The Resource Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos
Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos
Resource Information
The item Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos represents a specific, individual, material embodiment of a distinct intellectual or artistic creation found in Missouri University of Science & Technology Library.This item is available to borrow from 1 library branch.
Resource Information
The item Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos represents a specific, individual, material embodiment of a distinct intellectual or artistic creation found in Missouri University of Science & Technology Library.
This item is available to borrow from 1 library branch.
- Summary
- Packed with vivid real-life cases, this comprehensive book addresses the most difficult to manage and costly of all security threats: the insider
- Language
- eng
- Extent
- 1 online resource (xxii, 262 pages)
- Note
- Title from Web page (viewed February 28, 2007)
- Contents
-
- Part I: Background on Cyber Crime, Insider Threats, and ESM
- Chapter One: Cyber Crime and Cyber Criminals
- About this Chapter
- Computer Dependence and Internet Growth
- The Shrinking Vulnerability Threat Window
- Motivations for Cyber Criminal Activity
- o Black Markets
- Hacker
- Script Kiddies
- Solitary Cyber Criminals and Exploit Writers for Hire
- Organized Crime
- Identity Thieves (Impersonation Fraudsters)
- Competitors
- Activist Groups, Nation-State Threats, and Terrorists
- Activists
- Nation-State Threats
- o China
- o France
- o Russia
- o United Kingdom
- o United States
- Terrorists
- Insiders
- Tools of the Trade
- o Application-Layer Exploits
- o Botnets
- o Buffer Overflows
- o Code Packing
- o Denial-of-service (DoS) Attacks
- o More Aggressive and Sophisticated Malware
- o Non-wired Attacks and Mobile Devices
- o Password-cracking
- o Phishing
- o Reconnaissance and Googledorks
- o Rootkits and Keyloggers
- o Social Engineering Attacks
- o Voice over IP (VoIP) Attacks
- o Zero-Day Exploits
- Summary Points
- Chapter Two: Insider Threats
- Understanding Who the Insider Is
- Psychology of Insider Identification
- Insider Threat Examples from the Media
- Insider Threats from a Human Perspective
- o A Word on Policies
- Insider Threats from a Business Perspective
- o Risk
- Insider Threats from a Technical Perspective
- o Need-to-know
- o Least Privileges
- o Separation of Duties
- o Strong Authentication
- o Access Controls
- o Incident Detection and Incident Management
- Summary Points
- -- Chapter Three: Enterprise Security Management (ESM)
- ESM in a Nutshell
- Key ESM Feature Requirements
- o Event Collection
- o Normalization
- o Categorization
- o Asset Information
- o Vulnerability Information
- o Zoning and Global Positioning System Data
- o Active Lists
- o Actors
- o Data Content
- o Correlation
- o Prioritization
- o Event and Response Time Reduction
- o Anomaly Detection
- o Pattern Discovery
- o Alerting
- o Case Management
- o Real-Time Analysis and Forensic Investigation
- o Visualization
- o High-level Dashboards
- o Detailed Visualization
- o Reporting
- o Remediation
- Return On Investment (ROI) and Return On Security Investment (ROSI)
- Alternatives to ESM
- o Do Nothing
- o Custom In-house Solutions
- o Outsourcing and Co-sourcing --? Co-sourcing examples:
- Summary Points
- -- Part II: Real Life Case Studies
- Chapter Four: Imbalanced SecurityA Singaporean Data Center
- Chapter Five: Correlating Physical and Logical Security EventsA U.S. Government Organization
- Chapter Six: Insider with a ConscienceAn Austrian Retailer
- Chapter Seven: Collaborative ThreatA Telecommunications Company in the U.S.
- Chapter Eight: Outbreak from WithinA Financial Organization in the U.K.
