A Radically New Approach to Structuring, Evaluating, and Investing in IT Security nbsp; Why is the security industry so dysfunctional? Are you wasting the money you spend on security? This book shows how to spend it more effectively. How can you get better data to make more effective security decisions? This book explains why professionals have taken to studying economics, not cryptography--and why you should, too.nbsp; And why security breach notices are the best thing to ever happen to information security. nbsp; Itrsquo;s about time someone asked the biggest, toughest questions about information security. Security experts Adam Shostack and Andrew Stewart donrsquo;t just answer…
Adam Shostack is part of Microsoftï¿½s Security Development Lifecycle strategy team, where he is responsible for security design analysis techniques. Before Microsoft, Adam was involved in a number of successful start-ups focused on vulnerability scanning, privacy, and program analysis. He helped found the CVE, International Financial Cryptography association, and the Privacy Enhancing Technologies workshop. He has been a technical advisor to companies including Counterpane Internet Security and Debix.