Most introductory books about information security are about the size of this book, but are often written at a far too basic level.  In Introduction to Information Security: A Strategic-Based Approach, authors Timothy Shimeall and Jonathan Spring of CERT are able to provide an exploratory text about the topic without getting bogged down in the more elementary items. 


The book provides a good balance between the broad aspects of information security, privacy and risk management; without overwhelming the novice with far too much minutiae.

As the title implies, it provides a strategy-based and holistic approach to the topics, and shows how the various sub-disciplines within information security overlap and interact.

In 16 chapters, the book gives the reader almost everything they need to know about the current state and relevant topics involved in information security.

For those looking for an introduction to the topic, that nonetheless provides a comprehensive overview of the relevant areas, Introduction to Information Security: A Strategic-Based Approach is an excellent reference.