- Chapter Nine: Mixing Revenge and PasswordsA Utility Company in Brazil
- Chapter Ten: Rapid RemediationA University in the United States
- Chapter Eleven: Suspicious ActivityA Consulting Company in Spain
- Chapter Twelve: Insiders Abridged
- Malicious use of Medical Records
- Hosting Pirated Software
- Pod-Slurping
- Auctioning State Property
- Writing Code for another Company
- Outsourced Insiders
- Smuggling Gold in Rattus Norvegicus
- -- Part III: The Extensibility of ESM
- Chapter Thirteen: Establishing Chain-of-Custody Best Practices with ESM
- Disclaimer
- Monitoring and disclosure
- Provider Protection Exception
- Consent Exception
- Computer Trespasser Exception
- Court Order Exception
- Best Practices
- Canadian Best Evidence Rule
- Summary Points
- -- Chapter Fourteen: Addressing Both Insider Threats and Sarbanes-Oxley with ESM
- A Primer on Sarbanes-Oxley
- Section 302: Corporate Responsibility for Financial Reports
- Section 404: Management Assessment of Internal Controls
- Separation of Duties
- Monitoring Interaction with Financial Processes
- Detecting Changes in Controls over Financial Systems
- Section 409: Real-time Issuer Disclosures
- Summary Points
- -- Chapter Fifteen: Incident Management with ESM
- Incident Management Basics
- Improved Risk Management
- Improved Compliance
- Reduced Costs
- Current Challenges
- o Process
- o Organization
- o Technology
- Building an Incident Management Program
- o Defining Risk
- Five Steps to Risk Definition for Incident Management
- o Process
- o Training
- o Stakeholder Involvement
- o Remediation
- o Documentation
- Reporting and Metrics
- Summary Points
- -- Chapter Sixteen: Insider Threat Questions and Answers
- Introduction
- Insider Threat Recap
- Question One
- Employees
- o The Hiring Process
- o Reviews
- o Awareness
- o NIST 800-50
- o Policies
- o Standards
- o Security Memorandum Example
- Question Two
- Prevention
- Question Three Asset Inventories
- Question Four Log Collection
- o Security Application Logs
- o Operating System Log
- o Web Server Logs
- o NIST 800-92
- Question Five Log Analysis
- Question Six
- Specialized Insider Content
- Question Seven Physical and Logical Security Convergence
- Question Eight IT Governance
- o NIST 800-53
- o Network Account Deletion maps to NIST 800-53 section AC-2
- o Vulnerability Scanning maps to NIST 800-53 section RA-5
- o Asset Creation maps to NIST 800-53 section CM-4
- o Attacks and Suspicious Activity from Public Facing Assets maps to NIST 800-53 section SC-14
- o Traffic from Internal to External Assets maps to NIST 800-53 section SC-7
- Question Nine
- Incident Response
- Question 10 Must Haves
- -- Appendix AExamples of Cyber Crime Prosecutions
- Isbn
- 9780080477602
- Label
- Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures
- Title
- Enemy at the water cooler
- Title remainder
- real-life stories of insider threats and Enterprise Security Management countermeasures
- Statement of responsibility
- Brian T. Contos
- Subject
-
- COMPUTERS -- Internet | Security
- COMPUTERS -- Networking | Security
- COMPUTERS -- Security | General
- Computer hackers
- Computer networks -- Security measures
- Computer networks -- Security measures
- Computer networks -- Security measures
- Computer security
- Electronic books
- Hackers
- Hackers
- Computer security
- Computer security
- Electronic books
- Language
- eng
- Summary
- Packed with vivid real-life cases, this comprehensive book addresses the most difficult to manage and costly of all security threats: the insider
- Cataloging source
- NTG
- http://library.link/vocab/creatorName
- Contos, Brian T
- Dewey number
- 005.8
- Illustrations
- illustrations
- Index
- index present
- LC call number
- TK5105.59
- LC item number
- .C658 2006eb
- Literary form
- non fiction
- Nature of contents
-
