Cybersecurity: A Self-Teaching Introduction

Author:  C. P. Gupta and  K. K. Goyal
Publisher: Mercury Learning
Pages: 200
ISBN: 978-1683924982
Print: 1683924983
Kindle: B0861BKN4R
Audience: People who want to sound as if they understand
Rating: 1
Reviewer: Alex Armstrong
Cybersecurtity - find out what a firewall is!

Or not.

I started to read this book because I realized my knowledge of security issues was a bit out of date. I can honestly say that I learned nothing practical by reading this book. It is essentially a manager's style summary of everything do with cybersecurity you can think of and it is full of lists of things and terms, but it never gets to tell you anything about how things work or what to do.

The back-jacket blurb mentions firewalls and VPNs - there is virtually no mention of either inside and if you do read what little there is you will still have no idea what a firewall or a VPN is, let alone how one works or how to use one.The discussion is vague and keeps the reader at a distance. For example, the discussion of different types of firewall give you no idea what is actually happening or what you are being protected against.

There isn't a single piece of information included that would help you detect or deal with a security problem. There isn't a single piece of practical advice or actionable recommendation. If there is I missed it among the lists.

Chapter 1 presents a philosophical discussion of what is a computer system and even the table showing how information systems developed is dubious - it claims that the www was extended by the Internet! I have no idea what this means.

The book carries on like this looking at different areas where security might be important. So in Chapter 2: Application security there are lists of types of application and it reminds you to make backups. This is the chapter in which firewalls and VPNs are introduced and I'm not sure in what sense they apply to "application security". There then follows a list of types of attack - DOS, viruses, logic bombs, trapdoors, etc - but this amounts to just a definition to make you aware of the terminology.

Chapter 3 is about developing secure information systems and it's a vague managment-level account of how you might do things. For example, you should engage in threat modelling - no help on how to do this is given. Another example is what you do in the "design review":

The chief design consideration to implement security are the following:

  • validating inputs
  • exception handling
  • applying cryptography
  • using random numbers

 

"Using random numbers" well yes I guess so, but "applying cryptography" - if only it was that easy. You might as well add "try harder not to get hacked".

Chapter 4 is a brief survey of standards and legal requirements. It ends with a look at open source license types, and I don't see what this has to do with the topic.

The final chapter is another vague examination of a huge topic - data analytics, cloud computing, IoT, smart grid, Scada and wireless sensor networks.

Conclusion

This could be the sort of book a manager might read to find out about cybersecurity. If this is the case I really fear for any teams they manage and I really don't think they would have any idea how to lock down a system after reading it. More to the point I don't think they would know how to tell someone else to make the system secure or check that it was. At best this is a book that might impart some of the jargon and terms used in cybersecurity so that you had a chance of sounding knowledgeable. Being more charitable, it might enable you to understand what a cybersecurity expert was proposing - but I really doubt it.

If you are a programmer, don't bother reading this book. If you see your manager reading it, be prepared for trouble. 

 

To keep up with our coverage of books for programmers, follow @bookwatchiprog on Twitter or subscribe to I Programmer's Books RSS feed for each day's new addition to Book Watch and for new reviews.

Banner


Advanced Deep Learning with TensorFlow 2 and Keras, 2nd Ed

Author: Rowel Atienza
Publisher: Packt Publishing
Date: February 2020
Pages: 512
ISBN: 978-1838821654
Print: 1838821651
Kindle: B0851D5YQQ
Audience: Developers wanting to master neural networks
Rating: 5
Reviewer: Mike James

There's a shortage of books on AI with "advanced" in the title and this one ha [ ... ]



Deep Learning Illustrated

Authors: Jon Krohn, Grant Beyleveld and Aglaé Bassens
Publisher: Addison-Wesley
Date: September 2019
Pages: 416
ISBN: 978-0135116692
Print: 0135116694
Kindle: B07W585JGG
Audience: Python developers interested in deep learning techniques
Rating: 3.5
Reviewer: Mike James
A picture is worth a thousand word [ ... ]


More Reviews

Last Updated ( Tuesday, 25 August 2020 )