REVIEW - Secrets&Lies (revised)


Secrets&Lies (revised)


Bruce Schneier




Wiley ()




Mark Easterbrook


December 2004



takes a realistic look at threat and risk analysis

We all live in an increasingly digital and networked world. We also live in a world that seems increasingly hostile, at both the personal level and the global level. Yet, so few of us really take security really seriously: maybe we all lock our doors and windows and install firewalls and virus scanners, but this is just basic stuff - when did you last perform a security audit on your house or your Internet connection?

This book examines the security of the digital networked world and the domains that interface and interact with it, including us, in a pragmatic, myth-busting, sometimes humorous, and often worry-inducing way. It is divided into three parts:

Part 1 - The Landscape - sets the scene, who are they, what do they want, why they want it, how might they get it, and why are they targeting you. If the answer is "I don't know", as it is often the case, you just have to guess and hope you are somewhere close.

Part 2 - Technologies - is the largest section and comprehensively covers the technology used in attack, defence, detection and alerting. The common theme here is that security is like a chain, and is only as strong as its weakest link.

Part 3 - Strategies - looks at the practical side of securing your part of the world. This takes a realistic look at threat and risk analysis and how sufficient defence strategy can be created. Not surprisingly, technology is only part of the problem, and only part of the answer - security is a human issue as much as it is a technical one.

When you have read this book, and I strongly urge that you do, there will be one of two outcomes: You will take security much more seriously, or you will sleep much less easily at night. Recommended.

Book cover image courtesy of Open Library.

Your Privacy

By clicking "Accept Non-Essential Cookies" you agree ACCU can store non-essential cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

Current Setting: Non-Essential Cookies REJECTED

By clicking "Include Third Party Content" you agree ACCU can forward your IP address to third-party sites (such as YouTube) to enhance the information presented on this site, and that third-party sites may store cookies on your device.

Current Setting: Third Party Content EXCLUDED

Settings can be changed at any time from the Cookie Policy page.