THIS BOOK REPORTS ON THE STATE-OF-THE-ART OF COMPUTER SECURITY IN THE UNITED KINGDOM, AS SEEN FROM INTERVIEWS WITH THE PUBLIC, THE OTHER PROFESSIONS, AND THE COMPUTING INDUSTRY. CONCLUSIONS ARE DRAWN ABOUT THE CURRENT STATE OF COMPUTER SECURITY, INCLUDING AWARENESS AND ATTITUDES, AND INFORMATION IS PROVIDED ON PRACTICAL STEPS THAT CAN BE TAKEN TO PROVIDE, MAINTAIN, AND IMPROVE COMPUTER SECURITY. THE IMPORTANT ASPECT OF THE APPLICATION OF RISK MANAGEMENT TECHNIQUES TO COMPUTER SECURITY ALSO RECEIVES PARTICULAR ATTENTION. CHECKLISTS ON PHYSICAL SECURITY, SYSTEMS DEVELOPMENT, PERSONNEL, SYSTEMS DESIGN AND OPERATION, AND INSURANCE APPEAR IN THE APPENDIX. RECOMMENDATIONS FOR FUTURE ACTION, BASED ON SURVEYS OF THE ATTITUDES AND NEEDS OF COMPUTER PROFESSIONALS, COMPUTER USERS, AND THE PUBLIC TO COMPUTER SECURITY, ARE MADE IN THE FOLLOWING AREAS: THE NEED FOR A CENTRAL REFERENCE BODY, RISK MANAGEMENT, IMPLEMENTATION OF GENERAL STANDARDS AND GUIDELINES, THE COMPUTER INDUSTRY, COMPUTER USERS, INFORMATION, EDUCATION AND TRAINING, EMPLOYEES, INSURANCE, AND PRIVACY. A BIBLIOGRAPHY IS PROVIDED.