The Art of Investigative Interviewing, Fourth Edition, builds on the successes of the previous editions providing the reader guidance on conducting investigative interviews, both ethically and professionally. The book can be used by anyone who is involved in investigative interviewing. It is a perfect combination of real, practical, and effective techniques, procedures, and actual cases. The reader learns key elements of investigative interviewing, such as human psychology, proper interview preparation, tactical concepts, controlling the interview environment, and evaluating the evidence obtained from the interview. New to this edition will be coverage of Open Source Intelligence (OSINT) tools, workplace investigations, fraud investigations and the role of audit. Larry Fennelly joins original author Inge Sebyan Black, both well-known and respected in the field, providing everything an interviewer needs to know in order to conduct successful interviews with integrity and within the law. Written for anyone involved in investigative interviewing.
Security Controls Evaluation, Testing, and Assessment Handbook, Second Edition, provides a current and well-developed approach to evaluate and test IT security controls to prove they are functioning correctly. This handbook discusses the world of threats and potential breach actions surrounding all industries and systems. Sections cover how to take FISMA, NIST Guidance, and DOD actions, while also providing a detailed, hands-on guide to performing assessment events for information security professionals in US federal agencies. This handbook uses the DOD Knowledge Service and the NIST Families assessment guides as the basis for needs assessment, requirements and evaluation efforts.
Smart Cities Cybersecurity and Privacy examines the latest research developments and their outcomes for safe, secure, and trusting smart cities residents. Smart cities improve the quality of life of citizens in their energy and water usage, healthcare, environmental impact, transportation needs, and many other critical city services. Recent advances in hardware and software, have fueled the rapid growth and deployment of ubiquitous connectivity between a city’s physical and cyber components. This connectivity however also opens up many security vulnerabilities that must be mitigated. Smart Cities Cybersecurity and Privacy helps researchers, engineers, and city planners develop adaptive, robust, scalable, and reliable security and privacy smart city applications that can mitigate the negative implications associated with cyber-attacks and potential privacy invasion. It provides insights into networking and security architectures, designs, and models for the secure operation of smart city applications.
Seeking the Truth from Mobile Evidence: Basic Fundamentals, Intermediate and Advanced Overview of Current Mobile Forensic Investigations will assist those who have never collected mobile evidence and augment the work of professionals who are not currently performing advanced destructive techniques. This book is intended for any professional that is interested in pursuing work that involves mobile forensics, and is designed around the outcomes of criminal investigations that involve mobile digital evidence. Author John Bair brings to life the techniques and concepts that can assist those in the private or corporate sector. Mobile devices have always been very dynamic in nature. They have also become an integral part of our lives, and often times, a digital representation of where we are, who we communicate with and what we document around us. Because they constantly change features, allow user enabled security, and or encryption, those employed with extracting user data are often overwhelmed with the process. This book presents a complete guide to mobile device forensics, written in an easy to understand format.
Deception in the Digital Age: Exploiting and Defending Human Targets Through Computer-Mediated Communication guides readers through the fascinating history and principles of deception—and how these techniques and stratagems are now being effectively used by cyber attackers. Users will find an in-depth guide that provides valuable insights into the cognitive, sensory and narrative bases of misdirection, used to shape the targeted audience’s perceptions and beliefs. The text provides a detailed analysis of the psychological, sensory, sociological, and technical precepts that reveal predictors of attacks—and conversely postmortem insight about attackers—presenting a unique resource that empowers readers to observe, understand and protect against cyber deception tactics. Written by information security experts with real-world investigative experience, the text is the most instructional book available on the subject, providing practical guidance to readers with rich literature references, diagrams and examples that enhance the learning process.
Cell Phone Location Evidence for Legal Professionals: Understanding Cell Phone Location Evidence from the Warrant to the Courtroom is a guide, in plain language, for digital forensics professionals, attorneys, law enforcement professionals and students interested in the sources, methods and evidence used to perform forensic data analysis of cell phones, call detail records, real time ping records and geo-location data obtained from cellular carriers and cell phones. Users will gain knowledge on how to identify evidence and how to properly address it for specific cases, including challenges to the methods of analysis and to the qualifications of persons who would testify about this evidence. This book is intended to provide digital forensics professionals, legal professionals and others with an interest in this field the information needed to understand what each type of evidence means, where it comes from, how it is analyzed and presented, and how it is used in various types of civil and criminal litigation. Relevant case law are included, or referred to, as appropriate throughout this book to give the reader an understanding of the legal history of this type of evidence and how it is being addressed by various state and federal courts.
Cybercrime and Business: Strategies for Global Corporate Security examines the three most prevalent cybercrimes afflicting today’s corporate security professionals: piracy, espionage, and computer hacking. By demonstrating how each of these threats evolved separately and then converged to form an ultra-dangerous composite threat, the book discusses the impact the threats pose and how the very technologies that created the problem can help solve it. Cybercrime and Business then offers viable strategies for how different types of businesses—from large multinationals to small start-ups—can respond to these threats to both minimize their losses and gain a competitive advantage. The book concludes by identifying future technological threats and how the models presented in the book can be applied to handling them.
Research Methods for Cyber Security teaches scientific methods for generating impactful knowledge, validating theories, and adding critical rigor to the cyber security field. This book shows how to develop a research plan, beginning by starting research with a question, then offers an introduction to the broad range of useful research methods for cyber security research: observational, mathematical, experimental, and applied. Each research method chapter concludes with recommended outlines and suggested templates for submission to peer reviewed venues. This book concludes with information on cross-cutting issues within cyber security research. Cyber security research contends with numerous unique issues, such as an extremely fast environment evolution, adversarial behavior, and the merging of natural and social science phenomena. Research Methods for Cyber Security addresses these concerns and much more by teaching readers not only the process of science in the context of cyber security research, but providing assistance in execution of research as well.
Digital Forensics Trial Graphics: Teaching the Jury Through Effective Use of Visuals helps digital forensic practitioners explain complex technical material to laypeople (i.e., juries, judges, etc.). The book includes professional quality illustrations of technology that help anyone understand the complex concepts behind the science. Users will find invaluable information on theory and best practices along with guidance on how to design and deliver successful explanations.
Federal Cloud Computing: The Definitive Guide for Cloud Service Providers, Second Edition offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation. You will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis. This updated edition will cover the latest changes to FedRAMP program, including clarifying guidance on the paths for Cloud Service Providers to achieve FedRAMP compliance, an expanded discussion of the new FedRAMP Security Control, which is based on the NIST SP 800-53 Revision 4, and maintaining FedRAMP compliance through Continuous Monitoring. Further, a new chapter has been added on the FedRAMP requirements for Vulnerability Scanning and Penetration Testing.