Enemy at the water cooler real-life stories of insider threats and Enterprise Security Management countermeasures
The book covers a decade of work with some of the largest commercial and government agencies around the world in addressing cyber security related to malicious insiders (trusted employees, contractors, and partners). It explores organized crime, terrorist threats, and hackers. It addresses the steps...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Rockland, MA :
Syngress
c2006.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627250706719 |
Tabla de Contenidos:
- Cover; Contents; Foreword; Introduction; Part I Background on Cyber Crime, Insider Threats, and ESM; Chapter 1 Cyber Crime and Cyber Criminals 101; About This Chapter; Computer Dependence and Internet Growth; Motivations for Cyber Criminal Activity; Black Markets; Hackers; Script Kiddies; Solitary Cyber Criminals and Exploit Writers for Hire; Organized Crime; Identity Thieves (Impersonation Fraudsters); Competitors; Activist Groups, Nation-State Threats, and Terrorists; Insiders; Tools of the Trade; Chapter 2 Insider Threats; Understanding Who the Insider Is
- Psychology of Insider IdentificationInsider Threat Examples from the Media; Insider Threats from a Human Perspective; Insider Threats from a Business Perspective; Insider Threats from a Technical Perspective; Chapter 3 Enterprise Security Management (ESM); ESM in a Nutshell; Key ESM Feature Requirements; Return On Investment (ROI) and Return On Security Investment (ROSI); Alternatives to ESM; Part II Real Life Case Studies; Chapter 4 Imbalanced Security- A Singaporean Data Center; Chapter 5 Comparing Physical & Logical Security Events-A U.S. Government Agency
- Chapter 6 Insider with a Conscience- An Austrian RetailerChapter 7 Collaborative Threat-A Telecommunications Company in the U.S.; Chapter 8 Outbreak from Within-A Financial Organization in the U.K.; Chapter 9 Mixing Revenge and Passwords- A Utility Company in Brazil; Chapter 10 Rapid Remediation- A University in the United States; Chapter 11 Suspicious Activity-A Consulting Company in Spain; Chapter 12 Insiders Abridged; Malicious Use of Medical Records; Hosting Pirated Software; Pod-Slurping; Auctioning State Property; Writing Code for Another Company; Outsourced Insiders
- Smuggling Gold in Rattus NorvegicusPart III The Extensibility of ESM; Chapter 13 Establishing Chainof- Custody Best Practices with ESM; Disclaimer; Monitoring and Disclosure; Provider Protection Exception; Consent Exception; Computer Trespasser Exception; Court Order Exception; Best Practices; Canadian Best Evidence Rule; Chapter 14 Addressing Both Insider Threats and Sarbanes-Oxley with ESM; Why Sarbanes-Oxley; A Primer on Sarbanes-Oxley; Section 302: Corporate Responsibility for Financial Reports; Section 404: Management Assessment of Internal Controls
- Section 409: Real-Time Issuer DisclosuresChapter 15 Incident Management with ESM; Incident Management Basics; Building an Incident Management Program; Chapter 16 Insider Threat Questions and Answers; Introduction; Insider Threat Recap; Question One-Employees; Question Two-Prevention; Question Three-Asset Inventories; Question Four-Log Collection; Question Five-Log Analysis; Question Six- Specialized Insider Content; Question Seven-Physical and Logical Security Convergence; Question Eight-IT Governance; Question Nine-Incident Response; Question Ten-Must Haves
- Appendix A Examples of Cyber Crime Prosecutions
