A very interesting book, that tries a new approach to security, and tries to avoid the mumbo-jumbo of IT-security and still be valid in a business environment.

Well worth reading, especially his 8 rules, that I decided to adhere to in my future security evaluations.

Don't understand what I'm talking about? Read the book, you will probably find it an enlightening experience (in parts) what regards security.