When it comes to desert island information security books, Security Engineering: A Guide to Building Dependable Distributed Systems by Dr. Ross Anderson is it. At nearly 1,200 pages, it’s miles wide and deep and will keep the reader busy for a while. I think it is the best information security book ever written. And in its conclusion, one will know pretty much everything they need to know about information security.
Anderson has made the second edition of the book available free here, with the third edition available in the coming months—all in advance of the fourth edition.
As impressive as Security Engineering is, it is not a book for everyone. Not everyone needs something as dense as that and instead wants something more high-level. For such a reader, Confident Cyber Security: The Essential Insights and How to Protect from Threats (Kogan Page) by Dr. Jessica Barker is a helpful read. While Security Engineering tells you everything, Confident Cyber Security gives you enough information to start the cybersecurity journey.
For many people new to information security, the topic is a bewildering minefield of new concepts, acronyms, and more. Here, Barker provides an understandable overview of the core topics without leaving the reader more confused about where they started.
While many security books focus on theory, this book includes multiple case studies in every chapter to provide real-world scenarios of the topics discussed.
This book is one of a series from the Kogan Page Confident series that provides the fundamentals of the topics. Other titles include Confident Cloud, Data Science, and more.
The book details all of the core technical security areas, from firewalls to more. It also includes a lot about the human side of the field and why people are so important in cybersecurity. The three domains of cybersecurity are people, processes, and technology. However, too many firms invest heavily in software and hardware but forget about the people who are expected to implement those technologies.
The book concludes with two chapters on cybersecurity as a career option. For those looking to get into the information security field in 2024, I detailed some of the options here. Barker also lists the many different types of career options available for those interested in what area to consider.
For those looking for a good introduction to computer security or considering it as a career option, Confident Cyber Security is an enjoyable and insightful book. It provides a good introduction to the topic and is worth a read.