Si Vis Pacem, Para Bellum


Networks, Security And Complexity: The Role of Public Policy in Critical Infrastructure Protection

Networks, Security And Complexity: The Role of Public Policy in Critical Infrastructure ProtectionThe end of the 20th century witnessed an information revolution that introduced a host of new economic efficiencies. This economic change was underpinned by rapidly growing networks of infrastructure that have become increasingly complex. In this new era of global security we are now forced to ask whether our private efficiencies have led to public vulnerabilities, and if so, how do we make ourselves secure without hampering the economy. In order to answer these questions, Sean Gorman provides a framework for how vulnerabilities are identified and cost-effectively mitigated, as well as how resiliency and continuity of infrastructures can be increased. Networks, Security and Complexity goes on to address specific concerns such as determining criticality and interdependency, the most effective means of allocating scarce resources for defense, and whether diversity is a viable strategy. The author provides the economic, policy, and physics background to the issues of infrastructure security, along with tools for taking first steps in tackling these security dilemmas. He includes case studies of infrastructure failures and vulnerabilities, an analysis of threats to US infrastructure, and a review of the economics and geography of agglomeration and efficiency. This critical and controversial book will garner much attention and spark an important dialogue. Policymakers, security professionals, infrastructure operators, academics, and readers following homeland security issues will find this volume of great interest.

Price: $95.00

Click here to buy from Amazon


Cyber Attacks: Protecting National Infrastructure

Cyber Attacks: Protecting National InfrastructureNo nation – especially the United States – has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well

Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology in their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment.

This book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction.

* Covers cyber security policy development for massively complex infrastructure using ten principles derived from experiences in U.S. Federal Government settings and a range of global commercial environments.

* Provides a unique and provocative philosophy of cyber security that directly contradicts conventional wisdom about info sec for small or enterprise-level systems.

* Illustrates the use of practical, trial-and-error findings derived from 25 years of hands-on experience protecting critical infrastructure on a daily basis at AT&T.

Price: $59.95

Click here to buy from Amazon


Protection of Civilian Infrastructure from Acts of Terrorism

Protection of Civilian Infrastructure from Acts of Terrorism (NATO Security through Science Series C: Environmental Security)This book arises from the NATO-Russia Workshop, and focuses on the creation of a risk-informed analysis capability for modeling and predicting the behavior of complex infrastructure networks; applying emerging technology to the problems of designing, constructing, monitoring, and operating critical infrastructure systems; and building an understanding of the social, economic, and environmental factors that affect, and are affected by, critical infrastructure.

Price: $169.00

Click here to buy from Amazon


Cyberpower and National Security (National Defense University)

Cyberpower and National Security (National Defense University)The cyber domain is undergoing extraordinary changes that present both exceptional opportunities to and major challenges for users of cyberspace. The challenges arise from the malevolent actors who use cyberspace and the many security vulnerabilities that plague this sphere. Exploiting opportunities and overcoming challenges will require a balanced body of knowledge on the cyber domain. Cyberpower and National Security assembles a group of experts and discusses pertinent issues in five areas.

The first section provides a broad foundation and overview of the subject by identifying key policy issues, establishing a common vocabulary, and proposing an initial version of a theory of cyberpower. The second section identifies and explores possible changes in cyberspace over the next fifteen years by assessing cyber infrastructure and security challenges. The third section analyzes the potential impact of changes in cyberspace on the military and informational levers of power. The fourth section addresses the extent to which changes in cyberspace serve to empower key entities such as transnational criminals, terrorists, and nation-states. The final section examines key institutional factors, which include issues concerning governance, legal dimensions, critical infrastructure protection, and organization.

Cyberpower and National Security frames the key issues concerned and identifies the important questions involved in building the human capacity to address cyber issues, balancing civil liberties with national security considerations, and developing the international partnerships needed to address cyber challenges. With more than two dozen contributors, Cyberpower and National Security covers it all.

Price: $39.95

Click here to buy from Amazon


The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability – CRS Report

The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability - CRS ReportIn September 2010, media reports emerged about a new form of cyber attack that appeared to target Iran, although the actual target, if any, is unknown. Through the use of thumb drives in computers that were not connected to the Internet, a malicious software program known as Stuxnet infected computer systems that were used to control the functioning of a nuclear power plant. Once inside the system, Stuxnet had the ability to degrade or destroy the software on which it operated. Although early reports focused on the impact on facilities in Iran, researchers discovered that the program had spread throughout multiple countries worldwide.

From the perspective of many national security and technology observers, the emergence of the Stuxnet worm is the type of risk that threatens to cause harm to many activities deemed critical to the basic functioning of modern society. The Stuxnet worm covertly attempts to identify and exploit equipment that controls a nation’s critical infrastructure. A successful attack by a software application such as the Stuxnet worm could result in manipulation of control system code to the point of inoperability or long-term damage. Should such an incident occur, recovery from the damage to the computer systems programmed to monitor and manage a facility and the physical equipment producing goods or services could be significantly delayed. Depending on the severity of the attack, the interconnected nature of the affected critical infrastructure facilities, and government preparation and response plans, entities and individuals relying on these facilities could be without life sustaining or comforting services for a long period of time. The resulting damage to the nation’s critical infrastructure could threaten many aspects of life, including the government’s ability to safeguard national security interests.

Iranian officials have claimed that Stuxnet caused only minor damage to its nuclear program, yet the potential impact of this type of malicious software could be far-reaching. The discovery of the Stuxnet worm has raised several issues for Congress, including the effect on national security, what the government’s response should be, whether an international treaty to curb the use of malicious software is necessary, and how such a treaty could be implemented. Congress may also consider the government’s role in protecting critical infrastructure and whether new authorities may be required for oversight.

Price: $0.99

Click here to buy from Amazon

/* */