Amazon.com just published my four star review of The New School of Information Security by Adam Shostack and Andrew Stewart. From the review:If you don't "get" Allan Schiffman's 2004 phrase "amateurs study cryptography; professionals study economics," if you don't know who Prof. Ross Anderson is, and if you think anti-virus and a firewall are required simply because they are "best practices," you need to read The New School of Information Security (TNSOIS). If you already recognize why I highlight these issues, you will not find much beyond an explanation of these central tenets in TNSOIS.
3 comments:
TNOIS is "pimped" as the best thing after sliced bread from the security industry. While Shostack and Co make an excellent job identifying current issues within the security "industry
, this only serves to highlight that the second part of the book is low in content and ideas.
Thanks Rich!
I am afraid that there is not much "new school" in the The New School of Information Security.
Your review inspired me to do one as well, but it is more a general observation of the whole industry and raising a query about innovation in general.
Post a Comment