Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Advanced persistent security
Winkler I., Gomes A., Syngress Publishing, Cambridge, MA, 2017. Type: Book (9780128093160)
Date Reviewed: Oct 12 2017

Winkler and Gomes define “advanced persistent security” as “defense in depth” (multilayered attack protection) that is enhanced by a comprehensive methodology for integrating attack detection capabilities and proactively implementing and executing an attack reaction capability. Many recent successful attacks demonstrate that while organizations have attack protection techniques in place, they appear unprepared once attackers manage to circumvent their defenses. Winkler and Gomes argue that to minimize the impact of a security breach, a comprehensive integration of protection techniques with detection and reaction capabilities is needed.

Reflecting its simple goal of pleading for such an integrative approach to security, the book surrounds sections on “Protection” (Section 2), “Detection” (Section 3), and “Reaction” (Section 4) with a section on “Concepts/Foundation” (Section 1) and “Implementation” (Section 5). Each section is further divided into several short chapters that mostly discuss fundamental security concepts without providing any technical details.

While the authors succeed in making a convincing case for a more integrative approach, where protection is not the last line of defense in our response to security threats, their book unfortunately does not go beyond this effort. As a result, it is unfortunately a book in search of an audience. What is discussed in this book is at the level of a first introductory course on computer security. Hence, I fear that security specialists who could benefit from its main idea may not want to read it because they will find its high-level approach trivializing, even though this is the opposite of what the authors intended. They may further dismiss it for its lack of technical content, or wonder whether this could not have been said more succinctly in a short article. On the other hand, I wish and hope that business, government, non-profit, and university leaders will read this book. However, they may not have the patience and willingness to read a book that appears on its surface to be targeted to a more technical audience. Nevertheless, for such readers and policymakers, I highly recommend it.

More reviews about this item: Amazon

Reviewer:  Burkhard Englert Review #: CR145585 (1712-0803)
Bookmark and Share
  Reviewer Selected
Featured Reviewer
 
 
Security and Protection (K.6.5 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
CIRCAL and the representation of communication, concurrency, and time
Milne G. ACM Transactions on Programming Languages and Systems 7(2): 270-298, 1985. Type: Article
Oct 1 1985
Computer security risk management
Palmer I., Potter G., Van Nostrand Reinhold Co., New York, NY, 1989. Type: Book (9780442302900)
Apr 1 1991
Computers at risk
, National Academy Press, Washington, DC, 1991. Type: Book (9780309043885)
Oct 1 1991
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy