Book Review

Knapp, K.J. (Ed.) (2009). Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions. Hershey, NY: Information Science Reference. 434 + xxii pages, ISBN: 978-1-60566-326-5, US$195

Reviewed by Gary C. Kessler
Gary Kessler Associates
Burlington, VT 05401
gck@garykessler.net
 

(first four paragraphs of review)

I freely admit that this book was sent to me by the publisher for the expressed purpose of my writing a review and that I know several of the chapter authors. With that disclosure out of the way, let me say that the book is well worth the review (and I get to keep my review copy).

The preface to the book cites the 2003 publication of The National Strategy to Secure Cyberspace by the White House, and the acknowledgement by the U.S. government that our economy and national security were fully dependent upon computers, networks, and the telecommunications infrastructure. This may have come as news to the general population but it was a long overdue public statement to those of us in the industry. The FBI's InfraGard program and the formation of the National Infrastructure Protection Center (NIPC) pre-dated this report by at least a half-dozen years, so the report was hardly earth shattering. And the fact that the bulk of the telecom infrastructure is owned by the private sector is a less advertized fact. Nonetheless, reminding the community of these facts is always a Good Thing and provides the raison d’être of this book.

The book is divided into four sections (18 chapters) that offer a nice flow in discussing the broad topic of information assurance (IA). It's important to note up front that this is not a general IA textbook but contains 18 very specific treatises.

Section I, titled "Risk and Threat Assessment," contains five chapters that lay the groundwork for understanding the concerns of the information security community to our information assets and resources. The first chapter describes the very interesting topic of the underground black market for the exchange of lists of software vulnerabilities and tools with which to exploit those vulnerabilities. The next chapter describes an automated approach to identifying threats to enterprise networks using attack graphs. The following chapter discusses prevention, detection, and mitigation of insider threats, which is possibly the largest information security danger that we face. This is followed by a chapter about a mathematical model for assessing the efficacy of an organization's infosec infrastructure. The last chapter of this section discusses the impact of information terrorism and the asymmetric nature of Information Warfare. This section of the book, even alone, would grab a reader's attention to the problems at hand..
 

(continued)