5 information security books you can’t miss in 2019

It’s easy to overthink information security solutions. You’ll probably be tempted by the range of training courses, e-learning options and staff awareness programmes on offer (and they’re certainly hugely beneficial), but sometimes a good book is all you need. 

Books enable you to study at your pace and from anywhere. They make for perfect introductions to specific topics, and you can always go back to key sections to refresh your memory. They can be  

Here are five books that will help you broaden your knowledge of information security and navigate upcoming issues. 

1. Selling Information Security to the Board 

Persuading the board to invest in information security measures requires sales skills. As an information security professional, you are a scientific and technical specialist; and yet you need to get your message across to people whose primary interests lie elsewhere, in turnover and overall performance. In other words, you need to develop sales and marketing skills. 

This pocket guide will help you with the essential sales skills that persuade company directors to commit money and resources to your information security initiatives. 

2. The True Cost of Information Security Breaches and Cyber Crime 

Most businesses are now aware of the importance of information security. However, some organizations struggle to understand what an information security breach would mean from a business management point of view. This can lead to organizations investing in expensive solutions that may not necessarily address their requirements. 

This pocket guide uses case studies to illustrate the possible breach scenarios that an organization can face. It sets out a sensible, realistic assessment of the actual costs of a data or information breach and explains how managers can determine the business damage caused. 

3. Insider Threat – A Guide to Understanding, Detecting, and Defending Against the Enemy from Within 

This book is the ideal resource for anyone looking to learn how a security culture based on international best practice can help mitigate the insider threat to your security. 

Every type of organisation is vulnerable to insider abuse, errors or malicious attacks. These can impact reputation, operations and profitability, and expose data, harm the organisation, or deliver valuable intellectual property into competitors’ hands. 

4. IT Governance – An International Guide to Data Security and ISO27001/ISO27002 

This bestselling book is the perfect manual for designing, documenting and implementing an ISO 27001-compliant ISMS. It was selected as the textbook for the Open University’s postgraduate information security course and is the recommended text for all IBITGQ ISO 27001 courses. 

5. Nine Steps to Success – An ISO 27001 Implementation Overview 

Achieving and maintaining accredited certification to ISO 27001 can be complicated, especially if you’re new to the Standard. This book is the perfect guide for those tackling implementation for the first time, covering scoping, planning, how to gain management support, communication, risk assessments and documentation. 

Browse our full selection of information security books >>