Frequently Bought Together
Product details
|
More About the Author
Product Description
Product Description
Information risk exposes organizations to catastrophic failure, regulatory censure, fraud, IP theft, extortion, systems sabotage...the list goes on. The current fixation with technical controls means that people are often neglected, taken for granted or demeaned and yet, the one common denominator in most incidents is employees themselves. "Information Risk and Security" explains the complex and diverse sources of risk for any organization, and provides clear guidance and strategies to prevent these threats before they happen and to investigate them, if and when they do. Edward Wilding focuses particularly on internal IT risk, workplace crime and the preservation of evidence, because it is these areas that are generally so badly mismanaged. There is advice on: adopting control and security measures that do not hinder business operations, but which effectively block criminal access and misuse; how to secure information - in both electronic and hard copy form; understanding and countering the techniques by which employees are subverted or entrapped into giving access to systems and processes;preventing computer fraud, IP theft and systems sabotage, and investigating and responding to these threats should they occur; responding to attempted extortion and malicious information leaks; dealing with catastrophic risk; best-practice for monitoring and securing office and wireless networks; securing evidence where computer misuse occurs and presenting this evidence in court; conducting covert operations and forensic investigations; and much more. Tackling information risk and security is, as with all other aspects of organizational effectiveness, a matter of good management. This is an essential guide for risk and security managers, computer auditors, investigators, IT managers, line managers and non-technical experts; all those who need to understand the threat to workplace computers and information systems. The author's style mixes numerous case studies with practical, down-to-earth and easily implemented advice to help everyone with responsibility for this threat to manage it effectively.
About the Author
Edward Wilding has investigated several hundred cases of computer fraud and misuse in many jurisdictions. His previous book, Computer Evidence: A Forensic Investigations Handbook (Sweet and Maxwell 1996) was one of the first to discuss computer forensic investigations. The author has lectured widely, trained incident response teams, and conducted security and risk reviews for a diversity of clients. He has also served as an expert witness in civil and criminal cases, tribunals and official hearings, including the Hutton Inquiry. In 2002, he co-founded Data Genetics International (DGI), specializing in computer crime investigation, incident response and forensic evidence.
Inside This Book
(Learn More)
First Sentence
It doesn't work to leap a twenty-foot chasm in two ten-foot jumps. Read the first page
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
It doesn't work to leap a twenty-foot chasm in two ten-foot jumps. Read the first page
Explore More
Concordance
Browse Sample PagesConcordance
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Tag this product(What's this?)Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organise and find favourite items. |
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
Customer Reviews
|
There are no customer reviews yet on Amazon U.K.
|
||||||||||||||||||||
|
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com:
5.0 out of 5 stars (1 customer review)
2 of 2 people found the following review helpful:
5.0 out of 5 stars
Shows what it takes design and build a comprehensive information security program, 2 July 2009
By Ben Rothke "Author of 'Computer Security: 20 ... - Published on Amazon.com
This review is from: Information Risk and Security: Preventing and Investigating Workplace Computer Crime (Hardcover)
Many people mistakenly and naively think that information security is simply about keeping the hackers out. But hackers are only one of myriad risks within information security. In Information Risk and Security: Preventing and Investigating Workplace Computer Crime, author Edward Wilding does a superb job in showing the reader what it takes design and build a comprehensive information security program.
The book starts out with a bang and discusses one of the more considerable threats, the insider threat. The book details how Nick Leeson single-handedly brought Barings Bank to bankruptcy via uncontrolled insider access. The book notes that every business has a potential Leeson, a human time-bomb ticking away, often completely unidentified and waiting to take advantage of potentially dangerous system exposures.
The insider threat is one of the most dangerous threats, and also one that most organizations do nit properly defend themselves against. The book notes that the insider is in a better position to execute their crimes given their direction operation access to systems, and a day-to-day knowledge of how these systems and processes operate.
Security luminary Marcus Ranum notes that people often seem to want to treat computer security like it's rocket science or black magic. In fact, computer security is nothing but attention to detail and good design. In 19 densely packed chapters, the book writes about those very details of the many contemporary security issues facing organizations today.
Rather than relying on the FUD (fear, uncertainty and doubt) factor that often permeates much of information security, each chapter provides numerous real world references studies of computer security incidents from around the world. These stories are particularly valuable in that they can be used to take back to management to show them the need for adequate security funding.
Information Risk and Security: Preventing and Investigating Workplace Computer Crime is a densely packed treasure trove of invaluable information security knowledge. Anyone looking for a comprehensive guide to real-world information security, or looking to round out their security infrastructure is highly recommended to read this valuable reference.
Listmania!
Look for similar items by category
- Books > Business, Finance & Law > E-Commerce > Managers' Guides to Computing
- Books > Business, Finance & Law > Management > Management Skills > Leadership
- Books > Computing & Internet > Digital Lifestyle > Online Shopping > Amazon
- Books > Computing & Internet > Networking & Security > Security > Cryptography & Encryption
Look for similar items by subject
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
