brothke writes "Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson is arguably the best information security book ever written. Anderson's premise is that security technology needs to take a structured engineering approach to systems design, with detailed requirements and specification from start-up to development and implementation; just as those designing buildings and bridges do. Without a deeply embedded structured approach to security systems design, Anderson argued that we find ourselves in the situation we are in today, with applications and operating systems full of bugs, vulnerabilities and other serious security flaws. As good as Security Engineering is, it was not written to be a detailed information security design guide. That vacuum has been filled by an incredibly important and valuable new bookSecurity Strategy: From Requirements to Reality." Read on for the rest of Ben's review.