- dictionaries
- bibliography
- http://library.link/vocab/subjectName
-
- Computer networks
- Computer security
- Hackers
- COMPUTERS
- COMPUTERS
- COMPUTERS
- Computer networks
- Computer security
- Computer hackers
- Hackers
- Computer networks
- Computer security
- Label
- Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos
- Note
- Title from Web page (viewed February 28, 2007)
- Bibliography note
- Includes bibliographical references and index
- Carrier category
- online resource
- Carrier category code
-
- cr
- Carrier MARC source
- rdacarrier
- Color
- other
- Content category
- text
- Content type code
-
- txt
- Content type MARC source
- rdacontent
- Contents
- Part I: Background on Cyber Crime, Insider Threats, and ESM -- Chapter One: Cyber Crime and Cyber Criminals -- About this Chapter -- Computer Dependence and Internet Growth -- The Shrinking Vulnerability Threat Window -- Motivations for Cyber Criminal Activity -- o Black Markets -- Hacker -- Script Kiddies -- Solitary Cyber Criminals and Exploit Writers for Hire -- Organized Crime -- Identity Thieves (Impersonation Fraudsters) -- Competitors -- Activist Groups, Nation-State Threats, and Terrorists -- Activists -- Nation-State Threats -- o China -- o France -- o Russia -- o United Kingdom -- o United States -- Terrorists -- Insiders -- Tools of the Trade -- o Application-Layer Exploits -- o Botnets -- o Buffer Overflows -- o Code Packing -- o Denial-of-service (DoS) Attacks -- o More Aggressive and Sophisticated Malware -- o Non-wired Attacks and Mobile Devices -- o Password-cracking -- o Phishing -- o Reconnaissance and Googledorks -- o Rootkits and Keyloggers -- o Social Engineering Attacks -- o Voice over IP (VoIP) Attacks -- o Zero-Day Exploits -- Summary Points -- Chapter Two: Insider Threats -- Understanding Who the Insider Is -- Psychology of Insider Identification -- Insider Threat Examples from the Media -- Insider Threats from a Human Perspective -- o A Word on Policies -- Insider Threats from a Business Perspective -- o Risk -- Insider Threats from a Technical Perspective -- o Need-to-know -- o Least Privileges -- o Separation of Duties -- o Strong Authentication -- o Access Controls -- o Incident Detection and Incident Management -- Summary Points -- -- Chapter Three: Enterprise Security Management (ESM) -- ESM in a Nutshell -- Key ESM Feature Requirements -- o Event Collection -- o Normalization -- o Categorization -- o Asset Information -- o Vulnerability Information -- o Zoning and Global Positioning System Data -- o Active Lists -- o Actors -- o Data Content -- o Correlation -- o Prioritization -- o Event and Response Time Reduction -- o Anomaly Detection -- o Pattern Discovery -- o Alerting -- o Case Management -- o Real-Time Analysis and Forensic Investigation -- o Visualization -- o High-level Dashboards -- o Detailed Visualization -- o Reporting -- o Remediation -- Return On Investment (ROI) and Return On Security Investment (ROSI) -- Alternatives to ESM -- o Do Nothing -- o Custom In-house Solutions -- o Outsourcing and Co-sourcing --? Co-sourcing examples: -- Summary Points -- -- Part II: Real Life Case Studies -- Chapter Four: Imbalanced SecurityA Singaporean Data Center -- Chapter Five: Correlating Physical and Logical Security EventsA U.S. Government Organization -- Chapter Six: Insider with a ConscienceAn Austrian Retailer -- Chapter Seven: Collaborative ThreatA Telecommunications Company in the U.S. -- Chapter Eight: Outbreak from WithinA Financial Organization in the U.K. -- Chapter Nine: Mixing Revenge and PasswordsA Utility Company in Brazil -- Chapter Ten: Rapid RemediationA University in the United States -- Chapter Eleven: Suspicious ActivityA Consulting Company in Spain -- Chapter Twelve: Insiders Abridged -- Malicious use of Medical Records -- Hosting Pirated