Quiz/Survey

Summer Reading for Security Pros: Schneier or Sagan?

Sometimes, the security practitioner has to put down the latest tome on Trojans and terabytes and restore their sanity with something spiritual or even smutty. Here's what some of your colleagues are reading and why.

By Bill Brenner, Senior Editor

For good measure, Lanier throws in two more that aren't really books, but "should be considered so," he says:

• "The Open Source Security Testing Methodology Manual" (Herzog; ISECOM): "The OSSTMM is a thorough, well-structured guide for assessing the security of a given organization, including the network, systems, people, processes, and more. I've relied on it in the past with great success, and it's been well-received by my clients that I've got something against which they can audit my testing procedure."
• "OWASP Testing Guide": "Short of the OSSTMM, I can't think of another open guide that's as meticulous about hitting so many points during a security assessment. The OWASP Testing Guide is the definitive source for how to perform security testing against a web application. Period."

Security pro: Mari Kirby Nichols, IT security administrator at Portfolio Recovery Associates

• The Bible
• "War and Peace"
• Homer's "Odyssey"
• "The Complete Worse Case Scenario Survival Guide"
• "Lady Chatterly's Lover"

"Personally," Nichols says, "I would like the literature over the technical" if trapped on a desert island.

Security pro: Kevin Nixon, owner and senior principal at KMN LLC and security editor at Information-Security-Resources.com

• "Multi-Service Field Manual 21-76-1 Survival Evasion and Recovery" (106 Pages) a step-by-step guide on how to survive in a hostile environment. "It's considered so important by the DOD that a copy of this book is always inside all branches of the military Aviator vests," Nixon says. "With Knowledge one can survive anything."
• "22 Radio and Receiver Projects for the Evil Genius" (264 Pages) by Thomas Petruzzellis, a book that explains how to cannibalize various electronic devices and reassemble them into a shortwave radio. Says Nixon: "I wouldn't choose to be stranded so I am making a logical and conditional cause for becoming stranded. Most likely some type of mechanical failure caused my stranding."
• "Herbal Remedies For Dummies" (348 pages) by Christopher Hobbs. Says Nixon: "I would probably want to know what herbs and plants could help with pain, wounds or coping with depression. If herbal remedies were effective for my grandma who lived to 101 years of age, then why argue with success?"
• "Crisis Communications" (408 Pages) by Kathleen Fearn-Banks, covers a multitude of case studies on how to communicate effectively in almost any situation, which Nixon says would serve as a resource for ideas that could be altered and used for rescue. "If I don't panic and have something to keep me thinking of solutions, rescue is feasible."
• "Disasters: Mental Health Interventions" (204 Pages, Crisis Management Series) by John D. Weaver. This book contains examples the author experienced while doing disaster event mental health intervention. These examples helped tie down the main concepts of the book as well as provide a clear picture of disaster services. "This is a great book for anyone who wants to volunteer or is in the middle of a disaster situations," Nixon says. "Coping with the stress and helping anyone else stranded with me to cope promotes a more successful survival."

Other stories by Bill Brenner

• Email
• Print
• Comments
• Digg This
• SlashDot

• 10 Books You Will Love
• Bruce Schneier Q&A: The Endless Broadening of Security
• Gary McGraw Interviews Adobe Security Chief