Skip to main content

Security Metrics Management

Download Security Metrics Management Full eBooks in PDF, EPUB, and kindle. Security Metrics Management is one my favorite book and give us some inspiration, very enjoy to read. you could read this book anywhere anytime directly from your device.

Security Metrics Management

Security Metrics Management Book
Author : Gerald L. Kovacich,Edward Halibozek
Publisher : Butterworth-Heinemann
Release : 2016-11-30
ISBN : 0128045000
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Security Metrics Management, Measuring the Effectiveness and Efficiency of a Security Program, Second Edition details the application of quantitative, statistical, and/or mathematical analyses to measure security functional trends and workload, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. This fully updated guide is the go-to reference for managing an asset protection program and related security functions through the use of metrics. It supports the security professional’s position on budget matters, helping to justify the cost-effectiveness of security-related decisions to senior management and other key decision-makers. The book is designed to provide easy-to-follow guidance, allowing security professionals to confidently measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, build budgets, and provide trend analyses to develop a more efficient and effective asset protection program. Examines the latest techniques in both generating and evaluating security metrics, with guidance for creating a new metrics program or improving an existing one Features an easy-to-read, comprehensive implementation plan for establishing an asset protection program Outlines detailed strategies for creating metrics that measure the effectiveness and efficiency of an asset protection program Offers increased emphasis through metrics to justify security professionals as integral assets to the corporation Provides a detailed example of a corporation briefing for security directors to provide to executive management

Security Metrics

Security Metrics Book
Author : Andrew Jaquith
Publisher : Pearson Education
Release : 2007-03-26
ISBN : 9780132715775
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

The Definitive Guide to Quantifying, Classifying, and Measuring Enterprise IT Security Operations Security Metrics is the first comprehensive best-practice guide to defining, creating, and utilizing security metrics in the enterprise. Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization’s unique requirements. You’ll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management’s quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith’s extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You’ll learn how to: • Replace nonstop crisis response with a systematic approach to security improvement • Understand the differences between “good” and “bad” metrics • Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk • Quantify the effectiveness of security acquisition, implementation, and other program activities • Organize, aggregate, and analyze your data to bring out key insights • Use visualization to understand and communicate security issues more clearly • Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources • Implement balanced scorecards that present compact, holistic views of organizational security effectiveness

Metrics and Methods for Security Risk Management

Metrics and Methods for Security Risk Management Book
Author : Carl Young
Publisher : Syngress
Release : 2010-08-21
ISBN : 9781856179799
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Security problems have evolved in the corporate world because of technological changes, such as using the Internet as a means of communication. With this, the creation, transmission, and storage of information may represent security problem. Metrics and Methods for Security Risk Management is of interest, especially since the 9/11 terror attacks, because it addresses the ways to manage risk security in the corporate world. The book aims to provide information about the fundamentals of security risks and the corresponding components, an analytical approach to risk assessments and mitigation, and quantitative methods to assess the risk components. In addition, it also discusses the physical models, principles, and quantitative methods needed to assess the risk components. The by-products of the methodology used include security standards, audits, risk metrics, and program frameworks. Security professionals, as well as scientists and engineers who are working on technical issues related to security problems will find this book relevant and useful. Offers an integrated approach to assessing security risk Addresses homeland security as well as IT and physical security issues Describes vital safeguards for ensuring true business continuity

Information Security Management Metrics

Information Security Management Metrics Book
Author : W. Krag Brotby, CISM
Publisher : CRC Press
Release : 2009-03-30
ISBN : 9781420052862
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Spectacular security failures continue to dominate the headlines despite huge increases in security budgets and ever-more draconian regulations. The 20/20 hindsight of audits is no longer an effective solution to security weaknesses, and the necessity for real-time strategic metrics has never been more critical. Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement offers a radical new approach for developing and implementing security metrics essential for supporting business activities and managing information risk. This work provides anyone with security and risk management responsibilities insight into these critical security questions: How secure is my organization? How much security is enough? What are the most cost-effective security solutions? How secure is my organization? You can’t manage what you can’t measure This volume shows readers how to develop metrics that can be used across an organization to assure its information systems are functioning, secure, and supportive of the organization’s business objectives. It provides a comprehensive overview of security metrics, discusses the current state of metrics in use today, and looks at promising new developments. Later chapters explore ways to develop effective strategic and management metrics for information security governance, risk management, program implementation and management, and incident management and response. The book ensures that every facet of security required by an organization is linked to business objectives, and provides metrics to measure it. Case studies effectively demonstrate specific ways that metrics can be implemented across an enterprise to maximize business benefit. With three decades of enterprise information security experience, author Krag Brotby presents a workable approach to developing and managing cost-effective enterprise information security.

