- Security TWENTY
- Women in Security
Author Graham Day
ISBN No 9781849289610
Review date 19/05/2019
No of pages 202
Publisher IT Governance
Publisher URL https://www.itgovernance.co.uk/shop/product/security-in-the-digital-world
Year of publication 08/10/2017
Graham's Day book is welcome for at least two reasons; for writing about 'security in the digital world' in a plain and clear way, and for speaking to us all about home computer security (the subtitle says that the book is for the 'home user, parent, consumer and home office'). For in so many cases of cyber breaches, from headline-making corporate data loss to individuals losing money or having their identity stolen and taking many hours to recover normality, you cannot very well separate the home from the work any more.
And as the author warns, home networks are almost always less secure than corporate networks. The prospect is of even more insecurity thanks to the Internet of Things, which could gift to hackers information about when you are not at home, of use to burglars.
As a former military man now advising companies, the author felt there's not a go-to place for home digital security advice, and like many of the most useful books, it began as a way to inform his own family and friends.
The book starts with the basics, for IT security and for computing generally, such as names of the most common browsers, and search engines, and explaining what cookies are and how to go about setting up and using email (two-factor authentication is recommended, and the likes of Google do offer it). Why bother about search engines? Because potentially malicious websites exploit search engine algorithms; 'many search terms will return results that may have malware in them and if you go to the page there is a real risk that your system could be infected'.
As social media websites are a preferred way for attackers to get online access to you, consider doing your online banking or retail buying in a different session and different browser than your social networking.
While the book runs to about 200 pages and is in style and content easy to follow, for what could easily be hard going, and it's well illustrated, if you are really pushed for time or plain unwilling to hold a book open for more than five minutes, turn to the beginning where you have a few pages of digest; or to the very end, to take the 'personal cyber security risk assessment'. The author offers some take-away points, such as review your security (as it doesn't keep still, nor do the threats), and 'think twice, click once' to avoid doing something in haste that you may regret. Change those default passwords on devices. Be aware of security; challenge callers, whether in person, on the phone or by email.
'Have a private life,' is one of the more blunter and surprising pieces of advice; meaning that you should avoid putting personal details online that may advertise for instance that you are away from home and in effect invite burglary. And don't be afraid to ask friends to take down posts that similarly give your private details away. And have difficult to guess (but easy enough for you to remember) passwords or pass phrases. As Graham Day says: "Some of these may already have been done, but there's no harm in being reminded."
This welcome book then - to quote the author - does not offer a sure way to stay safe digitally. It does cover the range of devices that we have taken for granted in next to no time that well within living memory would have been magic: laptops, memory sticks, Bluetooth, Chip and PIN cards, Apple Pay, apps and cashpoint machines. Not least Graham Day covers how to dispose of products such as computers when you are done with them.
Graham describes his book rightly as a baseline, with 'lots of little things' that 'will combine into a better security posture and approach'. For saying that you could save untold trouble and loss, the cost of the book is a snip.