Book Review: Cybersecurity Lessons from COVID-19
By Robert Slade. CRC Press; routledge.com; 108 pages; $47.96.
Mark Twain once told an acquaintance that “I didn’t have time to write a short letter, so I wrote a long one instead.” As Twain knew, it is pretty easy to write long, meandering letters, but to write a concise letter is an art form.
CRC Press has a new set of books in its CRC Focus series of concise and quick-to-market books, which fill the need for short overviews on emerging areas or hot topics. These books contain detailed case studies, research, analytical or theoretical innovations, timely responses to current affairs or debates, information, and analysis for professionals and practitioners.
In Cybersecurity Lessons from COVID-19, author Robert Slade uses the COVID-19 pandemic as a method to examine the core areas of information security. Slade covers not only the high-level information security triad of confidentiality, integrity, and availability, but he also addresses other core topics such as application security, architecture, access control, and more.
When it comes to online scammers, they are creative and aggressive. Slade writes of COVID-19 phishing attacks where the scammers were capitalizing on people’s fears. They used that to launch phishing attacks and, sadly, were quite successful.
It is easy to become overwhelmed with all of the vast requirements within information security. While it can seem overwhelming, security is achievable. Furthermore, while it may be hard to see the light at the end of the information security tunnel, the book closes on an optimistic note. Slade wrote that the final lesson to be learned is to concentrate on what is important. Security, like life, is full of trivial details. But the reader should not get caught up in non-essentials just because they are immediately in front of him or her.
There are plenty of introduction to security books that are almost 1,000 pages long. At about one-tenth of that, Cybersecurity Lessons from COVID-19 provides a brief but detailed introduction into the primary areas and topics around information security and risk management. For those looking to get their feet wet in the subject, this is a great place to start.
Reviewer: Ben Rothke, CISSP, CISM, CISA, is a New York City-based senior information security manager with Tapad and has more than 20 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, design and implementation of systems security, encryption, cryptography, and security policy development. He also wrote Computer Security: 20 Things Every Employee Should Know.