Book Review: Secrets
Verus Press; available from Amazon.com; 306 pages; $24.97.
Author James Pooley is a noted expert in protection of intellectual property and trade secrets, and his knowledge and perceptions of issues related to proprietary information are evident in Secrets: Managing Information Assets in the Age of Cyberespionage. He provides intelligence and information security practitioners with considered approaches to contemporary issues that will guide them in enhancing the security of information assets and networks.
Pooley’s writing style is straightforward, making discussions and explanations of legal terminologies and concepts easy to understand. The book is well researched and provides historical references and perspectives that are always relevant. Pooley masterfully frames the issues of secrecy in the age of the Internet and delves deeply into specific concepts and issues geared toward protecting intellectual property. The impact of technology on information protection is explored, as are openness philosophies and global supply chain constructs.
The thorough exploration of information ownership includes a look at how laws protect trade secrets. Pooley provides a roadmap of the regulatory processes of the cyber environment, like NIST guidance, as well as explaining how to develop information protection plans. Various chapters look at contractual considerations for sharing information, how to avoid the contamination of data, and the legal implications of sharing outside data.
A chapter on economic espionage highlights risk profiles that apply to management of information assets, plus issues such as hackers, Bring Your Own Device (BYOD) policies, and social media and messaging systems. The text includes appendixes highlighting samples of agreement documents referenced in the text.
I recommend this book to anyone who needs to address the management and protection of corporate and proprietary information assets in the information age. Insightful concepts and useful suggestions will guide the reader in protecting sensitive and competitive business information.
Reviewer: David O. Best, CPP, ISP (Industrial Security Professional), CBM (Certified Business Manager), SFPC (Security Fundamentals Professional Certification), ISOC (Industrial Security Oversight Certification), and Security+CE, is an information assurance and security specialist with Flatter & Associates in Quantico, Virginia. He is a member of ASIS.