IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data

Rating: 
Amazon Price: N/A (as of April 20, 2018 16:31 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Implement an Effective Security Metrics Project or Program

IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide. Define security metrics as a manageable amount of usable data Design effective security metrics Understand quantitative and qualitative data, data sources, and collection and normalization methods Implement a programmable approach to security using the Security Process Management Framework Analyze security metrics data using quantitative and qualitative methods Design a security measurement project for operational analysis of security metrics Measure security operations, compliance, cost and value, and people, organizations, and culture Manage groups of security measurement projects using the Security Improvement Program Apply organizational learning methods to security metrics

Cyber Security Basics: Protect your organization by applying the fundamentals

Rating: 
Amazon Price: $4.99 $4.99 (as of April 20, 2018 16:16 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Information security does not have to be complicated. Vulnerability to cyber attacks can be significantly reduced if the basics are practiced. A clear understanding of the fundamentals can help ensure that adequate detective and protective controls are in place, and that a solid information security foundation is established. This book covers concepts and controls. It is a good primer for those new to the field, and a refresher for the more seasoned practitioner. It is for those who are tasked with creating, leading, supporting or improving an organization’s cyber security program. The goal is to help clear some of the fog that can get in the way of implementing cyber security best practices. The security controls that are discussed in these 100 concise pages are each assigned a maturity level. This helps the reader determine which controls are most appropriate for it’s organization. Maturity of a program is based on its age, the resources that are available to it, and the amount of leadership support it enjoys. Advanced controls are not appropriate for a newly-established program, for example. Reading this book will break down cognitive barriers. It will provide security practitioners the best practices necessary to detect and mitigate common and sophisticated attacks. Building a solid information security foundation does not have to be complicated. It can be achieved by applying the fundamentals of cyber security.

DNS Security: Hacking and Defending the Domain Name System

Rating: 
Amazon Price: $49.95 $49.95 (as of April 20, 2018 06:21 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

DNS Security: Hacking and Defending the Domain Name System provides tactics on how to secure a Domain Name System (DNS) framework by exploring common DNS vulnerabilities using real-world examples of DNS exploits and providing step-by-step guidelines for securing the infrastructure.

The book is a timely reference as DNS is an integral part of the Internet that translates IP addresses into easily remembered domain names. The book focuses entirely on the security aspects of DNS, combining internal and external data to analyze and effectively prioritize network threats. It shows how to build a security infrastructure based around intelligence, demonstrating how theory can work in real-life situations. Presents a multi-platform approach, covering Linux, BSD, and Windows DNS security tipsDemonstrates how to implement DNS Security tools, including numerous screen shots and configuration examplesProvides a timely reference on DNS, an integral part of the Internet that translates IP addresses into easily remembered domain namesIncludes information of interest to those working in 4DNS, authoritative services, BIND files, buffer overflows, DDoS Attacks, firewalls, transaction signatures, and version control, amongst other topics

Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace

Rating: 
Amazon Price: N/A (as of April 19, 2018 18:50 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Written by experts on the frontlines, Investigating Internet Crimes provides seasoned and new investigators with the background and tools they need to investigate crime occurring in the online world. This invaluable guide provides step-by-step instructions for investigating Internet crimes, including locating, interpreting, understanding, collecting, and documenting online electronic evidence to benefit investigations.

Cybercrime is the fastest growing area of crime as more criminals seek to exploit the speed, convenience and anonymity that the Internet provides to commit a diverse range of criminal activities. Today's online crime includes attacks against computer data and systems, identity theft, distribution of child pornography, penetration of online financial services, using social networks to commit crimes, and the deployment of viruses, botnets, and email scams such as phishing. Symantec's 2012 Norton Cybercrime Report stated that the world spent an estimated $110 billion to combat cybercrime, an average of nearly $200 per victim.
Continue reading “Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace”