There are three threads that are repeated again and again in the book: diversity, insurance, and mapping of the Internet. But there is much more: Quarterman does not address the standard picture of risk management, since he is pointing out that the Internet throws our usual tools for quantified risk analysis into disarray. Instead he notes areas that have been neglected, because of the difficulty of fitting them into standard models, and proposes new, if somewhat vague, risk paradigms. This is not a text that can be used as a reference for ordinary threat analysis, but should be thoroughly studied by anyone involved with information (and particularly communications) protection for a large company, anyone involved with the Internet in a big way, and anyone responsible for business risks in a rapidly changing environment.Who am I to argue?
-jsq