Measures and Metrics in Corporate Security

Measures and Metrics in Corporate Security Book
Author : George Campbell
Publisher : Elsevier
Release : 2014-04-02
ISBN : 012800715X
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

The revised second edition of Measures and Metrics in Corporate Security is an indispensable guide to creating and managing a security metrics program. Authored by George Campbell, emeritus faculty of the Security Executive Council and former chief security officer of Fidelity Investments, this book shows how to improve security’s bottom line and add value to the business. It provides a variety of organizational measurements, concepts, metrics, indicators and other criteria that may be employed to structure measures and metrics program models appropriate to the reader’s specific operations and corporate sensitivities. There are several hundred examples of security metrics included in Measures and Metrics in Corporate Security, which are organized into categories of security services to allow readers to customize metrics to meet their operational needs. Measures and Metrics in Corporate Security is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs. Describes the basic components of a metrics program, as well as the business context for metrics Provides guidelines to help security managers leverage the volumes of data their security operations already create Identifies the metrics security executives have found tend to best serve security’s unique (and often misunderstood) missions Includes 375 real examples of security metrics across 13 categories

Security Metrics Management

Security Metrics Management Book
Author : Gerald L. Kovacich,Edward P. Halibozek
Publisher : Butterworth-Heinemann
Release : 2005-11-30
ISBN : 0750678992
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Provides guidance on measuring the costs, successes and failures of asset protection and security programs.

PRAGMATIC Security Metrics

PRAGMATIC Security Metrics Book
Author : W. Krag Brotby,Gary Hinson
Publisher : CRC Press
Release : 2016-04-19
ISBN : 1439881537
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics. Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to help: Security professionals systematically improve information security, demonstrate the value they are adding, and gain management support for the things that need to be done Management address previously unsolvable problems rationally, making critical decisions such as resource allocation and prioritization of security relative to other business activities Stakeholders, both within and outside the organization, be assured that information security is being competently managed The PRAGMATIC approach lets you hone in on your problem areas and identify the few metrics that will generate real business value. The book: Helps you figure out exactly what needs to be measured, how to measure it, and most importantly, why it needs to be measured Scores and ranks more than 150 candidate security metrics to demonstrate the value of the PRAGMATIC method Highlights security metrics that are widely used and recommended, yet turn out to be rather poor in practice Describes innovative and flexible measurement approaches such as capability maturity metrics with continuous scales Explains how to minimize both measurement and security risks using complementary metrics for greater assurance in critical areas such as governance and compliance In addition to its obvious utility in the information security realm, the PRAGMATIC approach, introduced for the first time in this book, has broader application across diverse fields of management including finance, human resources, engineering, and production—in fact any area that suffers a surplus of data but a deficit of useful information. Visit Security Metametrics. Security Metametrics supports the global community of professionals adopting the innovative techniques laid out in PRAGMATIC Security Metrics. If you, too, are struggling to make much sense of security metrics, or searching for better metrics to manage and improve information security, Security Metametrics is the place. http://securitymetametrics.com/

Security Metrics A Beginner s Guide

Security Metrics  A Beginner s Guide Book
Author : Caroline Wong
Publisher : McGraw Hill Professional
Release : 2011-10-06
ISBN : 0071744010
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Security Smarts for the Self-Guided IT Professional “An extraordinarily thorough and sophisticated explanation of why you need to measure the effectiveness of your security program and how to do it. A must-have for any quality security program!” —Dave Cullinane, CISSP, CISO & VP, Global Fraud, Risk & Security, eBay Learn how to communicate the value of an information security program, enable investment planning and decision making, and drive necessary change to improve the security of your organization. Security Metrics: A Beginner's Guide explains, step by step, how to develop and implement a successful security metrics program. This practical resource covers project management, communication, analytics tools, identifying targets, defining objectives, obtaining stakeholder buy-in, metrics automation, data quality, and resourcing. You'll also get details on cloud-based security metrics and process improvement. Templates, checklists, and examples give you the hands-on help you need to get started right away. Security Metrics: A Beginner's Guide features: Lingo--Common security terms defined so that you're in the know on the job IMHO--Frank and relevant opinions based on the author's years of industry experience Budget Note--Tips for getting security technologies and processes into your organization's budget In Actual Practice--Exceptions to the rules of security explained in real-world contexts Your Plan--Customizable checklists you can use on the job now Into Action--Tips on how, why, and when to apply new skills and techniques at work Caroline Wong, CISSP, was formerly the Chief of Staff for the Global Information Security Team at eBay, where she built the security metrics program from the ground up. She has been a featured speaker at RSA, ITWeb Summit, Metricon, the Executive Women's Forum, ISC2, and the Information Security Forum.

