Mapping Security: The Corporate Security Sourcebook for Today's Global Economy
Written by Tom Patterson with Scott Gleeson Blue
Now this is a first for the book review section, a book written about the process of Information Security. This is not a technical book, but one designed for those who find themselves in the position to manage Information Security at their company. Rightfully so, the subtitle for the book is "The Corporate Security Sourcebook for Today's Global Economy".
I must say that I loved reading this book, even though the process introduced was a new approach for me. The book starts out with the forward by Howard A. Schmidt who is the CSO of Ebay. It then dives into charting the course, where you map out your reason for existence and reading this book. This chapter seemed a bit drawn out, and certain comments made in this chapter almost turned me off from continuing. For example, in one part, the author makes the following comment "The number one reason that companies around the globe do not patch their Windows operating system is because it is stolen." It then goes on about how purchased operating systems are easy to patch. It was certain comments like this that concerned me on where the author got his facts from.
However, as I read deeper into this book, I realized that the author was not an expert on operating systems and patches, but had a great deal of experience working with countries from all over the world. Comments like "American take note: If you are outside the 50 states and everyone in the room is agreeing with you, they are either internally livid or externally lying." I couldn't agree with this statement more.
The book takes a turn and begins discussions on laws and processes, holidays and managements styles (to name a few), for most major countries, 30 key markets to be exact. This is where this book breaks grounds; it's not focused on the United States of America. It discusses best practices and key regulations, he also does a good job about summing up the impression that nation has on Americans.
This book is a must for the Security Officer who finds themselves traveling a lot, and responsible for Information Security in their organization.