Thursday, 23 July 2015

The Basics of Information Security (Second Edition) by Jason Andress

Lowdown: An overview of infosec’s realm.
Generally speaking, I tend to avoid reviewing professional books in this blog. I will make an exception for The Basics of Information Security (Second Edition), though, for two simple reasons. One, the book is exceptional in that it does not require technical knowledge in order to be read; generally speaking, everyone should be able to pick it up. And second, if there is anybody out there seeking to receive a broad understanding of the world of infosec (a fancy way of saying information security) then this one would be a pretty good venue to start at.
The Basics of Information Security certainly lives up to its name. It is your classic textbook: laconic, starts at the basics and gradually builds up, but ultimately never gets really deep and leaves the burden of specialisation on its reader. Which is perfectly fine; the catch is actually to find a book as generic as this one in an area that seems devoid of anything but specialisation. Thus the book covers all the basic concepts, like authentication, authorisation, auditing, physical security and – of course – cryptography. The structure is constant, with theoretical explanations followed by real life examples and even mentioning of the occasional professional tool.
The book is notable for being up to date. The curious case of Edward Snowden receives its attention, with the author rightly pointing out how much of a milestone event this has been in the history of the infosec world (while, at the same time, seeming to take the security breach rather personally).  On the negative side, some of the few photos used in the book feel like they were taken by a 5 year old armed with a phone camera, thus detracting from the professional image the book seeks to impart.
Far from the most interesting read in the world, The Basics of Information Security works by virtue of its coverage and earthly approach. Read it and you will be able to read the deeper stuff that follows down the path or, alternatively, acquaint yourself with a world of much relevance to the Internet/computer using people of this day and age.
4 out of 5 well introduced crabs.

No comments: