The full title of this book is Beyond Fear: Thinking Sensibly About Security in an Uncertain World, and the book delivers on the promise of that title. I started it a couple of months ago, and enjoyed taking my time reading just a few chapters at each sitting.
Bruce Schneier is a well-known cryptographer -- he was a major participant in the AES cipher contest a few years back -- but this is a nontechnical book. He does an excellent job of demonstrating that security is all about tradeoffs: cost vs. benefit in terms of money, attention, convenience, freedom, etc. There's no perfect security, and all security decisions need to be re-evaluated from time to time. Based on what? Bruce outlines a five-step process to evalute security decisions:
- What are you trying to protect? ... "So much of the bad security surrounding us is a result of not understanding exactly what is being protected and of implementing countermeasures that move the risk around but don't actually mitigate it."
- What are the risks against those assets?
- How well does the security solution mitigate the risks? ... "A countermeasure can fail both passively, by allowing an attack, and actively, by blocking legitimate access to the assets being defended."
- What other risks does the security solution cause?
- What trade-offs does the security solution require? ... "All countermeasures have a cost: not necessarily financial, but in terms of convenience, usability, freedoms, and so on. These trade-offs may have nothing to do with security, but often they are more important than security."
He talks about security systems (assets, people, technology, procedures, auditing), attackers, the weakest-link problem, detection, response, identification, authentication, and authorization.
And in each chapter, he uses small case studies to investigate concretely what he's been discussing: ATMs, credit card fraud, voting electronically vs. on paper, terrorist attacks, ID cards, etc.
A book about "security" may not seem like it could be a page-turner, but this one is. I recommend it to everyone because of its value in helping us make sense of the threats and risks in the world, at work, home, and in government, without being hysterical or submitting witlessly to bad security agendas.