Book Review: The Cybersecurity Body of Knowledge
The Cybersecurity Body of Knowledge; By Daniel Shoemaker, Anne Kohnke, and Ken Sigler. CRC Press; Routledge.com; 614 pages; $129.95.
Many news reports start their daily briefings with phrases like this: “Here’s what you need to know today.” While it takes less than 30 minutes to explain what is going on in the world, learning about information security takes a lot longer. That said, The Cybersecurity Body of Knowledge: The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity is an excellent introduction to the core areas of cybersecurity.
In September 2015, the Joint Task Force on Cybersecurity Education (JTF) was established to develop comprehensive curricular guidance in cybersecurity education. The JTF is a collaboration between the Association for Computing Machinery, the IEEE Computer Society, the Association for Information Systems Special Interest Group on Security, and the International Federation for Information Processing Technical Committee on Information Security Education—all major international computing societies.
The JTF defines cybersecurity as a “computing-based discipline involving technology, people, information, and processes to enable assured operations. It involves the creation, operation, analysis, and testing of secure computer systems. It is an interdisciplinary course of study, including aspects of law, policy, human factors, ethics, and risk management in the context of adversaries.”
The Cybersecurity Body of Knowledge is a technical but readable guide to the eight areas that make up the core cybersecurity areas. Rather than treating the book as a knowledge dump of everything cybersecurity, the authors present the essential cybersecurity elements readers need to know.
Cybersecurity knowledge cannot be conveyed in a single volume. In fact, the cybersecurity curriculum guidelines developed by the JTF run to more than 100 pages. Those looking for a comprehensive roadmap to effectively begin their cybersecurity journey will find that The Cybersecurity Body of Knowledge is an excellent guide.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a senior information security specialist with Tapad, Inc.