Software -- Pod-Slurping -- Auctioning State Property -- Writing Code for another Company -- Outsourced Insiders -- Smuggling Gold in Rattus Norvegicus -- -- Part III: The Extensibility of ESM -- Chapter Thirteen: Establishing Chain-of-Custody Best Practices with ESM -- Disclaimer -- Monitoring and disclosure -- Provider Protection Exception -- Consent Exception -- Computer Trespasser Exception -- Court Order Exception -- Best Practices -- Canadian Best Evidence Rule -- Summary Points -- -- Chapter Fourteen: Addressing Both Insider Threats and Sarbanes-Oxley with ESM -- A Primer on Sarbanes-Oxley -- Section 302: Corporate Responsibility for Financial Reports -- Section 404: Management Assessment of Internal Controls -- Separation of Duties -- Monitoring Interaction with Financial Processes -- Detecting Changes in Controls over Financial Systems -- Section 409: Real-time Issuer Disclosures -- Summary Points -- -- Chapter Fifteen: Incident Management with ESM -- Incident Management Basics -- Improved Risk Management -- Improved Compliance -- Reduced Costs -- Current Challenges -- o Process -- o Organization -- o Technology -- Building an Incident Management Program -- o Defining Risk -- Five Steps to Risk Definition for Incident Management -- o Process -- o Training -- o Stakeholder Involvement -- o Remediation -- o Documentation -- Reporting and Metrics -- Summary Points -- -- Chapter Sixteen: Insider Threat Questions and Answers -- Introduction -- Insider Threat Recap -- Question One -- Employees -- o The Hiring Process -- o Reviews -- o Awareness -- o NIST 800-50 -- o Policies -- o Standards -- o Security Memorandum Example -- Question Two -- Prevention -- Question Three Asset Inventories -- Question Four Log Collection -- o Security Application Logs -- o Operating System Log -- o Web Server Logs -- o NIST 800-92 -- Question Five Log Analysis -- Question Six -- Specialized Insider Content -- Question Seven Physical and Logical Security Convergence -- Question Eight IT Governance -- o NIST 800-53 -- o Network Account Deletion maps to NIST 800-53 section AC-2 -- o Vulnerability Scanning maps to NIST 800-53 section RA-5 -- o Asset Creation maps to NIST 800-53 section CM-4 -- o Attacks and Suspicious Activity from Public Facing Assets maps to NIST 800-53 section SC-14 -- o Traffic from Internal to External Assets maps to NIST 800-53 section SC-7 -- Question Nine -- Incident Response -- Question 10 Must Haves -- -- Appendix AExamples of Cyber Crime Prosecutions
- Control code
- 183748860
- Dimensions
- unknown
- Extent
- 1 online resource (xxii, 262 pages)
- Form of item
- online
- Isbn
- 9780080477602
- Media category
- computer
- Media MARC source
- rdamedia
- Media type code
-
- c
- Other control number
- 792502912928
- Other physical details
- illustrations
- Specific material designation
- remote
- System control number
- (OCoLC)183748860
- Label
- Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos
- Note
- Title from Web page (viewed February 28, 2007)
- Bibliography note
- Includes bibliographical references and index
- Carrier category
- online resource
- Carrier category code
-
- cr
- Carrier MARC source
- rdacarrier
- Color
- other
- Content category
- text
- Content type code
-
- txt
- Content type MARC source
- rdacontent
- Contents