Complete Guide to Security and Privacy Metrics

Complete Guide to Security and Privacy Metrics Book
Author : Debra S. Herrmann
Publisher : CRC Press
Release : 2007-01-22
ISBN : 1420013289
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

While it has become increasingly apparent that individuals and organizations need a security metrics program, it has been exceedingly difficult to define exactly what that means in a given situation. There are hundreds of metrics to choose from and an organization's mission, industry, and size will affect the nature and scope of the task as well as

Security Metrics Management

Security Metrics Management Book
Author : Gerald L. Kovacich,Edward Halibozek
Publisher : Elsevier
Release : 2005-12-15
ISBN : 0080492266
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Security metrics is the application of quantitative, statistical, and/or mathematical analyses to measuring security functional trends and workload. In other words, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. Security metrics management is the managing of an assets protection program and related security functions through the use of metrics. It can be used where managerial tasks must be supported for such purposes as supporting the security professional’s position on budget matters, justifying the cost-effectiveness of decisions, determining the impact of downsizing on service and support to customers, etc. Security Metrics Management is designed to provide basic guidance to security professionals so that they can measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, justify budget and use trend analyses to develop a more efficient and effective assets protection program. - Over 100 checklists, flowcharts, and other illustrations depict examples of security metrics and how to use them - Drawings, model processes, model procedures and forms enable the reader to immediately put concepts to use in a practical application - Provides clear direction on how to meet new business demands on the Security Professional

Security Metrics Management

Security Metrics Management Book
Author : Gerald L. Kovacich
Publisher : Unknown
Release : 2006
ISBN : 0987650XXX
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Download Security Metrics Management book written by Gerald L. Kovacich, available in PDF, EPUB, and Kindle, or read full book online anywhere and anytime. Compatible with any devices.

Measuring and Managing Information Risk

Measuring and Managing Information Risk Book
Author : Jack Freund,Jack Jones
Publisher : Butterworth-Heinemann
Release : 2014-08-23
ISBN : 0127999329
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Using the factor analysis of information risk (FAIR) methodology developed over ten years and adopted by corporations worldwide, Measuring and Managing Information Risk provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity. Intended for organizations that need to either build a risk management program from the ground up or strengthen an existing one, this book provides a unique and fresh perspective on how to do a basic quantitative risk analysis. Covering such key areas as risk theory, risk calculation, scenario modeling, and communicating risk within the organization, Measuring and Managing Information Risk helps managers make better business decisions by understanding their organizational risk. Uses factor analysis of information risk (FAIR) as a methodology for measuring and managing risk in any organization. Carefully balances theory with practical applicability and relevant stories of successful implementation. Includes examples from a wide variety of businesses and situations presented in an accessible writing style.

How to Measure Anything in Cybersecurity Risk

How to Measure Anything in Cybersecurity Risk Book
Author : Douglas W. Hubbard,Richard Seiersen
Publisher : John Wiley & Sons
Release : 2016-07-25
ISBN : 1119085292
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

A ground shaking exposé on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current "risk management" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. Discover the shortcomings of cybersecurity's "best practices" Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.

Directions in Security Metrics Research

Directions in Security Metrics Research Book
Author : Wayne Jansen
Publisher : DIANE Publishing
Release : 2010-02
ISBN : 1437924514
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Information security metrics are seen as an important factor in making sound decisions about various aspects of security, ranging from the design of security architectures and controls to the effectiveness and efficiency of security operations. Security metrics strive to offer a quantitative and objective basis for security assurance. During the last few decades, researchers have made various attempts to develop measures and systems of measurement for computer security with varying degrees of success. This paper provides an overview of the security metrics area and looks at possible avenues of research that could be pursued to advance the state of the art.

