8 Books Every Security Architect Must Read
February 25, 2016 | DevOps | joanna mastrocola
We are always trying to get better at our jobs. Although we can’t put a price on the real, hands on experience of practice, implementation, and and conversations, sometimes we need to rely on additional perspectives to paint a more complete picture.
Experts in the field of security architecture have created some great resources based on their years of learning, calling on both their successes and mishaps in crafting these helpful narratives. Although we aren’t big on “hacks” here at Conjur, as we are firm believers that putting in more work on a project will produce better results, an easy way to “hack” learning so you don’t have to go back for another advanced degree, is to read books that others have spent lifetimes creating.
So, if you’re looking to expand your horizon, absorb some expert knowledge, and crack open a book (or at least skim it), here are 8 stellar picks that every security architect can appreciate.
1. Security Engineering by Ross Anderson
This book teaches readers how to create systems that remain dependable in the face of error or malice, especially in the wake of the latest, more advanced security threats.
2. Designing Security Architecture Solutions by Jay Ramachandran
This book dives into system security architecture from a software engineering point of view. The author explains that strong security must be a major principle, and have great impact, in the development cycle.
3. Security Metrics: Replacing Fear, Uncertainty, and Doubt by Andrew Jaquith
A Yankee Group Security Expert, Andrew Jaquith teaches readers how to craft proper security metrics based on their organization’s distinctive requirements. The piece is filled with the best practices to help security architects define, create, and utilize security metrics in the enterprise.
4. Software Systems Architecture: Working With Stakeholders Using Viewpoints and Perspectives by Nick Rozanski and Edin Woods:
Focused on the practitioner and ideal for beginners, this guide helps readers compose and administer effective architectures for information systems.
5. Working Effectively with Legacy Code by Michael Feathers
Using relevant and realistic examples, this book helps practitioners to work through the messy problems that accompany legacy code.
6. Beyond Software Architecture: Creating and Sustaining Winning Solutions By Luke Hohmann
Unlike other books on the shelves, this piece deals with the business and project management aspects of software architecture.
7. Software Architecture in Practice by Len Bass, Paul Clements, and Rick Kazman
Structured around the idea of a architecture influence cycle, this book shows the different contexts (such as technical environment, the life cycle of a project, an organization’s business profile, or the architect’s professional practices) in which architecture is influenced or is the influencer.
This book focuses on real world, practical information and techniques that can be applied on a daily basis in managing security risks.
Read any of these books or have another that you recommend? Let us know!