ISACA Journal
Volume 6, 2,015 

Book Reviews 

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions 

Thomas J. Mowbray | Reviewed by Andrew Richardson, CISA, CISM, CRISC, MBCS, MCMI 

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions is aimed at cybersecurity students and graduates, cybersecurity practitioners, enterprise architects, and information security professionals. Although it has a section covering security concepts, it is a practical guide for protecting networks, systems and data against cybersecurity threats.

The book is divided into three sections, comprising a total of 14 chapters. The three sections cover cybernetwork security concepts, hands-on cybernetwork security and cybernetwork application domains.

The first two chapters focus on anti-patterns, which are ineffective and potentially counterproductive common responses to recurring problems. The term, coined in 1995 by Andrew Koenig, was inspired by the book Design Patterns, in which the authors highlighted a number of design patterns in software development that they considered to be highly reliable and effective.

By looking at cybersecurity anti-patterns, the book introduces the reader to a different way of thinking about cybersecurity. The book goes on to look at examples of anti-patterns, such as document-driven certification and accreditation, the use of information assurance standards with no proven benefits, and policy-driven security certifications that do not address threats. The book then focuses on the most common mistakes made in cybersecurity, describing how and why anti-patterns are created and how anti-patterns can be beneficial to the reader.

Cybersecurity has a different way of looking at the problems of cybersecurity, as most publications focus on best practices and what should be done. This publication looks at the anti-patterns that occur (e.g., no time for security) and describes the background, solutions, causes, symptoms and consequences, known exceptions, and the possible solutions to these problems. The end of part one of the book looks at enterprise security and using the Zachman Framework as a baseline reference model. Again, the focus is on anti-patterns and how they can be used.

Part two of the book deals with hands-on cybernetwork security in the form of network administration, the customization of backtrack and security tools, protocol analysis and network programming, vulnerability assessment and cybertesting, penetration testing, and the use of log analysis for cybernetwork defense. This covers elements such as managing administrator and root accounts, installing hardware, setting up networks, and reviewing a variety of other network administration tasks across Windows, Linux and VMWare. Part two of this book is a practical resource that provides the reader with detailed instructions that can be followed.

Part three covers the essentials for end-user cybersecurity awareness and education. It covers cybersecurity for end users, small businesses, large enterprises and health care organizations. The book concludes with a final chapter covering cyberwarfare.

The book is practical in its approach and does not just talk about theory. It provides practical examples of how to stay safe with email and tips on how small businesses that may not have cybersecurity experts on which to rely can put an enterprisewide cybersecurity plan into place.

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions provides the reader with a well-rounded publication on cybersecurity that can be used to establish practical controls over all aspects of cybersecurity. This book would be a useful additional to any security professional’s bookshelf.

Editor’s Note

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions is available from the ISACA Bookstore. For information, visit www.isaca.org/bookstore, email bookstore@isaca.org or telephone +1.847.660.5650.

Reviewed by Andrew Richardson, CISA, CISM, CRISC, MBCS, MCMI, who is the group information security officer at AEGON UK. Richardson has more than 25 years of experience in IT, information security, audit and risk.

 

Add Comments

Recent Comments

Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and from opinions endorsed by authors’ employers or the editors of the Journal. The ISACA Journal does not attest to the originality of authors’ content.