Book Review: The CISO’s Next Frontier: AI, Post-Quantum Cryptography and Advanced Security Paradigms
The CISO’s Next Frontier: AI, Post-Quantum Cryptography; By Raj Badhwar. Springer; www.springerpub.com; 430 pages; $74.99.
Almost 60 years ago, Bob Dylan first sang “The Times They Are a-Changin’.” And when it comes to computer security, the times are constantly changing. That is one of the most challenging aspects of security—by the time you finally secure something, numerous new threats have arrived. Similar to the quandary that large enterprises face when upgrading operating systems, by the time they finish the upgrade, an entirely new version has been released.
In The CISO’s Next Frontier: AI, Post-Quantum Cryptography and Advanced Security Paradigms, author Raj Badhwar has written an interesting book meant to help those tasked with information security.
The initial chapters deal with quantum computing and how it can possibly make some aspects of cryptography vulnerable. The rest of the book provides a wide-ranging overview of many of the core topics information security managers face, including remote work issues, malware protection, domain name security, and more.
This book provides a more technical overview of the topics for the security professional looking for more than a high-level overview of the problems. Additionally, Badhwar closes each chapter with “the CISO take” on how a CISO can manage and mitigate the threats detailed in the chapter.
This is a comprehensive book covering a wide range of topics. For the CISO or security professional looking to get a deeper understanding of the topics their security teams will have to deal with, The CISO’s Next Frontier does a good job of helping senior information security professionals understand what their teams in the trenches face.
Reviewer: Ben Rothke, CISSP, CISM, CISA, is a New York City-based senior information security manager with Tapad. He has more than 20 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, design and implementation of systems security, encryption, cryptography, and security policy development. Rothke wrote Computer Security—20 Things Every Employee Should Know.
