Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
- ISBN: 9780321812575 | 0321812573
- Cover: Hardcover
- Copyright: 1/24/2012
Wikileaks recent data exposures demonstrate the danger now posed by insiders, who can often bypass physical and technical security measures designed to prevent unauthorized access. Insiders are already familiar with their organizations'policies, procedures, and technologies, and can often identify vulnerabilities more effectively than outside "hackers." Most IT security mechanisms are implemented primarily to defend against external threats, leaving potentially enormous vulnerabilities exposed. Now, the insider threat team at CERT, the world's leading information security experts, helps readers systematically identify, prevent, detect, and mitigate threats arising from inside the organization. Drawing on their advanced research with the US Secret Service and Department of Defense, as well as the world's largest database of insider attacks, the authors systematically address four key types of insider "cybercrime": national security espionage, IT sabotage, theft of intellectual property, and fraud. For each, they present an up-to-date crime profile: who typically commits these crimes (and why); relevant organizational issues; methods of attack, impacts, and precursors that could have warned the organization in advance. In addition to describing patterns that readers can use in their own organizations, the authors offer today's most effective psychological, technical, organizational, cultural, and process-based countermeasures.