Guidelines for Integrating Management Systems and Metrics to Improve Process Safety Performance

Guidelines for Integrating Management Systems and Metrics to Improve Process Safety Performance Book
Author : CCPS (Center for Chemical Process Safety)
Publisher : John Wiley & Sons
Release : 2016-02-03
ISBN : 1118795105
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

This book combines the synergies between performance improvement systems to help ensure safe and reliable operations, streamline procedures and cross-system auditing, and supporting regulatory and corporate compliance requirements. Many metrics are common to more than one area, such that a well-designed and implemented integrated management system will reduce the load on the Process Safety, SHE, Security and Quality groups, and improve manufacturing efficiency and customer satisfaction. Systems to improve performance include: process safety; traditional safety, health and environment; and, product quality. Chapters include: Integrating Framework; Securing Support & Preparing for Implementation; Establishing Common Risk Management Systems – How to Integrate PSM into Other EH; Testing Implementation Approach; Developing and Agreeing on Metrics; Management Review; Tracking Integration Progress and Measuring Performance; Continuous Improvement; Communication of Results to Different Stakeholders; Case Studies; and Examples for Industry.

Performance Metrics

Performance Metrics Book
Author : Duke Okes
Publisher : Quality Press
Release : 2013-01-21
ISBN : 0873898508
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Which performance measures should you use? The obvious answer is that it depends on what you want to achieve, which someone else should never define for you. After all, it is your organization, your department, or your process. But once you are clear about what you want to accomplish, how do you sort through a variety of possible metrics and decide which are best? Then, given the list of metrics you believe are useful or necessary, how do you define them in more detail to ensure that the right data are gathered at the appropriate frequency and that the resulting information gets to the right people so that they can make proper decisions? This book provides a clarifying perspective for those who know that metrics need to be developed but are unsure as to the steps to follow in developing and deploying them. It focuses on making sure that the metrics selected will guide people and processes in the direction the organization wants to go, and allow continual evaluation of success. Every highly effective organization is unique in some strategic way, and the metrics used should reflect these differences. Studying high performers can be useful from a learning standpoint, but simply adopting what someone else is doing is likely to take you off your track and put you on theirs. The concepts in this book will put you on the correct track and give you the tools to stay on it.

Advances in Information and Computer Security

Advances in Information and Computer Security Book
Author : Isao Echizen,Noboru Kunihiro,Ryoichi Sasaki
Publisher : Springer
Release : 2010-11-01
ISBN : 3642168256
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

The Fifth International Workshop on Security (IWSEC 2010) was held at Kobe InternationalConferenceCenter,Kobe,Japan,November22–24,2010. Thewo- shop was co-organized by CSEC, a special interest group concerned with the computer security of the Information Processing Society of Japan (IPSJ) and ISEC,atechnicalgroupconcernedwiththe informationsecurityofTheInstitute of Electronics, Information and Communication Engineers (IEICE). The exc- lentLocalOrganizingCommitteewasledbytheIWSEC2010GeneralCo-chairs, Hiroaki Kikuchi and Toru Fujiwara. This year IWSEC 2010 had three tracks, the Foundations of Security (Track I), Security in Networks and Ubiquitous Computing Systems (Track II), and Security in Real Life Applications (Track III), and the review and selection processes for these tracks were independent of each other. We received 75 paper submissions including 44 submissions for Track I, 20 submissions for Track II, and 11 submissions for Track III. We would like to thank all the authors who submitted papers. Each paper was reviewed by at least three reviewers. In - dition to the Program Committee members, many external reviewers joined the review process from their particular areas of expertise. We were fortunate to have this energetic team of experts, and are grateful to all of them for their hard work. This hard work included very active discussions; the discussion phase was almost as long as the initial individual reviewing. The review and discussions weresupportedbyaveryniceWeb-basedsystem,iChair. Wewouldliketothank its developers. Following the review phases, 22 papers including 13 papers for Track I, 6 papers for Track II, and 3 papers for Track III were accepted for publication in this volume of Advances in Information and Computer Security.

