No More Magic Wands takes the very complex subject of cyber security and explains it in short fictional stories involving elves and forest animals. Finney does an excellent of making the stories cute without being cutesy and passes along information without talking below (or above) the readers level. Part of any successful security program is to have everyone involved and not make any exceptions. People are the weak link in any security system whether it is the military setting up a perimeter, a bank protecting its vault, or a company protecting its data. Perhaps on of the biggest security hacks was Stuxnet. The amazingly successful virus was discovered only by accident and was introduced by a person, intentionally or not. Finney gives examples of how the bad guys can get into the system through unknowing or overly helpful employees. Stressing, again,that security is everyone’s responsibility, not just the IT department.
Combining technology with elfin magic and even the Tootsie Pop owl makes for enjoyable reading and much like parables there is a lesson to be learned with each chapter of the story. Finney includes take away points and also asks open-ended questions at the conclusion of each chapter. The appendix gives an outline of the important points of the book. Computer security is the main topic of the book, but it easily translates to any physical security situation. The reader can easily take away useful information for day to day life or computer security. The stories are easy to follow and the “morals” are not hidden too deeply in the story. Most people outside of the IT circle find security boring and not really part of their jobs and security training is a bitter time. The stories act as a sugar cube to the training distracting the employees from the fact they are learning security.
This book came as a recommendation and was read for free from Kindle Unlimited selections.