I would like to thank publisher Syngress for sending me two new books that I plan to read in 2006. They sent others, but they are outside my Wish List and therefore well beyond the reach of my reading list. First is Securing IM and P2P Applications for the Enterprise by Paul Piccard, et al, with Marcus Sachs as technical editor. I want to read this book because it addresses the sort of inside-out security problems I wrote about in Extrusion Detection. This appears to be a technical book with lots of helpful advice.
The second book is Insider Threat by Dr. Eric Cole and Sandra Ring. This appears to be a largely non-technical book, dealing more with case studies and general advice. I still think a book like this is helpful, if only to focus people's minds on what the word "threat" means. A flawed version of SSH running inside a company is not an "insider threat," but a disgruntled system administrator certainly is!