(as of Oct 16,2019 17:36:06 UTC – Details)
This book has been written in response to the data breaches organisations and businesses are experiencing. I feel they have been caught between a rock and hard place, namely the need to comply with increasing regulations whilst having little to guide them in understanding what that truly means to their computer systems and their security.
I thought it would be useful to write a book that focuses on what software engineers, architects and technical managers can do to be provably secure by design with attention to securing personal information and all that implies. So the book blends together security techniques, architecture techniques and 'tricks' I've picked up over the years to get the security aspects of computer systems just right. It also covers off what needs doing to comply with the various privacy regulations in force and avoid having to keep revisiting the matter once done.
In writing the book I also discovered onto what I suspect is one of the major drivers in why we are suffering so many data breaches, namely the valuing of data purely from the perspective of the business and not the value to the attacker – so in the book I describe a process to assess business data from the perspective of the hacker and thereby put in place the appropriate security controls before it is too late.
The book has also been written assuming little prior cyber-security experience of the reader, all terms get explained and plenty of references are provided throughout.
I hope you enjoy this book and find it useful, writing it was a fascinating journey through a variety of subject areas discovering inter-dependencies and points of view on computer security rarely explored.