Slashdot: Intrusion Detection [Book Review] Jan 27, 2000, 18 :45 UTC (0 Talkback[s]) (4244 reads) (Other stories by Disgruntled Goat)
"Security books, quite frankly, are pretty much a dime a dozen, most of which are written by people in IT
field security. What immediately separates this book from the rest is the background of the author. Ms.
Bace is an ex-government employee, spending 12 years in everyone's favorite spook organization, the
National Security Agency. She led the Computer Misuse and Anonmaly Detection (CMAD) Research
Program for six years at the NSA. She also collaborated on Computer Crime : A Crimefighter's Handbook
by Dr. David Icove of the FBI. She also won the Distinguished Leadership Award in 1995 from the NSA."
"This book is sort of dry reading. It's akin to reading college CS textbooks for pleasure. Or law books. What
I didn't like is the fact that she wasn't real clear on the distinction of "hackers", nor how she describes
them. She worries that "hackers" wish to "corrupt the trust process". And the focus for the book is not
primarily for techies. It's designed for CIO smacking...."
"What made this good for me was the fact that I could have points to show to management for InfoSec
issues. I work in a hospital and we tend to attract a large amount of famous people as patients. If
something damaging was leaked to the media about a famous person's medical condition that was
potentially embarassing, we're looking at a good multi-million dollar lawsuit. This book isn't a by-the-book
"How to protect your systems", but more of a book on what to safeguard, and how to detect patterns
that may indicate patterns of unauthorized usage."
