- STAFF PICKS
- GIFTS + GIFT CARDS
- SELL BOOKS
- FIND A STORE
Currently out of stock.
available for shipping or prepaid pickup only
Other titles in the SEI Series in Software Engineering series:
The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) (SEI Series in Software Engineering)by Dawn M. Cappelli
Synopses & Reviews
Since 2001, the CERT® Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute (SEI) has collected and analyzed information about more than seven hundred insider cyber crimes, ranging from national security espionage to theft of trade secrets. The CERT® Guide to Insider Threats describes CERT’s findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization.
The authors systematically address attacks by all types of malicious insiders, including current and former employees, contractors, business partners, outsourcers, and even cloud-computing vendors. They cover all major types of insider cyber crime: IT sabotage, intellectual property theft, and fraud. For each, they present a crime profile describing how the crime tends to evolve over time, as well as motivations, attack methods, organizational issues, and precursor warnings that could have helped the organization prevent the incident or detect it earlier. Beyond identifying crucial patterns of suspicious behavior, the authors present concrete defensive measures for protecting both systems and data.
This book also conveys the big picture of the insider threat problem over time: the complex interactions and unintended consequences of existing policies, practices, technology, insider mindsets, and organizational culture. Most important, it offers actionable recommendations for the entire organization, from executive management and board members to IT, data owners, HR, and legal departments.
With this book, you will find out how to
By implementing this book’s security practices, you will be incorporating protection mechanisms designed to resist the vast majority of malicious insider attacks.
Wikileaks recent data exposures demonstrate the danger now posed by insiders, who can often bypass physical and technical security measures designed to prevent unauthorized access. Insiders are already familiar with their organizations' policies, procedures, and technologies, and can often identify vulnerabilities more effectively than outside "hackers." Most IT security mechanisms are implemented primarily to defend against external threats, leaving potentially enormous vulnerabilities exposed. Now, the insider threat team at CERT, the world's leading information security experts, helps readers systematically identify, prevent, detect, and mitigate threats arising from inside the organization. Drawing on their advanced research with the US Secret Service and Department of Defense, as well as the world's largest database of insider attacks, the authors systematically address four key types of insider "cybercrime": national security espionage, IT sabotage, theft of intellectual property, and fraud. For each, they present an up-to-date crime profile: who typically commits these crimes (and why); relevant organizational issues; methods of attack, impacts, and precursors that could have warned the organization in advance. In addition to describing patterns that readers can use in their own organizations, the authors offer today's most effective psychological, technical, organizational, cultural, and process-based countermeasures.
About the Author
Dawn M. Cappelli, CISSP, is Technical Manager of the Insider Threat Center and CERT's Enterprise Threat and Vulnerability Management team at Carnegie Mellon's Software Engineering Institute (SEI). She is adjunct professor at Heinz College of Public Policy and Management, and Vice-Chair of CERT's Computer Security Incident Handler Certification Advisory Board. Andrew P. Moore, Sr. Member of Technical Staff at CERT, researched high assurance system development for Naval Research Laboratory. Randall F. Trzeciak, Sr. Member of Technical Staff for SEI's Networked Systems Survivability (NSS) program, serves on a CERT team studying insider threats with the US Secret Service, DOD, and CMU's CyLab.
Table of Contents
Chapter 1: Overview
Chapter 2: Insider IT Sabotage
Chapter 3: Insider Theft of Sensitive Information
Chapter 4: Insider Fraud
Chapter 5: Insider Threat Issues in the Software Development Life Cycle
Chapter 6: Best Practices for Prevention and Detection of Insider Threats
Chapter 7: Technical Insider Threat Controls
Chapter 8: Insider Threat Case Examples
Chapter 9: Conclusion and Miscellaneous Issues
Appendix A: CERT Insider Threat Center Products and Services
Appendix B: Deeper Dive into the Data
Appendix C: Background of the CERT Insider Threat Center
Appendix D: CERT Insider Threat Database Structure
Appendix E: MERIT Interactive Insider Threat Virtual Training Simulation
Appendix F: Details of System Dynamics Modeling
What Our Readers Are Saying