2008-07-20

HiR Reading Room: Beyond Fear

Beyond Fear: Thinking Sensibly About Security In An Uncertain World by Bruce Schneier is a Post-9/11 look at security for normal people. It arms the reader with the knowledge and understanding to distinguish FUD (Fear, Uncertainty and Doubt) and "Security Theater" from things that really do improve security.

While Schneier overly simplifies or dilutes certain security concepts that have well-established definitions in the industry, I feel that the book itself was a worthwhile read for anyone because the concepts are presented in a clear, easy-to-understand manner.

The book itself starts off by describing what security entails, and what elements are at play. From there, it starts giving examples of various scenarios and explains why certain countermeasures would work or fail. Security, versus Security Theater.

For those of us who are already working in or have an understanding of security and how it works, this book will be a little bit repititious at some spots. Conversely, it's entertaining enough to read through from beginning to end. If you often find yourself critical of the effectiveness of so-called "security" protocols, this might be the book for you. If you already have a firm grasp of the security mindset but want to be able to explain security in simple terms that anyone can understand, this book is packed with anecdotes and verbiage that simply make sense.

Overall, I enjoyed Beyond Fear quite a bit. I wouldn't dare cite it as a serious reference in a research paper on security, but I'd most certainly recommend it to technical and non-technical people alike who seem to have succumbed to FUD from a lack of understanding.

blog comments powered by Disqus