- Part I: Background on Cyber Crime, Insider Threats, and ESM -- Chapter One: Cyber Crime and Cyber Criminals -- About this Chapter -- Computer Dependence and Internet Growth -- The Shrinking Vulnerability Threat Window -- Motivations for Cyber Criminal Activity -- o Black Markets -- Hacker -- Script Kiddies -- Solitary Cyber Criminals and Exploit Writers for Hire -- Organized Crime -- Identity Thieves (Impersonation Fraudsters) -- Competitors -- Activist Groups, Nation-State Threats, and Terrorists -- Activists -- Nation-State Threats -- o China -- o France -- o Russia -- o United Kingdom -- o United States -- Terrorists -- Insiders -- Tools of the Trade -- o Application-Layer Exploits -- o Botnets -- o Buffer Overflows -- o Code Packing -- o Denial-of-service (DoS) Attacks -- o More Aggressive and Sophisticated Malware -- o Non-wired Attacks and Mobile Devices -- o Password-cracking -- o Phishing -- o Reconnaissance and Googledorks -- o Rootkits and Keyloggers -- o Social Engineering Attacks -- o Voice over IP (VoIP) Attacks -- o Zero-Day Exploits -- Summary Points -- Chapter Two: Insider Threats -- Understanding Who the Insider Is -- Psychology of Insider Identification -- Insider Threat Examples from the Media -- Insider Threats from a Human Perspective -- o A Word on Policies -- Insider Threats from a Business Perspective -- o Risk -- Insider Threats from a Technical Perspective -- o Need-to-know -- o Least Privileges -- o Separation of Duties -- o Strong Authentication -- o Access Controls -- o Incident Detection and Incident Management -- Summary Points -- -- Chapter Three: Enterprise Security Management (ESM) -- ESM in a Nutshell -- Key ESM Feature Requirements -- o Event Collection -- o Normalization -- o Categorization -- o Asset Information -- o Vulnerability Information -- o Zoning and Global Positioning System Data -- o Active Lists -- o Actors -- o Data Content -- o Correlation -- o Prioritization -- o Event and Response Time Reduction -- o Anomaly Detection -- o Pattern Discovery -- o Alerting -- o Case Management -- o Real-Time Analysis and Forensic Investigation -- o Visualization -- o High-level Dashboards -- o Detailed Visualization -- o Reporting -- o Remediation -- Return On Investment (ROI) and Return On Security Investment (ROSI) -- Alternatives to ESM -- o Do Nothing -- o Custom In-house Solutions -- o Outsourcing and Co-sourcing --? Co-sourcing examples: -- Summary Points -- -- Part II: Real Life Case Studies -- Chapter Four: Imbalanced SecurityA Singaporean Data Center -- Chapter Five: Correlating Physical and Logical Security EventsA U.S. Government Organization -- Chapter Six: Insider with a ConscienceAn Austrian Retailer -- Chapter Seven: Collaborative ThreatA Telecommunications Company in the U.S. -- Chapter Eight: Outbreak from WithinA Financial Organization in the U.K. -- Chapter Nine: Mixing Revenge and PasswordsA Utility Company in Brazil -- Chapter Ten: Rapid RemediationA University in the United States -- Chapter Eleven: Suspicious ActivityA Consulting Company in Spain -- Chapter Twelve: Insiders Abridged -- Malicious use of Medical Records -- Hosting Pirated Software -- Pod-Slurping -- Auctioning State Property -- Writing Code for another Company -- Outsourced Insiders -- Smuggling Gold in Rattus Norvegicus -- -- Part III: The Extensibility of ESM -- Chapter Thirteen: Establishing Chain-of-Custody Best Practices with ESM -- Disclaimer -- Monitoring and disclosure -- Provider Protection Exception -- Consent Exception -- Computer Trespasser Exception -- Court Order Exception -- Best Practices -- Canadian Best Evidence Rule -- Summary Points -- -- Chapter Fourteen: Addressing Both Insider Threats and Sarbanes-Oxley with ESM -- A Primer on Sarbanes-Oxley -- Section 302: Corporate Responsibility for Financial Reports -- Section 404: Management Assessment of Internal Controls -- Separation of Duties -- Monitoring Interaction with Financial Processes -- Detecting Changes in Controls over Financial Systems -- Section 409: Real-time Issuer Disclosures -- Summary Points -- -- Chapter Fifteen: Incident Management with ESM -- Incident Management Basics -- Improved Risk Management -- Improved Compliance -- Reduced Costs -- Current Challenges -- o Process -- o Organization -- o Technology -- Building an Incident Management Program -- o Defining Risk -- Five