Beautiful Security from O'Reilly, which I just finished reading, is truly an awesome book.
Now, I will probably have a high opinion of my own chapter ("Beautiful Log Handling") since it took some work (eh... and one near-complete rewrite) to create (this why people LOVE O'Reilly books!!) However, I am just about as excited about the rest of the chapters in the book.
Here are my favorite chapters:
Psychological Security Traps by Mudge: awesome chapter with some fun ideas. Must read.
Beautiful Security Metrics by Betsy Nichols: if you are "a metrician", there won't be anything new (apart from here interesting medical research analogy); otherwise, a MUST read!
The Underground Economy of Security Breaches: not a bad, even if a bit dated, review of underground economics.
Beautiful Trade: Rethinking E-Commerce Security by Ed Bellis: this is one of the 2 chapters that I like more than my own; this has lots of visionary ideas on payment security.
Securing Online Advertising: Rustlers and Sheriffs in the New Wild West by Ben Edelman: this one is a fascinating read about attacks by and on online advertizing. Definitely both enjoyable and insightful.
Open Source Honeyclient: Proactive Detection of Client-Side Exploits: a good read for those not familiar with "client honeypots" or "honeyclients"
Tomorrow's Security Cogs and Levers by Mark Curphey: this chapter exudes pure awesomeness and is the best in the book; read it three times already and plan to read a few more. Sorry that it sounds cliché, but this chapter definitely stimulates new, beautiful ways of "thinking security"!!
Security by Design by John McManus: a very good chapter that mixes NASA, security and software design. Read it and learn from it.
Forcing Firms to Focus: Is Secure Software in Your Future? by Jim Routh: great chapter that describes one company's battle for securing software (first, its own and then 3rd party)
Oh No, Here Come the Infosecurity Lawyers: way too much ROI and ROSI to my taste; also has ALE horror. Killed all the fun for me.
Beautiful Log Handling by Anton Chuvakin: eh...make your own opinion here :-)
Incident Detection: Finding the Other 68% by Grant Geyer: good old data correlation of IDS alerts, logs and other information is covered in this well-written chapter.
Overall, this was BY FAR the most insightful and enjoyable security book that I've read in a long time (the previous one was Geekonomics, BTW)