Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks (Google eBook)

Front Cover
CRC Press, Dec 6, 2007 - Computers - 504 pages
0 Reviews
An organizationís employees are often more intimate with its computer system than anyone else. Many also have access to sensitive information regarding the company and its customers. This makes employees prime candidates for sabotaging a system if they become disgruntled or for selling privileged information if they become greedy. Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks presents the methods, safeguards, and techniques that help protect an organization from insider computer fraud.

Drawing from the authorís vast experience assessing the adequacy of IT security for the banking and securities industries, the book presents a practical framework for identifying, measuring, monitoring, and controlling the risks associated with insider threats. It not only provides an analysis of application or system-related risks, it demonstrates the interrelationships that exist between an application and the IT infrastructure components it uses to transmit, process, and store sensitive data. The author also examines the symbiotic relationship between the risks, controls, threats, and action plans that should be deployed to enhance the overall information security governance processes.

Increasing the awareness and understanding necessary to effectively manage the risks and controls associated with an insider threat, this book is an invaluable resource for those interested in attaining sound and best practices over the risk management process.

  

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Chapter 1 Insider Computer Fraud ICF
1
Chapter 2 Related Research in Insider Computer Fraud and Information Security Controls
9
Chapter 3 The Insider Threat Strategic Planning Process
27
Chapter 4 Information Technology Architecture and Insider Computer Fraud Prevention
103
Chapter 5 Protection of Web Sites from Insider Abuse and the Information Technology Infrastructure
113
Chapter 6 Web Services Security and Control Considerations for Reducing Transaction Risks
123
Chapter 7 Application Security and Methods for Reducing Insider Computer Fraud
135
Chapter 8 Insider Computer Fraud Taxonomy and the Art of the Key Fraud Indicator KFI Selection Process
185
Application Data OriginationInput
391
Application Data Processing
403
Application OutputManagement Information System MIS
409
Key Fraud Signature KFS Worksheet
417
CyberSecurity HealthCheck
423
Acronym List
441
Glossary
445
Contributors
455

Chapter 9 Key Fraud Signature KFS Selection Process for Detecting Insider Computer Fraud
237
Chapter 10 Application and System Journaling and the Software Engineering Process
313
Chapter 11 The Role of Neural Networks in the Insider Computer Fraud Framework
347
Application Access Controls
371
Index
457
Back cover
471
Copyright

Common terms and phrases

Bibliographic information