Date Reviewed: Mar 21 2006
"Security is a journey rather than a destination”. If you want to know how to
protect your computer system, this is not the book for you. If you want to know why you
should protect your computer system or convince someone else of the need, this book may
very well be appropriate. The approach taken by Furnell is to describe a variety of potential
system vulnerabilities and then present case studies and surveys to show that these
vulnerabilities are real and should be of concern to systems managers and their
organizations.
The first two chapters provide an overview of computer security problems, including a
perceived lack of sufficient awareness about them. In the three chapters that follow, major
security problems and potential attacks are surveyed. The last two chapters discuss
potential approaches to providing information assurance and computer security, as well as
the limitations of these approaches. The situations discussed include, but are not limited to,
some of the more notorious security incidents.  The ISO/IEC 17799:2000 Code of Practice for
Information Security Management is summarized, and several other security standards and
guidelines are mentioned.
Reviewer: C. M. Eastman Review #: CR132583

 ‘In today’s connected world no-one can afford to ignore computer security, this book tells you why, and what you should do about it, in simple non-technical language.’

Dr Jeremy Ward, Director of Service Development, Symantec (UK) Ltd

‘Computer Insecurity contains loads of practical advice supported by an abundance of real world examples and research. If you don’t understand what all the fuss concerning computer security is about then this book was written for you.’Jeff Crume, CISSP

Executive IT Security Architect, IBM and author of ‘Inside Internet Security – What hackers don’t want you to know’

‘I have long been looking for a book that would give answers to why rather than how we cater for Information and Communication Systems Security ... I recommend it wholeheartedly to anyone that wishes to extend their knowledge’

Professor Sokratis K. Katsikas, University of the Aegean, Greece

The problem of IT insecurity The need to raise awareness Common failings that compromise security The widespread nature of vulnerability Attack and exploitation of IT systems Responses from the security industry Final thoughts

Dr. Steven Furnell is a reader in information systems security at the University of Plymouth, and has already published one book: "Cybercrime: Vandalising The Information Society", Paperback: 336 pages ; Publisher: Addison-Wesley Pub Co; 1st edition (December 21, 2001), ISBN: 0201721597.

Aside from the assigned reviewers and a number of Dr Furnell’s academic colleagues, the manuscript has also been read by Dr Jeremy Ward, Service Development Director of for Symantec UK, who provided summary feedback describing it as "really excellent".

Security is one of the most significant issues facing the owners and users of computer systems in the Internet age, and recent years have convincingly illustrated that the problem is increasing in both scale and cost.

Computer Insecurity: Risking the System approaches its topic from the perspective of vulnerability – how can your system be attacked? Covering technical issues and human factors, the comprehensively researched text makes reference to numerous real-life security incidents, which help to provide persuasive practical evidence of the problems and the impacts that result.

Key issues covered include:

• the problem of computer insecurity

• the need to raise security awareness

• common failings that compromise protection

• the attack and exploitation of systems

• considerations in responding to the threats

Presented in clear and lucid terms, the discussion is invaluable reading for all business and computing professionals who wish for an overview of the issues rather than a shopping list of the security measures available.

 ‘In today’s connected world no-one can afford to ignore computer security, this book tells you why, and what you should do about it, in simple non-technical language.’

Dr Jeremy Ward, Director of Service Development, Symantec (UK) Ltd

‘Computer Insecurity contains loads of practical advice supported by an abundance of real world examples and research. If you don’t understand what all the fuss concerning computer security is about then this book was written for you.’Jeff Crume, CISSP

Executive IT Security Architect, IBM and author of ‘Inside Internet Security – What hackers don’t want you to know’

‘I have long been looking for a book that would give answers to why rather than how we cater for Information and Communication Systems Security ... I recommend it wholeheartedly to anyone that wishes to extend their knowledge’

Professor Sokratis K. Katsikas, University of the Aegean, Greece