| | |  | Computer Security | Home » » Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks | | | | | | | Product Promotions: | | | | | Description: | | An organization’s employees are often more intimate with its computer system than anyone else. Many also have access to sensitive information regarding the company and its customers. This makes employees prime candidates for sabotaging a system if they become disgruntled or for selling privileged information if they become greedy. Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks presents the methods, safeguards, and techniques that help protect an organization from insider computer fraud. Drawing from the author’s vast experience assessing the adequacy of IT security for the banking and securities industries, the book presents a practical framework for identifying, measuring, monitoring, and controlling the risks associated with insider threats. It not only provides an analysis of application or system-related risks, it demonstrates the interrelationships that exist between an application and the IT infrastructure components it uses to transmit, process, and store sensitive data. The author also examines the symbiotic relationship between the risks, controls, threats, and action plans that should be deployed to enhance the overall information security governance processes. Increasing the awareness and understanding necessary to effectively manage the risks and controls associated with an insider threat, this book is an invaluable resource for those interested in attaining sound and best practices over the risk management process. | | | Product Details: | | | Author:
| Kenneth Brancik | | Hardcover:
| 504 pages | | Publisher:
| Auerbach Publications | | Publication Date:
| December 06, 2007 | | Language:
| English | | ISBN:
| 1420046594 | | Product Width:
| 161.25 centimeters | | Product Height:
| 231.0 centimeters | | Product Weight:
| 1.83 pounds | | Package Length:
| 9.4 inches | | Package Width:
| 6.4 inches | | Package Height:
| 1.2 inches | | Package Weight:
| 2.2 pounds | | Average Customer Rating:
|  based on 7 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 7 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
2 of 2 found the following review helpful:
Highly recommend - well written and must readJan 17, 2008
By ISC
"AC"
I really enjoyed reading this book. It provides a comprehensive framework for understanding insider threats and Risk management.
The author integrates a lot of components like Risk Assessment, Threat Modeling, Privacy assessment, Cyber security, Application security, Web services and Computer architecture as it relates to insider threat identification and prevention. If you deal with any of these components - you must read this book. You will learn so much - all in one place.
This book is logically arranged; the author does an excellent job building from one topic to another. It is an eye-opening and fascinating book as it presents the methods, safeguards, and techniques that help protect an organization from insider computer fraud.
I really liked Chapter 3 which covered Risk Assessment very well. It walks the reader with a step by step risk assessment methodology, which is very critical in any environment.
As a IT Security professional this book has become an invaluable resource for me.
Bottom line: Must read and well worth the price.
2 of 2 found the following review helpful:
Great textbook without the "textbook" feelingJan 11, 2008
By B. H. Edington
"Dr. Babs"
"Insider Computer Fraud" is a comprehensive overview that gives anyone, even computer novices, a solid framework of the topic. A topic of such breadth could overwhelm many individuals, but Brancik manages to divide the material into edible chunks that inform without drowning the reader in excess. If you scan the contents you can easily identify the area you want to focus on -- the well thought out design of the book is a real plus.
For professors looking for a textbook on this subject, "Insider Computer Fraud" is a good option. Each topic adds onto the prior chapter and gives a logic sequence to the material.
Interesting sub-topics such as the Novelty Neural Network and The Brain will capture the reader's attention. A good mix of theory and application makes this book a good choice for anyone interested in increasing their knowledge of a highly complex subject.
1 of 1 found the following review helpful:
A must read for the financial services as recent events show...Jan 27, 2008
By Peter J. Morales
"Peter"
"Insider Computer Fraud" is a thorough and and extremely well done coverage of a complex topic which has important implications for people and the companies they work in. We often focus on external threats but as recent event show insider threat is as critical and can impact whole industries over night. Brancik's coverage of Novelty Neural Networks and their use to detecting insider fraud is an important contribution. Anyone in the financial services industry that has a role in protecting against computer fraud should read this book.
2 of 3 found the following review helpful:
Outstanding Reference Including Action Plans, for Today and the FutureJan 29, 2008
By Manuel Aparicio IV
Ken Brancik has written a tour de force compendium about insider computer fraud. His years of practical experience shine through in this very practical book for anybody who needs to act in the defense of real systems. Brancik's own experience is combined with exhaustive references to case studies, legislation, and research.
The reader will enjoy a thorough presentation of the domain theory, combined with very detailed explanation of technical methods. For example, Brancik provides a rich taxonomy, which will be of huge value to any practitioner looking to divide and conquer such problems. Moreover, this taxonomy is only one of the elements in "an in-depth framework for detecting and defending against insider IT attacks". The book's content is true to the claim of its title.
Beyond what can be done and needs to be done as the first steps to thwart such attacks, Brancik also points the way to the future. Statistical models of anomaly, for example, have had a small place in computer security when compared to rule-based pattern detectors. Both approaches are needed, and this book describes neural networks -- associative memories in particular -- as a way toward more powerful hybrid systems of the future.
"Insider Computer Fraud" would make a great textbook for the student, an invaluable cookbook for the practitioner, and a provocative guide to the researcher. It is also a must-have reference for anybody in the field of computer fraud more generally.
2 of 3 found the following review helpful:
Excellent Guidance on Insider ThreatsJan 17, 2008
By Jody R. Westby
Ken Brancik has managed to hit the mark that so many have missed. He provides a comprehensive framework for understanding and countering insider threats. This book is useful for a multidisciplinary audience, from attorneys to management to technical staff. By addressing web security, IT architecture, and application security, he creates the "big picture" of insider fraud and then steps the reader through a methodology to effectively counter these threats. A seasoned and well respected cyber security professional, Ken Brancik, has made a substantial contribution toward beating the bad guys with this excellent work.
See all 7 customer reviews on Amazon.com
| | |
|
