Book Review—Computer and Information Security Handbook 

Download Article Read the Article in the Digital Journal

Computer and Information Security Handbook is a very informative handbook for information security professionals, IT auditors, technical specialists, consultants, and students pursuing courses in information technology and computer-security-related fields. It provides a comprehensive presentation of the currently most relevant topics of information security from computer security theory, related technology, practice, security threats/risks, and regulatory and privacy considerations. It is very valuable for a reader who is looking for a reference book that is a source of factual knowledge and for concise answers to questions that arise when working or doing research in the computer security field. It is also a great source for IT auditors who want to improve their technical knowledge or practitioners and consultants who are studying for information-security-related certifications. This handbook is a great addition to the information security professional’s technical reference library.

The book features eight parts, 43 chapters with appendices, a glossary of terms common in computer security and an index. All chapters are written by specialists in the field covered by the chapter. To provide a brief view of the scope covered by the book, the eight parts are listed here:

  • Overview of System and Network Security: A Comprehensive Introduction
  • Managing Information Security
  • Encryption Technology
  • Privacy and Access Management
  • Storage Security
  • Physical Security
  • Advanced Security
  • Appendices

The content is computer security in general and is not limited to a specific industry, system or application. Many examples, charts, tables and figures provide rich support for the presented technical facts and theory. They also provide interesting background information and set the importance of computer security in the right context. Because chapters are independently authored (more than 60 authors), each chapter has its own character in presenting the content and addressing security considerations. Despite that, the overall appearance of the book is homogeneous, as would be expected from a handbook. The structure of the book, sequence of chapters and content presentation is logical and allows, in conjunction with the detailed table of contents and index at the end of the book, an easy navigation through the comprehensive content of about 800 pages.

The strength of the handbook is its broad scope and detailed delivery of knowledge. It is recommended as a reference book for a wide spectrum of readers, from the computer science student up to the information security professional.

Editor’s Note

Computer and Information Security Handbook is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in this Journal, visit, e-mail or telephone +1.847.660.5650.

Reviewed by Horst Karin, Ph.D., CISA, CISSP, ITIL
president of DELTA Information Security Consulting Inc. (Toronto, Ontario, Canada), which has provided consulting services in information security, SAP, public key infrastructure (PKI), WebTrust, and regulatory and sustainable compliance since 1998. He authored an article about SAP portal security and has been interviewed about PKI and smart card security by IT World Canada magazine. His most recent work is a standard textbook for security and risk management in SAP systems, which he co-authored with Mario Linkies.

Enjoying this article? To read the most current ISACA® Journal articles, become a member or subscribe to the Journal.

The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.

Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute® and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.

© 2010 ISACA. All rights reserved.

Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.