Steps to Risk Definition for Incident Management -- o Process -- o Training -- o Stakeholder Involvement -- o Remediation -- o Documentation -- Reporting and Metrics -- Summary Points -- -- Chapter Sixteen: Insider Threat Questions and Answers -- Introduction -- Insider Threat Recap -- Question One -- Employees -- o The Hiring Process -- o Reviews -- o Awareness -- o NIST 800-50 -- o Policies -- o Standards -- o Security Memorandum Example -- Question Two -- Prevention -- Question Three Asset Inventories -- Question Four Log Collection -- o Security Application Logs -- o Operating System Log -- o Web Server Logs -- o NIST 800-92 -- Question Five Log Analysis -- Question Six -- Specialized Insider Content -- Question Seven Physical and Logical Security Convergence -- Question Eight IT Governance -- o NIST 800-53 -- o Network Account Deletion maps to NIST 800-53 section AC-2 -- o Vulnerability Scanning maps to NIST 800-53 section RA-5 -- o Asset Creation maps to NIST 800-53 section CM-4 -- o Attacks and Suspicious Activity from Public Facing Assets maps to NIST 800-53 section SC-14 -- o Traffic from Internal to External Assets maps to NIST 800-53 section SC-7 -- Question Nine -- Incident Response -- Question 10 Must Haves -- -- Appendix AExamples of Cyber Crime Prosecutions
- Control code
- 183748860
- Dimensions
- unknown
- Extent
- 1 online resource (xxii, 262 pages)
- Form of item
- online
- Isbn
- 9780080477602
- Media category
- computer
- Media MARC source
- rdamedia
- Media type code
-
- c
- Other control number
- 792502912928
- Other physical details
- illustrations
- Specific material designation
- remote
- System control number
- (OCoLC)183748860
Subject
- COMPUTERS -- Internet | Security
- COMPUTERS -- Networking | Security
- COMPUTERS -- Security | General
- Computer hackers
- Computer networks -- Security measures
- Computer networks -- Security measures
- Computer networks -- Security measures
- Computer security
- Electronic books
- Hackers
- Hackers
- Computer security
- Computer security
- Electronic books
Genre
Member of
Library Links
Embed
Settings
Select options that apply then copy and paste the RDF/HTML data fragment to include in your application
Embed this data in a secure (HTTPS) page:
Layout options:
Include data citation:
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.library.mst.edu/portal/Enemy-at-the-water-cooler--real-life-stories-of/PdjifTBFG4I/" typeof="Book http://bibfra.me/vocab/lite/Item"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.library.mst.edu/portal/Enemy-at-the-water-cooler--real-life-stories-of/PdjifTBFG4I/">Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.library.mst.edu/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.library.mst.edu/">Missouri University of Science & Technology Library</a></span></span></span></span></div>
Note: Adjust the width and height settings defined in the RDF/HTML code fragment to best match your requirements
Preview
Cite Data - Experimental
Data Citation of the Item Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos
Copy and paste the following RDF/HTML data fragment to cite this resource
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.library.mst.edu/portal/Enemy-at-the-water-cooler--real-life-stories-of/PdjifTBFG4I/" typeof="Book http://bibfra.me/vocab/lite/Item"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.library.mst.edu/portal/Enemy-at-the-water-cooler--real-life-stories-of/PdjifTBFG4I/">Enemy at the water cooler : real-life stories of insider threats and Enterprise Security Management countermeasures, Brian T. Contos</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.library.mst.edu/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.library.mst.edu/">Missouri University of Science & Technology Library</a></span></span></span></span></div>
