Reading Schneier on Security


Renowned IT security expert Bruce Schneier's latest book, Schneier on Security, is a fascinating read that any chief security officer or security professional should pick up. The book is a compilation of articles that Schneier has written throughout the years, covering terrorism and security, privacy and surveillance, economics of security, and cybercrime and cyberwar, among other areas.

Once I bought the book, I couldn't put it down; I read it cover-to-cover in just four days. The chapters that had the most impact on me were Cybercrime and Cyberwar and Computer and Information Security. Schneier describes how easy it is to start a phishing and pharming operation on the Internet and how scammers use these to target their victims. He discusses how millions of computers are used to form bot networks and how they are used to perform denial-of-service attacks against corporations without the hardware owners even knowing they were part of the attack.

Weighing in on safe personal computing, Schneier gives a list of the 12 things you can do to improve your security. He further discusses how to secure your computer and hard disks, choosing good passwords, and how to combat spam.

What stands out are the brilliant insights from just a few years ago that have come true today. Overall, Schneier on Security is a light read. If you are looking for the bits and the bytes behind the covers, you won't find them here. Still, for serious security professionals looking for good reading material, I highly recommend that you pick up a copy.