Well....I finally did it. I finally finished Kevin Mitnick's book, The Art Of Deception. This was perhaps one of the most compelling books I've read in a very long time. It covers ways into which many of our corporations and government agencies are vulnerable. It details what was once thought of as "old-school" techniques in which information thieves gain insight into the very workings of these organizations such as dumpster diving and pretexting.
The book is 352 pages of real-life examples of Mitnick's former operation and those of his former comrades. I particularly liked his ideas about how we can protect from these attacks. Some would think this would be an opportunity for Mitnick to brag and thumb his nose at his former adversary, the US government. But it isn't. It is certainly a guide into some very low-tech means in which these guys operate and exploit.
This book is a must-read for anybody who cares about security. I would suggest this for any reader who wants to protect themselves or their organizations. If you think you're not vulnerable, hire an outside firm to do a penetration test on your people not your systems and see where your vulnerabilities are. I can tell you from my experience, the best way to defend yourself is to protect your people. Your systems need people to operate and maintain them. If your folks fail to perform the basic due diligence when dealing with anyone seeking information or access (either physical or virtual) into your organization, then you better get them doing it ASAP. If you're in charge of security for any corporation, I HIGHLY suggest this book.
