The security professional author provides in about 235 pages a clear and concise textbook-style introduction to the field of information security management. The book clearly indicates that it is not designed for professional certification exam study. However, students and other professionals will find basic information, in one location, in an easily read format.

The chapter titles indicate the topics that are addressed: “Evolution of a Profession,” “Threats and Vulnerabilities,” “The Information Security Manager,” “Organizational Security,” “Information Security Implementation,” “Standards, Frameworks, Guidelines, and Legislation,” “Protection of Information,” “Protection of People,” “Protection of Premises,” “Protection of Systems,” “Digital Evidence and Incident Responses,” “Cloud Computing Security,” “Industrial Control Systems,” and “Secure Systems Development.” Chapters average about 15 pages in length, with internal sections and real-world examples to illustrate the points. For example, about half a page each is devoted to Edward Snowden and Kevin Mitnick.

“Warning” and “Tip” boxes keep the reader focused on important points. Figures and lists are equally helpful. UK, EU, US, and Australian legislation and standards are briefly discussed. While containing few references for additional study, there is a good comprehensive index and an eBook is available. An introductory chapter provides a quick look at the practical aspects of the information security field and chapter contents.

This work provides an excellent starting point for anyone wanting a rapid comprehensive overview of information security management.

More reviews about this item: Amazon