Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft
The Secret Service, FBI, NSA, CERT (Computer Emergency Response Team) and George Washington University have all identified “Insider Threats as one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today.
This book will teach IT professional and law enforcement officials about the dangers posed by insiders to their IT infrastructure and how to mitigate these risks by designing and implementing secure IT systems as well as security and human resource policies. The book will begin by identifying the types of insiders who are most likely to pose a threat. Next, the reader will learn about the variety of tools and attacks used by insiders to commit their crimes including: encryption, steganography, and social engineering. The book will then specifically address the dangers faced by corporations and government agencies. Finally, the reader will learn how to design effective security systems to prevent insider attacks and how to investigate insider security breeches that do occur.
Throughout the book, the authors will use their backgrounds in the CIA to analyze several, high-profile cases involving insider threats.
* Tackles one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today
* Both co-authors worked for several years at the CIA, and they use this experience to analyze several high-profile cases involving insider threat attacks
* Despite the frequency and harm caused by insider attacks, there are no competing books on this topic.books on this topic
What people are saying - Write a review
Chapter 2 Behind the Crime
Chapter 3 State and Local Government Insiders
Chapter 4 Federal Government
Chapter 5 Commercial
Chapter 6 Banking and Financial Sector
Other editions - View all
able accessed November 2005 addition alternative data stream Analysis assets auditing bank Barings Bank behavior better caught cause harm chance chapter competitor compromise computer system create credit card crime critical damage databases deleted detect disgruntled employee document e-mail encryption espionage example federal Figure fraud fraudulent going Hanssen honeypots Honeytokens identify identity theft impact incident insider attack insider threat Internet investigation John Rusnak laptop look loss malicious methods million monitoring never Nick Leeson occur organization passwords percent perform person pled guilty potential prevent problem profiling protect risk rogue rogue traders Rusnak sabotage sensitive information separation of duties server social engineering someone Source UNITED steal steganography supervisor talking theft thing tion Topic trusted unauthorized usually vulnerabilities wireless wireless access point