jon Callas. It has been a long while since Zimmerman
has written anything authoritative about PGP, so the chapter is a welcome
one. Zimmerman and Callas note that while a lot has been written about
PGP, much of it though containing substantial inaccuracies. The chapter
provides invaluable insights into PGP and the history and use of
cryptography. It also gives a thorough overview of the original PGP web of
trust model, and recent enhancements bring PGP's web of trust up to date.
Chapter 9 is one of the standout chapters in the book. Mark Curphrey
writes about the need to get people, processes and technology to work
together so that the humans involved in information security can make
better decisions. In the chapter, Curphrey deals with topical issues such as
cloud computing, social networks, security economics and more. Curphrey
notes that when he starts giving a presentation, he does it with the
following quotation from Upton Sinclair -- "it's difficult to get a man to
understand something when his salary depends on him not understanding
it". He uses the quote to challenge listeners (and readers in this case) to
question the reason why they are being presented the specific ideas,
which serves as a reminder of common, subtle biases for thoughts and
ideas presented as fact.
In its 250 pages, Beautiful Security is both a fascinating an enjoyable read.
There are numerous security books that weight a few pounds a use reams
of paper, that don't have a fraction of the real content that Beautiful
Security has. With other chapters from industry luminaries such as Jim
Routh, Randy Sabett, Anton Chuvakin and others, Beautiful Security is a
required read.

For those that have an interest in information security or those that are
frustrated by it, Beautiful Security is an eye-opening book that will
challenge you, and change the way you think about information security. It
is a good book for those whose who think information security is simply
about deploying hardware, and an even better book for those who truly get
information security.
For More 5 Star Customer Reviews and Lowest Price:
Beautiful Security: Leading Security Experts Explain How They Think 5 Star Customer
Reviews and Lowest Price!