Insider Threat: Protecting the Enterprise from Sabotage, Spying, and TheftElsevier, 2005. gada 15. dec. - 350 lappuses The Secret Service, FBI, NSA, CERT (Computer Emergency Response Team) and George Washington University have all identified “Insider Threats as one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today. This book will teach IT professional and law enforcement officials about the dangers posed by insiders to their IT infrastructure and how to mitigate these risks by designing and implementing secure IT systems as well as security and human resource policies. The book will begin by identifying the types of insiders who are most likely to pose a threat. Next, the reader will learn about the variety of tools and attacks used by insiders to commit their crimes including: encryption, steganography, and social engineering. The book will then specifically address the dangers faced by corporations and government agencies. Finally, the reader will learn how to design effective security systems to prevent insider attacks and how to investigate insider security breeches that do occur. Throughout the book, the authors will use their backgrounds in the CIA to analyze several, high-profile cases involving insider threats. * Tackles one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today * Both co-authors worked for several years at the CIA, and they use this experience to analyze several high-profile cases involving insider threat attacks * Despite the frequency and harm caused by insider attacks, there are no competing books on this topic.books on this topic |
Saturs
| 3 | |
| 49 | |
Chapter 3 State and Local Government Insiders | 103 |
Chapter 4 Federal Government | 145 |
Chapter 5 Commercial | 189 |
Chapter 6 Banking and Financial Sector | 241 |
Chapter 7 Government Subcontractors | 275 |
Chapter 8 Profiles of the Insider Threat | 295 |
Technologies That Can Be Used to Control the Insider Threat | 329 |
Chapter 10 Survivability | 353 |
Index | 385 |
Citi izdevumi - Skatīt visu
Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft Eric Cole,Sandra Ring Priekšskatījums nav pieejams - 2006 |
Bieži izmantoti vārdi un frāzes
able accessed November 2005 addition alternative data stream Analysis assets auditing bank Barings Bank behavior better caught cause harm chance chapter competitor compromise computer system create credit card crime critical damage databases deleted detect disgruntled employee document e-mail encryption espionage example federal Figure fraud fraudulent going Hanssen honeypots Honeytokens identify identity theft impact incident insider attack insider threat Internet investigation John Rusnak laptop look loss malicious methods million monitoring never Nick Leeson occur organization passwords percent perform person pled guilty potential prevent problem profiling protect risk rogue rogue traders Rusnak sabotage sensitive information separation of duties server social engineering someone Source UNITED steal steganography supervisor talking theft thing tion Topic trusted unauthorized usually vulnerabilities wireless wireless access point
Populāri fragmenti
331. lappuse - If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
199. lappuse - financial record" means an original of, a copy of, or information known to have been derived from, any record held by a financial institution pertaining to a customer's relationship with the financial institution; (3) "Government authority...
196. lappuse - Whoever, with intent or reason to believe that it is to be used to the injury of the United States or to the advantage of a foreign nation...
191. lappuse - Trade secret" means information, including a formula, pattern, compilation, program device, method, technique, or process, that: (i) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use, and (ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.
191. lappuse - trade secret" includes all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible, and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing if — (A) the owner thereof has taken reasonable measures to...
198. lappuse - ... shall be punished as provided in subsection (c) of this section. (b) Whoever attempts to commit an offense under subsection (a) of this section shall be punished as provided in subsection (c) of this section. (c) The punishment for an offense under subsection (a) or (b) of this section is...
198. lappuse - As used in this section— (1) the term "computer" means an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device, but such term does not include an automated typewriter or typesetter, a portable hand held calculator, or other similar device...