Cybersecurity: A Self-Teaching Introduction

Author:  C. P. Gupta and  K. K. Goyal
Publisher: Mercury Learning
Pages: 200
ISBN: 978-1683924982
Print: 1683924983
Kindle: B0861BKN4R
Audience: People who want to sound as if they understand
Rating: 1
Reviewer: Alex Armstrong
Cybersecurtity - find out what a firewall is!

Or not.

I started to read this book because I realized my knowledge of security issues was a bit out of date. I can honestly say that I learned nothing practical by reading this book. It is essentially a manager's style summary of everything do with cybersecurity you can think of and it is full of lists of things and terms, but it never gets to tell you anything about how things work or what to do.

The back-jacket blurb mentions firewalls and VPNs - there is virtually no mention of either inside and if you do read what little there is you will still have no idea what a firewall or a VPN is, let alone how one works or how to use one.The discussion is vague and keeps the reader at a distance. For example, the discussion of different types of firewall give you no idea what is actually happening or what you are being protected against.

There isn't a single piece of information included that would help you detect or deal with a security problem. There isn't a single piece of practical advice or actionable recommendation. If there is I missed it among the lists.

Chapter 1 presents a philosophical discussion of what is a computer system and even the table showing how information systems developed is dubious - it claims that the www was extended by the Internet! I have no idea what this means.

The book carries on like this looking at different areas where security might be important. So in Chapter 2: Application security there are lists of types of application and it reminds you to make backups. This is the chapter in which firewalls and VPNs are introduced and I'm not sure in what sense they apply to "application security". There then follows a list of types of attack - DOS, viruses, logic bombs, trapdoors, etc - but this amounts to just a definition to make you aware of the terminology.

Chapter 3 is about developing secure information systems and it's a vague managment-level account of how you might do things. For example, you should engage in threat modelling - no help on how to do this is given. Another example is what you do in the "design review":

The chief design consideration to implement security are the following:

  • validating inputs
  • exception handling
  • applying cryptography
  • using random numbers


"Using random numbers" well yes I guess so, but "applying cryptography" - if only it was that easy. You might as well add "try harder not to get hacked".

Chapter 4 is a brief survey of standards and legal requirements. It ends with a look at open source license types, and I don't see what this has to do with the topic.

The final chapter is another vague examination of a huge topic - data analytics, cloud computing, IoT, smart grid, Scada and wireless sensor networks.


This could be the sort of book a manager might read to find out about cybersecurity. If this is the case I really fear for any teams they manage and I really don't think they would have any idea how to lock down a system after reading it. More to the point I don't think they would know how to tell someone else to make the system secure or check that it was. At best this is a book that might impart some of the jargon and terms used in cybersecurity so that you had a chance of sounding knowledgeable. Being more charitable, it might enable you to understand what a cybersecurity expert was proposing - but I really doubt it.

If you are a programmer, don't bother reading this book. If you see your manager reading it, be prepared for trouble. 


To keep up with our coverage of books for programmers, follow @bookwatchiprog on Twitter or subscribe to I Programmer's Books RSS feed for each day's new addition to Book Watch and for new reviews.


Understanding Software Dynamics (Addison-Wesley)

Author: Richard L. Sites
Publisher: Addison-Wesley
Pages: 464
ISBN: 978-0137589739
Print: 0137589735
Kindle: B09H5JB5HC
Audience: Every developers
Rating: 5
Reviewer: Kay Ewbank

This book looks at the different reasons why software runs too slowly, and what developers can do about it, starting by looki [ ... ]

Database Design for Mere Mortals: 25th Anniversary Edition

Author: Michael J Hernandez
Publisher: Addison-Wesley
Pages: 680
ISBN: 978-0136788041
Print: 0136788041
Kindle: B08JLXKJ6S
Audience: Database developers
Rating: 5
Reviewer: Kay Ewbank

As the title of this book suggests, this is a title that has stood the test of time, and this updated 4th Edition has bee [ ... ]

More Reviews

Last Updated ( Tuesday, 25 August 2020 )