There were a lot of good information security books that came out in 2015, and many that were not worth reading.
The following books stand out as the best, listed in no particular order:
Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World: Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and the NSA for their wholesale spying on innocent Americans and violations of myriad laws and the Constitution. Instead, he has written a thoroughly convincing and brilliant book about big data, mass surveillance and the ensuing privacy dangers.
Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan: When creating programs for information security monitoring and its corresponding incident response plans, far too many firms focus solely on the software, hardware and appliances; not realizing it takes people to make it work. The book shows how to take the potential of them devices, and put them into actuality. The book notes that it’s not a trivial matter, but it’s not rocket science, and it can be done
There Will Be Cyberwar: How The Move To Network-Centric War Fighting Has Set The Stage For Cyberwar: A point author Richard Stiennon makes a number of times in is that cyber-Pearl Harbor is the wrong metaphor. He feels a more appropriate metaphor is cyber-9/11. At 135 pages, the book is a quick and enthralling read. And at the end you are left wondering if just perhaps, there has already been a cyber-9/11.
Security Operations Center: Building, Operating, and Maintaining your SOC: Building an enterprise SOC is a huge endeavor that far too many organizations think is an almost trivial endeavor. For those that are serious about building their own SOC, this book is an invaluable resource.
The Terrorists of Iraq: Inside the Strategy and Tactics of the Iraq Insurgency 2003-2014: Malcolm Nance is a career intelligence officer, combat veteran, author, scholar and media commentator on international terrorism, intelligence, insurgency and torture. He knows the topic intimately well. Strictly speaking, this is not an information security title, but the book is required reading to understand the monstrosity of events going on in Iraq.