The new school of information security /
Adam Shostack and Andrew Stewart.
- xiv, 238 p. ; 24 cm.
Observing the World and Asking Why -- Spam, and Other Problems with Email -- Hostile Code -- Security Breaches -- Identity and the Theft of Identity -- Should We Just Start Over? -- The Need for a New School -- The Security Industry -- Where the Security Industry Comes From -- Orientations and Framing -- What Does the Security Industry Sell? -- How Security Is Sold -- On Evidence -- The Trouble with Surveys -- The Trade Press -- Vulnerabilities -- Instrumentation on the Internet -- Organizations and Companies with Data -- The Rise of the Security Breach -- How Do Companies Lose Data? -- Disclose Breaches -- Possible Criticisms of Breach Data -- Moving from Art to Science -- Get Involved -- Amateurs Study Cryptography: Professionals Study Economics -- The Economics of Information Security -- Psychology -- Sociology -- Spending -- Reasons to Spend on Security Today -- Non-Reasons to Spend on Security -- Emerging Reasons to Spend -- How Much Should a Business Spend on Security? -- The Psychology of Spending -- On What to Spend -- Life in the New School -- People Are People -- Breach Data Is Not Actuarial Data -- Powerful Externalities -- The Human Computer Interface and Risk Compensation -- The Use and Abuse of Language -- Skills Shortages, Organizational Structure, and Collaboration -- A Call to Action -- Join the New School -- Embrace the New School -- Make Money from the New School -- Final Words -- Endnotes
Information technology--Security measures Business--Data processing--Security measures Computer security equipment industry Bilgi teknolojisi--Güvenlik önlemleri İşletme--Veri işleme--Güvenlik önlemleri Bilgisayar güvenliği Computer security