INFORMATION SYSTEMS SECURITY SECURITY MANAGEMENT METRICS FRAMEWORKS AND BEST PRACTICES With CD

INFORMATION SYSTEMS SECURITY  SECURITY MANAGEMENT  METRICS  FRAMEWORKS AND BEST PRACTICES  With CD   Book
Author : Nina Godbole
Publisher : John Wiley & Sons
Release : 2008
ISBN : 9788126516926
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Market_Desc: · Undergraduate and graduate level students of different universities and examination syllabus for international certifications in security domain· Teachers of security topics Special Features: · Written by an experienced industry professional working in the domain, a professional with extensive experience in teaching at various levels (student seminars, industry workshops) as well as research.· A comprehensive treatment and truly a treatise on the subject of Information Security· Coverage of SOX and SAS 70 aspects for Asset Management in the context of information systems security.· Covers SOX and SAS 70 aspects for Asset Management in the context of Information Systems Security. · Detailed explaination of topics Privacy and Biometric Controls .· IT Risk Analysis covered.· Review questions and reference material pointers after each chapter.· Ample figures to illustrate key points - over 250 figures!· All this is in a single book that should prove as a valuable reference on the topic to students and professionals. Useful for candidates appearing for the CISA certification exam. Maps well with the CBOK for CSTE and CSQA Certifications. About The Book: Information and communication systems can be exposed to intrusion and risks, within the overall architecture and design of these systems. These areas of risks can span the entire gamut of information systems including databases, networks, applications, internet-based communication, web services, mobile technologies and people issues associated with all of them. It is vital for businesses to be fully aware of security risks associated with their systems as well as the regulatory body pressures; and develop and implement an effective strategy to handle those risks.This book covers all of the aforementioned issues in depth. It covers all significant aspects of security, as it deals with ICT, and provides practicing ICT security professionals explanations to various aspects of information systems, their corresponding security risks and how to embark on strategic approaches to reduce and, preferably, eliminate those risks. Written by an experienced industry professional working in the domain, with extensive experience in teaching at various levels as well as research, this book is truly a treatise on the subject of Information Security.Covers SOX and SAS 70 aspects for Asset Management in the context of Information Systems Security. IT Risk Analysis covered.Detailed explanation of topics Privacy and Biometric Controls .Review questions and reference material pointers after each chapter.

Security Metrics A Beginner s Guide

Security Metrics  A Beginner s Guide Book
Author : Caroline Wong
Publisher : McGraw-Hill Prof Med/Tech
Release : 2011-10-20
ISBN : 0071744002
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

Security Smarts for the Self-Guided IT Professional “An extraordinarily thorough and sophisticated explanation of why you need to measure the effectiveness of your security program and how to do it. A must-have for any quality security program!” —Dave Cullinane, CISSP, CISO & VP, Global Fraud, Risk & Security, eBay Learn how to communicate the value of an information security program, enable investment planning and decision making, and drive necessary change to improve the security of your organization. Security Metrics: A Beginner's Guide explains, step by step, how to develop and implement a successful security metrics program. This practical resource covers project management, communication, analytics tools, identifying targets, defining objectives, obtaining stakeholder buy-in, metrics automation, data quality, and resourcing. You'll also get details on cloud-based security metrics and process improvement. Templates, checklists, and examples give you the hands-on help you need to get started right away. Security Metrics: A Beginner's Guide features: Lingo--Common security terms defined so that you're in the know on the job IMHO--Frank and relevant opinions based on the author's years of industry experience Budget Note--Tips for getting security technologies and processes into your organization's budget In Actual Practice--Exceptions to the rules of security explained in real-world contexts Your Plan--Customizable checklists you can use on the job now Into Action--Tips on how, why, and when to apply new skills and techniques at work Caroline Wong, CISSP, was formerly the Chief of Staff for the Global Information Security Team at eBay, where she built the security metrics program from the ground up. She has been a featured speaker at RSA, ITWeb Summit, Metricon, the Executive Women's Forum, ISC2, and the Information Security Forum.

Collaborative Financial Infrastructure Protection

Collaborative Financial Infrastructure Protection Book
Author : Roberto Baldoni,Gregory Chockler
Publisher : Springer Science & Business Media
Release : 2012-01-11
ISBN : 3642204201
Language : En, Es, Fr & De

DOWNLOAD

Book Description :

The Critical Infrastructure Protection Survey recently released by Symantec found that 53% of interviewed IT security experts from international companies experienced at least ten cyber attacks in the last five years, and financial institutions were often subject to some of the most sophisticated and large-scale cyber attacks and frauds. The book by Baldoni and Chockler analyzes the structure of software infrastructures found in the financial domain, their vulnerabilities to cyber attacks and the existing protection mechanisms. It then shows the advantages of sharing information among financial players in order to detect and quickly react to cyber attacks. Various aspects associated with information sharing are investigated from the organizational, cultural and legislative perspectives. The presentation is organized in two parts: Part I explores general issues associated with information sharing in the financial sector and is intended to set the stage for the vertical IT middleware solution proposed in Part II. Nonetheless, it is self-contained and details a survey of various types of critical infrastructure along with their vulnerability analysis, which has not yet appeared in a textbook-style publication elsewhere. Part II then presents the CoMiFin middleware for collaborative protection of the financial infrastructure. The material is presented in an accessible style and does not require specific prerequisites. It appeals to both researchers in the areas of security, distributed systems, and event processing working on new protection mechanisms, and practitioners looking for a state-of-the-art middleware technology to enhance the security of their critical infrastructures in e.g. banking, military, and other highly sensitive applications. The latter group will especially appreciate the concrete usage scenarios included.