Security Engineering

Security Engineering is also referred to as the “InfoSec Bible,” which is a fitting nickname. It was written by the late Ross Anderson, who unfortunately passed away early in 2024. There are three editions of this book - 1st from 2001, 2nd from 2008, and 3rd from 2020. The newest edition had a lot of new relevant information added to it. If you want to get the book, you can download it for free from the Cambridge University website or get the paperback from Amazon.

As for the book content, it’s meant for someone with a solid understanding of technology. If you’re able to navigate your way around the inner workings of Windows and/or Linux, the book will make sense to you. The chapters are dense and a ton of information is included with each page. The book is about 1000 pages total and to go from cover to cover is going to take a while, especially if you slow down to digest it. On average, it took me about one hour to make it through 15 pages (which included research of some of the information discussed).

The book does a good job of explaining a high level overview of the topics, as well as providing practical advice. Ross also includes relevant geopolitical context here and there as it relates to hacking. Something I’ve noticed from my YouTube comment section is that some people don’t have a good grasp of the geopolitical aspect, and why they should care about issues such as where their personal data is stored and what country they are currently living in.

A person who reads through this book and gets a solid understanding of the content will be head and shoulders above 99% of the population in regards to infosec. Whether you’re a home user, IT pro, or want to go into IT, this book is a great asset.