Book Review — No More Magic Wands


No More Magic Wands by George Finney

No More Magic Wands by George Finney is a book on cyber security for all level of readers. Finney is the Information Security Officer (ISO) and Director of Digital Interests for Southern Methodist University. He works in a variety of areas at SMU including facilitating IT Security and Compliance, increasing Regulatory Awareness, streamlining the IT Contracts process, as well as advocacy for Open Source software and processes. Finney earned his law degree from Southern Methodist University.

No More Magic Wands takes the very complex subject of cyber security and explains it in short fictional stories involving elves and forest animals. Finney does an excellent of making the stories cute without being cutesy and passes along information without talking below (or above) the readers level. Part of any successful security program is to have everyone involved and not make any exceptions. People are the weak link in any security system whether it is the military setting up a perimeter, a bank protecting its vault, or a company protecting its data. Perhaps on of the biggest security hacks was Stuxnet. The amazingly successful virus was discovered only by accident and was introduced by a person, intentionally or not. Finney gives examples of how the bad guys can get into the system through unknowing or overly helpful employees. Stressing, again,that security is everyone’s responsibility, not just the IT department.

Combining technology with elfin magic and even the Tootsie Pop owl makes for enjoyable reading and much like parables there is a lesson to be learned with each chapter of the story. Finney includes take away points and also asks open-ended questions at the conclusion of each chapter. The appendix gives an outline of the important points of the book. Computer security is the main topic of the book, but it easily translates to any physical security situation. The reader can easily take away useful information for day to day life or computer security. The stories are easy to follow and the “morals” are not hidden too deeply in the story. Most people outside of the IT circle find security boring and not really part of their jobs and security training is a bitter time. The stories act as a sugar cube to the training distracting the employees from the fact they are learning security.

This book came as a recommendation and was read for free from Kindle Unlimited selections.

Leave a comment

Filed under Book Review

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s