- Paperback: 288 pages
- Publisher: Syngress (24 Dec. 2006)
- Language: English
- ISBN-10: 1597491292
- ISBN-13: 978-1597491297
- Product Dimensions: 17.9 x 2.1 x 22.7 cm
- Average Customer Review: 4.0 out of 5 stars See all reviews (1 customer review)
- Amazon Bestsellers Rank: 125,062 in Books (See Top 100 in Books)
- See Complete Table of Contents
Enemy at the Water Cooler: True Stories of Insider Threats and Enterprise Security Management Countermeasures Paperback – 24 Dec 2006
|New from||Used from|
- Choose from over 13,000 locations across the UK
- Prime members get unlimited deliveries at no additional cost
- Find your preferred location and add it to your address book
- Dispatch to this address when you check out
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Throughout, Contos uses his extensive personal experiences to illustrate Internet security breaches and provide countermeasures. This book requires little if any technical background and is intended to appeal to a broad audience.- Choice, E. M. Aupperle
About the Author
Brian T. Contos, CISSP, Chief Security Officer, ArcSight Inc. has over a decade of real-world security engineering and management expertise developed in some of the most sensitive and mission-critical environments in the world. As ArcSight's CSO he advises government organizations and Global 1,000s on security strategy related to Enterprise Security Management (ESM) solutions while being an evangelist for the security space. He has delivered security-related speeches, white papers, webcasts, podcasts and most recently published a book on insider threats titled - Enemy at the Water Cooler. He frequently appears in media outlets including: Forbes, The London Times, Computerworld, SC Magazine, Tech News World, Financial Sector Technology and the Sarbanes-Oxley Compliance Journal. Mr. Contos has held management and engineering positions at Riptech, Lucent Bell Labs, Compaq Computers and the Defense Information Systems Agency (DISA). He has worked throughout North America, South America, Western Europe, and Asia and holds a B.S. from the University of Arizona in addition to a number of industry and vendor certifications.
Top Customer Reviews
My initial thought upon picking this book up, was that it might be a bit dated - having been published back in 2007, but I need not have worried despite some of the technologies covered by the book having moved on. There is for example no spear-fishing to be found here or any of the targeting attacks that have developed post 2007. However this is to say the book should be discarded, it should not as the situations and motivations of those who set out to harm, are timeless.
The style of writing is exceptionally straight forward and the writing style is so clear that few people will fail to understand both the threats and the lessons to be learnt from the scenarios presented within the book. Certainly I have found myself referring to this book time and again.
It is hard to highlight exactly what makes this book so valuable, but probably the key information is distilled a number of key areas:
Chapter 2 covers the exactly what it is that motives a trusted employee to become harmful to an organisation. It approaches this subject in a way I've not seen presented, as it covers the psychology of the malcontent, and how such insider threats might been seen - from a personal, business and probably more importantly from an external reputational perspective.Read more ›
Most Helpful Customer Reviews on Amazon.com (beta)
If you are seriously interested in ESM, you probably wrote the gushing "review notes" on the cover or the foreword (written by Hugh Njemanze, CTO of - you guessed it - the same ESM company). I'm far from convinced that anyone else (except perhaps from the ESM company and its customers who may be happy with an extremely biased view of the value of ESM) would benefit from this book, even if it is "vendor neutral" (page xxii). If you are looking for some meaningful insight into and analysis of the "insider threat", and perhaps some practical and worthwhile countermeasures apart from ESM, look elsewhere.
The insider threat shouldn't be a surprise: employee theft takes a bigger bite out of retailers than does shoplifting, and company personnel give away more secrets than are stolen by spies.
On average, authorized network users gain access to 10 to 20 times more resources than they need to perform their jobs, and this extra access leads to most network security breaches. With that as its starting point, Enemy at the Water Cooler looks at the problem of the trusted insider and how to reduce both the threat and the vulnerability. Author Brian Contos astutely notes that insider attacks are the hardest ones to defend against, detect, and manage.
The first part of the book sketches the risks that insiders pose to an organization. It also details mechanisms that can be used to control these risks.
One such solution is ESM (Enterprise Security Management) software. (Full disclosure: the author is the CSO for a leading ESM vendor and some of the illustrations in the book are screenshots from this vendor's product.) ESM software centrally collects and analyzes log data from various entities within a network. When correctly deployed, ESM can be used to discover internal risks, in addition to correlating security information and performing other valuable tasks.
The final chapters of the book run through real-life case studies in which Contos shows how ESM mitigated, or could have mitigated, the risk.
Although the book has a lot of information, at $49.95 for fewer than 250 pages, the book is overpriced. Even though it can come across as self-serving, the book should be commended for tackling a vital and often neglected topic.
In addition to the insider threat information, the initial chapter that gives an overview of computer-based threats from organized crime, nation-states and terrorist was an eyeopener. The author does an excellent job explaining how these groups use insiders (employees mostly) to help carryout their agendas.
Since reading the book I've also listened to several webcasts and podcasts from the author. I found these to be informative and in several instances, the case studies from the book are explored in even more detail as the author discusses subtitle points that aren't necessarily covered in the book.
I've read a few books on insider threat now, and this is by far one of my favorites, and more so, it has shown great utility at work. Engineers like it, and so does my senior management.
Good book for IT people and specifically security whizzes to take a look at.
Look for similar items by category
- Books > Business, Finance & Law > E-Commerce > Managers' Guides to Computing
- Books > Business, Finance & Law > Management
- Books > Computing & Internet > Digital Lifestyle > Online Shopping > Amazon
- Books > Computing & Internet > Networking & Security > Network Topics
- Books > Computing & Internet > Networking & Security > Security
- Books > Scientific, Technical & Medical > Mathematics > Applied Mathematics