The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) (SEI Series in Software Engineering)

Valutazione media 3,77
( su 22 valutazioni fornite da Goodreads )
 
9780321812575: The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) (SEI Series in Software Engineering)

Since 2001, the CERT® Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute (SEI) has collected and analyzed information about more than seven hundred insider cyber crimes, ranging from national security espionage to theft of trade secrets. The CERT® Guide to Insider Threats describes CERT’s findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization.

 

The authors systematically address attacks by all types of malicious insiders, including current and former employees, contractors, business partners, outsourcers, and even cloud-computing vendors. They cover all major types of insider cyber crime: IT sabotage, intellectual property theft, and fraud. For each, they present a crime profile describing how the crime tends to evolve over time, as well as motivations, attack methods, organizational issues, and precursor warnings that could have helped the organization prevent the incident or detect it earlier. Beyond identifying crucial patterns of suspicious behavior, the authors present concrete defensive measures for protecting both systems and data.

 

This book also conveys the big picture of the insider threat problem over time: the complex interactions and unintended consequences of existing policies, practices, technology, insider mindsets, and organizational culture. Most important, it offers actionable recommendations for the entire organization, from executive management and board members to IT, data owners, HR, and legal departments.

 

With this book, you will find out how to

  • Identify hidden signs of insider IT sabotage, theft of sensitive information, and fraud
  • Recognize insider threats throughout the software development life cycle
  • Use advanced threat controls to resist attacks by both technical and nontechnical insiders
  • Increase the effectiveness of existing technical security tools by enhancing rules, configurations, and associated business processes
  • Prepare for unusual insider attacks, including attacks linked to organized crime or the Internet underground

By implementing this book’s security practices, you will be incorporating protection mechanisms designed to resist the vast majority of malicious insider attacks.

Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.

About the Author:

Dawn Cappelli, CISSP, is Technical Manager of the CERT Insider Threat Center and the Enterprise Threat and Vulnerability Management Team at Carnegie Mellon University’s Software Engineering Institute (SEI). She has spent the past decade working with organizations such as the U.S. Secret Service and Department of Homeland Security in protecting the United States against insider threats. Andrew Moore is Lead Researcher in the CERT Insider Threat Center and Senior Member of Technical Staff at SEI. Randall Trzeciak is a Senior Member of Technical Staff at SEI, and Technical Team Lead for the Insider Threat Research Group at the CERT Insider Threat Center.

Review:

“For years, researchers at the CERT Insider Threat Center at Carnegie Mellon’s Software Engineering Institute have been collecting and studying data on real-world insider incidents. This year, they published a book cataloging the results of their research, called The CERT Guide to Insider Threats. This book is an invaluable guide to establishing effective processes for managing the risk of insider attacks, and it should be on every security professional’s wish list this year. In general, the insider threat drives home the point that perimeter defenses are no longer enough. IT organizations also need to be able to see into their internal networks to identify suspicious activity.”

-- Tom Cross, Director of Security Research at Lancope, guest writing for Forbes CIO Central

Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.

I migliori risultati di ricerca su AbeBooks

1.

Cappelli, Dawn M.Moore, Andrew P.Trzeciak, Randall F.
Editore: Prentice Hall
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Quantità: > 20
Da
INDOO
(Avenel, NJ, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Prentice Hall. Condizione libro: New. Brand New. Codice libro della libreria 0321812573

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 46,19
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,01
In U.S.A.
Destinazione, tempi e costi

2.

Dawn M. Cappelli; Andrew P. Moore; Randall F. Trzeciak
Editore: Addison-Wesley Professional (2012)
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 1
Da
Irish Booksellers
(Rumford, ME, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2012. Hardcover. Condizione libro: New. book. Codice libro della libreria 0321812573

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 53,94
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

3.

Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak
Editore: Addison-Wesley Professional (2012)
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 1
Da
Ergodebooks
(RICHMOND, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2012. Hardcover. Condizione libro: New. 1. Codice libro della libreria DADAX0321812573

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 54,57
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,43
In U.S.A.
Destinazione, tempi e costi

4.

Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak
Editore: Pearson Education (US), United States (2012)
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 10
Da
Book Depository hard to find
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US), United States, 2012. Hardback. Condizione libro: New. Language: English . This book usually ship within 10-15 business days and we will endeavor to dispatch orders quicker than this where possible. Brand New Book. Since 2001, the CERT(R) Insider Threat Center at Carnegie Mellon University s Software Engineering Institute (SEI) has collected and analyzed information about more than seven hundred insider cyber crimes, ranging from national security espionage to theft of trade secrets. The CERT(R) Guide to Insider Threats describes CERT s findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization. The authors systematically address attacks by all types of malicious insiders, including current and former employees, contractors, business partners, outsourcers, and even cloud-computing vendors. They cover all major types of insider cyber crime: IT sabotage, intellectual property theft, and fraud. For each, they present a crime profile describing how the crime tends to evolve over time, as well as motivations, attack methods, organizational issues, and precursor warnings that could have helped the organization prevent the incident or detect it earlier. Beyond identifying crucial patterns of suspicious behavior, the authors present concrete defensive measures for protecting both systems and data. This book also conveys the big picture of the insider threat problem over time: the complex interactions and unintended consequences of existing policies, practices, technology, insider mindsets, and organizational culture. Most important, it offers actionable recommendations for the entire organization, from executive management and board members to IT, data owners, HR, and legal departments. With this book, you will find out how to * Identify hidden signs of insider IT sabotage, theft of sensitive information, and fraud* Recognize insider threats throughout the software development life cycle* Use advanced threat controls to resist attacks by both technical and nontechnical insiders* Increase the effectiveness of existing technical security tools by enhancing rules, configurations, and associated business processes* Prepare for unusual insider attacks, including attacks linked to organized crime or the Internet underground By implementing this book s security practices, you will be incorporating protection mechanisms designed to resist the vast majority of malicious insider attacks. Codice libro della libreria BZV9780321812575

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 61,38
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

5.

Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak
Editore: Pearson Education (US), United States (2012)
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 10
Da
The Book Depository US
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US), United States, 2012. Hardback. Condizione libro: New. Language: English . Brand New Book. Since 2001, the CERT(R) Insider Threat Center at Carnegie Mellon University s Software Engineering Institute (SEI) has collected and analyzed information about more than seven hundred insider cyber crimes, ranging from national security espionage to theft of trade secrets. The CERT(R) Guide to Insider Threats describes CERT s findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization. The authors systematically address attacks by all types of malicious insiders, including current and former employees, contractors, business partners, outsourcers, and even cloud-computing vendors. They cover all major types of insider cyber crime: IT sabotage, intellectual property theft, and fraud. For each, they present a crime profile describing how the crime tends to evolve over time, as well as motivations, attack methods, organizational issues, and precursor warnings that could have helped the organization prevent the incident or detect it earlier. Beyond identifying crucial patterns of suspicious behavior, the authors present concrete defensive measures for protecting both systems and data. This book also conveys the big picture of the insider threat problem over time: the complex interactions and unintended consequences of existing policies, practices, technology, insider mindsets, and organizational culture. Most important, it offers actionable recommendations for the entire organization, from executive management and board members to IT, data owners, HR, and legal departments. With this book, you will find out how to * Identify hidden signs of insider IT sabotage, theft of sensitive information, and fraud* Recognize insider threats throughout the software development life cycle* Use advanced threat controls to resist attacks by both technical and nontechnical insiders* Increase the effectiveness of existing technical security tools by enhancing rules, configurations, and associated business processes* Prepare for unusual insider attacks, including attacks linked to organized crime or the Internet underground By implementing this book s security practices, you will be incorporating protection mechanisms designed to resist the vast majority of malicious insider attacks. Codice libro della libreria BZV9780321812575

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 61,89
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

6.

Cappelli, Dawn M., Moore, Andrew P., Trz
Editore: Addison-Wesley Professional (2012)
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 2
Da
Murray Media
(North Miami Beach, FL, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2012. Hardcover. Condizione libro: New. Codice libro della libreria P110321812573

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 70,35
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 2,57
In U.S.A.
Destinazione, tempi e costi

7.

Cappelli, Dawn M.; Moore, Andrew P.; Trzeciak, Randall F.
Editore: Addison-Wesley Professional
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 5
Da
BarristerBooks
(Lawrence, KS, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional. Hardcover. Condizione libro: New. 0321812573 BRAND NEW W/FAST SHIPPING! This item is: The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud), 1st Ed., 2012, by Cappelli, Dawn M.^Moore, Andrew P.^Trzeciak, Randall F.; FORMAT: Hardcover; ISBN: 9780321812575. Choose Expedited for fastest shipping! Our 98%+ rating proves our commitment! We cannot ship to PO Boxes/APO address. To avoid ordering the wrong item, please check your item's ISBN number!. Codice libro della libreria P9780321812575

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 76,24
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

8.

Cappelli, Dawn M./ Moore, Andrew P./ Trzeciak, Randall F.
Editore: Addison-Wesley Professional (2012)
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 1
Da
Revaluation Books
(Exeter, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2012. Hardcover. Condizione libro: Brand New. 1st edition. 432 pages. 9.43x7.25x1.10 inches. In Stock. Codice libro della libreria 0321812573

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 79,39
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 6,69
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

9.

DawnCappelli; Moore Andrew
Editore: Addison Wesley (2012)
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 3
Da
Valutazione libreria
[?]

Descrizione libro Addison Wesley, 2012. Condizione libro: New. Codice libro della libreria TV9780321812575

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 87,47
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,99
Da: Germania a: U.S.A.
Destinazione, tempi e costi

10.

Dawn M. Cappelli
ISBN 10: 0321812573 ISBN 13: 9780321812575
Nuovi Rilegato Quantità: 1
Da
AussieBookSeller
(SILVERWATER, NSW, Australia)
Valutazione libreria
[?]

Descrizione libro 2012. Hardcover. Condizione libro: New. 1. Hardcover. Since 2001, the CERT(R) Insider Threat Center at Carnegie Mellon University's Software Engineering Institute (SEI) has collected and analyzed information about more than .Shipping may be from our Sydney, NSW warehouse or from our UK or US warehouse, depending on stock availability. 389 pages. 0.803. Codice libro della libreria 9780321812575

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 73,69
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 31,82
Da: Australia a: U.S.A.
Destinazione, tempi e costi