After three years of labor, the Fifth Edition of the Computer Security Handbook (CSH5) is ready! Senior Editor Sy Bosworth and new Editor Eric Whyne and I are proud to see the two-volume work for sale at last.
Readers familiar with the Fourth Edition will see significant improvements. The subject coverage has vastly increased, as you can see by downloading the 40MB PDF extract that is posted on my Web site. You will see the entire front matter (Preface, Acknowledgement, Table of Contents, Editor info, Author info), detailed table of contents for each chapter, and the Index.
As Sy points out, we’ve gone from 54 chapters in the Fourth Edition to 77 in the Fifth and almost doubled the page count. More important, the coverage now reflects what we think is a comprehensive view of the information assurance field. Most important, readers can now do physical exercise to strengthen both arms at once with a volume in each hand.
One of the strong points of the CSH5 is that there is an underlying model to explain why we’ve defined specific topics as chapters and why we have ordered the chapters in a specific way. Unlike encyclopedias and some other compendia of security information, where the chapters are jumbled together with little sense of why one follows another, all the material in the CSH5 follows what I call a life-cycle model of information assurance. The eight parts of the books are as follows:
Part I: Foundations of Computer Security
Part II: Threats and Vulnerabilities
Part III: Prevention: Technical Defenses
Part IV: Prevention: Human Factors
Part V: Detecting Security Breaches
Part VI: Response and Remediation
Part VII: Management’s Role in Security
Part VIII: Public Policy and Other Considerations
There’s a note to (university) instructors on page xxxix of the front matter which explains that the two volumes are designed explicitly to support two one-semester undergraduate courses in information assurance – an introductory survey and a second course in management of information assurance. My colleagues and I at Norwich University School of Business and Management will be updating the existing materials to reflect the new edition as we prepare lectures for IS340 and IS342 to be given in Aug-Dec 2009 and Jan-May 2010, respectively. In addition, the work will be useful for graduate courses in information assurance.
Our publisher, John Wiley and Sons, has a two-page leaflet that provides a brief description of the work plus a list of authors and chapters. Be aware that the $189 price of their promotion has a $5 shipping fee to be added; in contrast, the book is somewhat cheaper on Amazon at $184.80 with free shipping. An electronic CD-ROM version of the text is also available for $179.79; that’s the version that will be used by students and faculty in the Master of Science in Information Assurance program at Norwich University starting Seminar 1 in June.
With the exception of the editors, who receive modest royalties (we estimate that the money works out to around $3/hour), all the authors on this immense project have labored on it out of the goodness of their hearts (plus a copy of the book) for the benefit of readers and students. On behalf of the editors and publisher, I want to express my gratitude to all the authors for their professionalism and courtesy during the long slog to publication of the work.
We have, alas, already started receiving notices of typographical errors... [sigh]. An Errata list will soon be available online to all.
And now starts the long haul to the Sixth Edition (2015, maybe).