You already know the endless list of security "do's and don'ts": run AV software and firewalls, lock everything down, encrypt everything, watch all your network traffic, follow checklists… But even if you're spending a fortune doing all that, you're at greater risk than ever: even the world's most security-focused organizations are being victimized by massive attacks. Something is terribly wrong. We're protecting the wrong things, damaging productivity, and making it way too hard for our people to help us.
Today, getting security right requires more than checklists; it requires careful thinking about your actual threats and technologies. That's what this book is about: how to think about security. Most security books just give you "do's and don'ts." Thinking Security tells you why, and helps you design a security architecture that truly fits your organization.
Written by Steve Bellovin, one of the world's most respected security consultants, this guide is for professionals who know all the basics: working security specialists, admins, IT managers, architects, and chief security officers. Bellovin will help you take a deeper look at what you're doing, understand security as a "systems problem," recognize the implications of your environment, and "think like the enemy."
Bellovin shares usable and up-to-date insights and recommendations on issues ranging from SSO and federated authentication to clouds, BYOD, and virtualization. You'll also find a full section on secure operations, covering everything from hiring, vendor selection, and patch management to emerging risks associated with the Internet of Things.
Perfect security is impossible — but Thinking Security will help you get it about as right as anyone can.
- Series: Addison-Wesley Professional Computing Series
- Hardcover: 400 pages
- Publisher: Addison-Wesley Professional; 1 edition (November 15, 2015)
- Language: English
- ISBN-10: 0134277546
- ISBN-13: 978-0134277547
- Product Dimensions: 7.1 x 1 x 9.2 inches
- Shipping Weight: 1.6 pounds