Enemy at the Water Cooler (eBook)
304 Seiten
Elsevier Science (Verlag)
978-0-08-047760-2 (ISBN)
Today's headlines are littered with news of identity thieves, organized cyber criminals, corporate espionage, nation-state threats, and terrorists. They represent the next wave of security threats but still possess nowhere near the devastating potential of the most insidious threat: the insider. This is not the bored 16-year-old hacker. We are talking about insiders like you and me, trusted employees with access to information - consultants, contractors, partners, visitors, vendors, and cleaning crews. Anyone in an organization's building or networks that possesses some level of trust.
* Full coverage of this hot topic for virtually every global 5000 organization, government agency, and individual interested in security.
* Brian Contos is the Chief Security Officer for one of the most well known, profitable and respected security software companies in the U.S.-ArcSight.
The book covers a decade of work with some of the largest commercial and government agencies around the world in addressing cyber security related to malicious insiders (trusted employees, contractors, and partners). It explores organized crime, terrorist threats, and hackers. It addresses the steps organizations must take to address insider threats at a people, process, and technology level. Today's headlines are littered with news of identity thieves, organized cyber criminals, corporate espionage, nation-state threats, and terrorists. They represent the next wave of security threats but still possess nowhere near the devastating potential of the most insidious threat: the insider. This is not the bored 16-year-old hacker. We are talking about insiders like you and me, trusted employees with access to information - consultants, contractors, partners, visitors, vendors, and cleaning crews. Anyone in an organization's building or networks that possesses some level of trust.* Full coverage of this hot topic for virtually every global 5000 organization, government agency, and individual interested in security.* Brian Contos is the Chief Security Officer for one of the most well known, profitable and respected security software companies in the U.S.-ArcSight.
Cover 1
Contents 15
Foreword 21
Introduction 23
Part I Background on Cyber Crime, Insider Threats, and ESM 25
Chapter 1 Cyber Crime and Cyber Criminals 101 27
About This Chapter 28
Computer Dependence and Internet Growth 28
Motivations for Cyber Criminal Activity 31
Black Markets 35
Hackers 37
Script Kiddies 38
Solitary Cyber Criminals and Exploit Writers for Hire 39
Organized Crime 41
Identity Thieves (Impersonation Fraudsters) 43
Competitors 48
Activist Groups, Nation-State Threats, and Terrorists 48
Insiders 56
Tools of the Trade 58
Chapter 2 Insider Threats 73
Understanding Who the Insider Is 74
Psychology of Insider Identification 79
Insider Threat Examples from the Media 81
Insider Threats from a Human Perspective 83
Insider Threats from a Business Perspective 86
Insider Threats from a Technical Perspective 87
Chapter 3 Enterprise Security Management (ESM) 93
ESM in a Nutshell 94
Key ESM Feature Requirements 95
Return On Investment (ROI) and Return On Security Investment (ROSI) 109
Alternatives to ESM 114
Part II Real Life Case Studies 123
Chapter 4 Imbalanced Security— A Singaporean Data Center 125
Chapter 5 Comparing Physical & Logical Security Events—A U.S. Government Agency
Chapter 6 Insider with a Conscience— An Austrian Retailer 139
Chapter 7 Collaborative Threat—A Telecommunications Company in the U.S. 147
Chapter 8 Outbreak from Within—A Financial Organization in the U.K. 153
Chapter 9 Mixing Revenge and Passwords— A Utility Company in Brazil 161
Chapter 10 Rapid Remediation— A University in the United States 169
Chapter 11 Suspicious Activity—A Consulting Company in Spain 179
Chapter 12 Insiders Abridged 185
Malicious Use of Medical Records 186
Hosting Pirated Software 187
Pod-Slurping 188
Auctioning State Property 189
Writing Code for Another Company 190
Outsourced Insiders 191
Smuggling Gold in Rattus Norvegicus 192
Part III The Extensibility of ESM 193
Chapter 13 Establishing Chainof- Custody Best Practices with ESM 195
Disclaimer 196
Monitoring and Disclosure 196
Provider Protection Exception 197
Consent Exception 197
Computer Trespasser Exception 198
Court Order Exception 198
Best Practices 198
Canadian Best Evidence Rule 200
Chapter 14 Addressing Both Insider Threats and Sarbanes-Oxley with ESM 203
Why Sarbanes-Oxley 204
A Primer on Sarbanes-Oxley 205
Section 302: Corporate Responsibility for Financial Reports 206
Section 404: Management Assessment of Internal Controls 206
Section 409: Real-Time Issuer Disclosures 208
Chapter 15 Incident Management with ESM 211
Incident Management Basics 212
Building an Incident Management Program 216
Chapter 16 Insider Threat Questions and Answers 223
Introduction 224
Insider Threat Recap 224
Question One—Employees 225
Question Two—Prevention 234
Question Three—Asset Inventories 235
Question Four—Log Collection 238
Question Five—Log Analysis 243
Question Six— Specialized Insider Content 245
Question Seven—Physical and Logical Security Convergence 246
Question Eight—IT Governance 251
Question Nine—Incident Response 258
Question Ten—Must Haves 259
Appendix A Examples of Cyber Crime Prosecutions 261
U.S. Department of Justice Cases 262
Bibliography 273
Index 277
| Erscheint lt. Verlag | 30.10.2006 |
|---|---|
| Sprache | englisch |
| Themenwelt | Sachbuch/Ratgeber |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| Informatik ► Theorie / Studium ► Kryptologie | |
| Mathematik / Informatik ► Mathematik ► Finanz- / Wirtschaftsmathematik | |
| Wirtschaft ► Betriebswirtschaft / Management | |
| ISBN-10 | 0-08-047760-7 / 0080477607 |
| ISBN-13 | 978-0-08-047760-2 / 9780080477602 |
| Haben Sie eine Frage zum Produkt? |
PDF (Adobe DRM)Größe: 3,0 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
