Last night at the PK (PechaKucha) happy hour, my presentation was: Tales of plagiarism, copyists and some really good books from the Security Reading Room. I listed my choice for the best information security books of the past year.

With that, virtual drum roll please, the best book of the year is: 

Security Strategy: From Requirements to Reality, by Bill Stackpole and Eric Oksendahl.  My review of the book is here.

The runners up, in alphabetical order are:

Cryptography Engineering: Design Principles and Practical Applications, by Niels Ferguson, Bruce Schneier and Tadayoshi Kohno.  My review here. 

Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet, by Joseph Menn.  My review here. 

Managing an Information Security and Privacy Awareness and Training Program by Rebecca Herold.  

Securing the Smart Grid: Next Generation Power Grid Security, by Tony Flick and Justin Morehouse. My review here.