The author clearly puts e-business system (and general) security into context from business and technical perspectives in Chapter 1. In Chapter 2 he exposes topics that may be far removed from executive and senior management, such as infrastructure and related support issues. Also in this chapter security is introduced into the discussion of infrastructure and systems, setting the stage for subsequent chapters.
Chapters 3 and beyond are focused entirely on security. Each element of e-business security is treated as an individual topic, which provides the necessary background for the next topic. In succession major and common threats are discussed, along with recommended countermeasures. By Chapter 4 the details for effective security management unfold, with well written material on why e-business systems are corporate assets, and a sound framework for managing these systems in a manner that takes into account business imperatives and cost/benefit. Subsequent chapters also cover topics such as responsibility and liability - in short, topics that concern managers.
At nearly 300 pages this book may be too detailed for executives, but is short enough to hold the attention of senior and mid level managers who are responsible for e-business systems. The approach and focus are business first, with only enough information about the underlying technology to provide sufficient understanding to non-technical readers. The approach set forth in the book for managing security is both realistic and viable. What is required to make it actionable is executive sponsorship and management commitment to perform.