Selected security book excerpts

Cyber Monday shopping? Here is a sampler of in-depth coverage by experts in application security, investigations, business continuity and more.

. What's this?

November 29, 2010CSO

If you're looking to give (or receive) the gift of knowledge this year, you can get a preview of the following security books. Each listing includes a link to an excerpt on CSOonline.com as well as the book itself on Amazon.com.

Security Testing of Custom Software Applications
Tools and techniques for testing applications.
Excerpted from Secure and Resilient Software Development
by Mark Merkow and Lakshmikanth Raghavan
CRC Press, July 2010

Investigative Tactics and Strategies
Retail industry field techniques and tests for detecting internal retail theft, including double buys, combination buys, and refund buys
Excerpted from Private Security and the Investigative Process
by Charles Nemeth
CRC Press, March 2010

Physical Security Risk and Countermeasures: Effectiveness Metrics
Is your security program working? Here's how to establish metrics for systematic measurement and improvement of countermeasures.
Excerpted from Risk Analysis and Security Countermeasure Selection
by Thomas Norman
CRC Press, February 2010

PCI and the Art of the Compensating Control
Compensating controls are a standard part of any security posture. But what makes an effective control?
Exerpted from PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance
by Branden Williams and Anton Chuvakin
Syngress, December 2009

How to Perform a Disaster Recovery Business Impact Analysis
Includes a sample Business Impact Analysis form
Excerpted from Building an Enterprise-Wide Business Continuity Program
by Kelly Okolita
CRC Press, December 2009

Contact and Coordination with Local, Regional, and International Authorities
Employees overseas are under your protection but not under your direct watch. Scott Alan Ast provides advice and examples for protecting employees by making and maintaining important security contacts abroad.
Excerpted from Managing Security Overseas
by Scott Alan Ast
CRC Press, November 2009

Conducting a Protective Security Advance
Advance Teams protect employees visiting a potentially dangerous area. This book excerpt looks at some key considerations for getting the job done.
Excerpted from Conducting a Protective Security Advance
by David Johnson
Varro Press, November 2009 (available only from the publisher)

How Security Should Handle Pickets and Strikes
9 things a business should do - and 6 things you absolutely can't do - to help ensure a strike or picket remains peaceful. Excerpted from The Security Manager's Guide to Disasters.
by Anthony Manley
CRC Press, November 2009

What Should Your Security Strategies Be?
Identifying business needs, documenting policies and driving change - former IBM security director Timothy Giles says these are keys to success for security leadership.
Excerpted from How to Develop and Implement a Security Master Plan
by Tim Giles
Auerbach, February 2009

No Excuses: Managing Operational Risk
Headlines about high-profile white-collar criminals sometimes mask underlying weakness in business controls and risk management. This book excerpt looks behind the curtain.
Excerpted from No Excuses by Dennis Dickstein and Robert Flast
Wiley, December 2008



Read more about application security in CSOonline's Application Security section.

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER