This is an absolutely essential book if you are involved in security in any way, and who isn't these days. With security now a core requirement for most networks, you've got to keep track of the virus scene. This book excels in its accessibility, and you need it on your bookshelf alongside other essential security books such as "Hacking Exposed" by McClure, Scambray, and Kurtz.
I am using this book as a reference to update my "Encyclopedia of Networking and Telecommunications" and to post new information at my Linktionary.com Web site. These days, you need to buy and read multiple sources of information to keep up with the latest developments. Sorry, that's the way it is. I am recommnding this book as one of those references.
These guys have obviously worked hard to get this material together. It is dense (who wants glossed-over security info?). The historical overview is interesting and essential. Think you know this stuff? Think again. The title of this book is "revealed" and it lives up to its name. You get the inside story on hundreds of viruses and that goes a long way toward helping you understand just what you are up against.
There are also essential chapters on management, information gathering, product evaluation, and product testing. And you need to read the chapter on risk and incident management so you can start building strategies to deal with future attacks.
The amount of material is amazing. Even the index is interesting to browse since you are bound to find curious things that will send you back into the book. There are numerous case studies that attest to the research done by the authors. You'll find historical info derived from police reports and companies that were hacked. Good stuff that helps you develop your own incident response strategies.
Now for the legal. You've got to develop internal policies and that means knowing the legal issues. This book does a good job of covering legal issues and legislation in a variety of countries, not just the US. It also provides important policy information that can help you develop your own internal policy statements.
Like I said, I am recommending this book. The time to update security books is ALWAYS, so make space on your shelves for this book.