Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security

Book Review: Security Assessment
Case Studies for Implementing the NSA IAM

About.com Rating 3.5

From Tony Bradley, CISSP-ISSAP, for About.com

Security Assessment

Security Assessment by Ted Dykstra, Russ Rogers and Greg Miles

Compare Prices
Book News, Inc. had this to say about this book which helps explain what the NSA IAM is: "In 1998, the National Security Agency (NSA) Information Assurance Methodology (IAM) was developed to meet the demand for information security assessments. Rogers, co-founder of a security services provider, helps security practitioners, customers purchasing security services, managers, and salespeople facilitate the implementation of the IAM into a company's business process."

Why This Book?

Information security is a big deal. Data is money. Credibility is money. Losing data or losing credibility and confidence with customers due to losing data are unacceptable in business today and can have a serious negative impact on revenue.

The National Security Agency (NSA) is responsible for a large part of maintaining and defending the security of the United States which includes the critical infrastructure. Corporate commerce, the delivery of utilities such as oil, gas, water and electricity and the communication of vital data and intelligence information all rely on a strong Internet. Protecting the Internet from attack is a vital part of protecting the country.

The NSA created the IAM (Information Assurance Methodology) to provide a framework for organizations to follow in choosing what to protect and how to protect it. This book provides case studies and real-life scenarios from the authors' combined experience in implementing network security and following the IAM framework.

My Review

The authors' have a wealth of experience in information security and with the IAM framework. They convey this experience through case studies derived from real-world scenarios to provide examples that illustrate the IAM in action.

Security Assessment demonstrates how to apply the NSA IAM to commercial and government organizations alike to determine the relative security of their network. The authors' provide tips and advise readers of pitfalls to watch out for as they guide you through performing an IAM security assessment.

The book is both informative and at times entertaining as it walks through sample scenarios. It also provides some templates and sample deliverables that readers can use.

The authors' knowledge and experience is evident throughout, however parts of the book are slightly confusing or hard to follow. Sometimes it seemed as if extra words were added in just to stretch the chapter out without providing any benefit in terms of relaying information. But, overall I think that network or security administrators and particularly those tasked with actually following the NSA IAM will benefit greatly from reading this book.

Compare Prices
Explore Internet / Network Security
About.com Special Features
Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Connect Your Home Computers

Easy ways to connect two computers for networking purposes. More >

Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security
  4. Product and Book Reviews
  5. Read Book Reviews
  6. Sorted by Title
  7. S
  8. Book Review: Security Assessment- Case Studies for Implementing the NSA IAM

©2009 About.com, a part of The New York Times Company.

All rights reserved.