Cybersecurity: A Self-Teaching Introduction

Author:  C. P. Gupta and  K. K. Goyal
Publisher: Mercury Learning
Pages: 200
ISBN: 978-1683924982
Print: 1683924983
Kindle: B0861BKN4R
Audience: People who want to sound as if they understand
Rating: 1
Reviewer: Alex Armstrong
Cybersecurtity - find out what a firewall is!

Or not.

I started to read this book because I realized my knowledge of security issues was a bit out of date. I can honestly say that I learned nothing practical by reading this book. It is essentially a manager's style summary of everything do with cybersecurity you can think of and it is full of lists of things and terms, but it never gets to tell you anything about how things work or what to do.

The back-jacket blurb mentions firewalls and VPNs - there is virtually no mention of either inside and if you do read what little there is you will still have no idea what a firewall or a VPN is, let alone how one works or how to use one.The discussion is vague and keeps the reader at a distance. For example, the discussion of different types of firewall give you no idea what is actually happening or what you are being protected against.

There isn't a single piece of information included that would help you detect or deal with a security problem. There isn't a single piece of practical advice or actionable recommendation. If there is I missed it among the lists.

Chapter 1 presents a philosophical discussion of what is a computer system and even the table showing how information systems developed is dubious - it claims that the www was extended by the Internet! I have no idea what this means.

The book carries on like this looking at different areas where security might be important. So in Chapter 2: Application security there are lists of types of application and it reminds you to make backups. This is the chapter in which firewalls and VPNs are introduced and I'm not sure in what sense they apply to "application security". There then follows a list of types of attack - DOS, viruses, logic bombs, trapdoors, etc - but this amounts to just a definition to make you aware of the terminology.

Chapter 3 is about developing secure information systems and it's a vague managment-level account of how you might do things. For example, you should engage in threat modelling - no help on how to do this is given. Another example is what you do in the "design review":

The chief design consideration to implement security are the following:

  • validating inputs
  • exception handling
  • applying cryptography
  • using random numbers

 

"Using random numbers" well yes I guess so, but "applying cryptography" - if only it was that easy. You might as well add "try harder not to get hacked".

Chapter 4 is a brief survey of standards and legal requirements. It ends with a look at open source license types, and I don't see what this has to do with the topic.

The final chapter is another vague examination of a huge topic - data analytics, cloud computing, IoT, smart grid, Scada and wireless sensor networks.

Conclusion

This could be the sort of book a manager might read to find out about cybersecurity. If this is the case I really fear for any teams they manage and I really don't think they would have any idea how to lock down a system after reading it. More to the point I don't think they would know how to tell someone else to make the system secure or check that it was. At best this is a book that might impart some of the jargon and terms used in cybersecurity so that you had a chance of sounding knowledgeable. Being more charitable, it might enable you to understand what a cybersecurity expert was proposing - but I really doubt it.

If you are a programmer, don't bother reading this book. If you see your manager reading it, be prepared for trouble. 

 

To keep up with our coverage of books for programmers, follow @bookwatchiprog on Twitter or subscribe to I Programmer's Books RSS feed for each day's new addition to Book Watch and for new reviews.

Banner


The Dream Team Nightmare

Author: Portia Tung
Publisher: Pragmatic Bookshelf, 2013
Pages: 304
ISBN: 978-1937785718
Print: 1937785718
Kindle: B00I9GR4UQ
Audience: Anyone who has worked on an agile project or is thinking about trying it
Rating: 4
Reviewer: Lucy Black

A novel approach to teaching lessons about using Agile techn [ ... ]



Beginning Flutter (Wrox)

Author: Marco L. Napoli
Publisher: Wrox
Pages: 528
ISBN: 9781119550853
Print: 1119550823
Kindle: B07YCVJW2D
Audience: Mobile developers
Rating: 4.5
Reviewer: Sanjay Kanade

Flutter is Google's SDK for writing mobile apps using the Dart language. It needs a good book - does this on [ ... ]


More Reviews

Last Updated ( Tuesday, 25 August 2020 )