Skip to main content
Elsevier

Books in Security

This collection covers national security, cybersecurity, and crime prevention. Supporting security professionals, policymakers, and researchers, it features threat analysis, policy development, and technological solutions that strengthen safety and resilience.

  • Keeping Religious Institutions Secure

    • 1st Edition
    • Jennie-Leigh McLamb
    • English
    Keeping Religious Institutions Secure explores the unique vulnerabilities that churches, synagogues, and mosques face in regards to security, making them attractive to criminals who see them as easy targets. The text illustrates why all places of worship should think about security and the types of breaches that can drive people away. The book focuses on the most frequent security concerns experienced by houses of worship, including embezzlement, vandalism, assault, hate crime, and in rare cases, an active shooter—and how to help prevent them from occurring. Beginning with an overview of the basic security concepts and principles that can enhance the security of any religious facility, it then delves deeply into the particular security concerns of houses of worship, including the use of volunteers, protecting religious leaders, ensuring safety for children and teens, interacting with local law enforcement, handling the media, and much more.

  • Hacking Web Intelligence

    Open Source Intelligence and Web Reconnaissance Concepts and Techniques
    • 1st Edition
    • Sudhanshu Chauhan + 1 more
    • English
    Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment—that is, reconnaissance—is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data. Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods. Hacking Web Intelligence is an in-depth technical reference covering the methods and techniques you need to unearth open source information from the Internet and utilize it for the purpose of targeted attack during a security assessment. This book will introduce you to many new and leading-edge reconnaissance, information gathering, and open source intelligence methods and techniques, including metadata extraction tools, advanced search engines, advanced browsers, power searching methods, online anonymity tools such as TOR and i2p, OSINT tools such as Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, Social Network Analysis (SNA), Darkweb/Deepweb, data visualization, and much more.

  • Emergency Preparedness for Business Professionals

    How to Mitigate and Respond to Attacks Against Your Organization
    • 1st Edition
    • Bradley A. Wayland
    • English
    Emergency Response for Business Professionals provides business managers who do not have in-house security expertise as well as the security professionals who advise them with an overview on how to prepare and react to potential unexpected incidents that can occur to their organization. The book begins with an overview of the primary principles of business emergency planning, then delves into the considerations that an organization should take when developing their emergency plan. This includes the mitigation strategies for preventing the incident from occurring in the first place. It then shows how to identify and assess the risks the organization may realistically face, choose the commensurate security measures, and create the proper emergency response policies and procedures. The book explores how to respond in the event of an actual emergency, and how to recover business operations to full functionality after an incident occurs. Emergency Response for Business Professionals looks closely at the most common emergencies that pose concerns for many organizations, such as active shooters, unauthorized visitors, workplace violence, embezzlement, fraud, theft, natural and man-made disasters, major equipment malfunctions, sabotage, labor disputes, and loss of key personnel, among others, along with the appropriate and accepted responses used to respond to each type of incident. It covers methods for training employees in emergency response, and concludes with how to plan, prepare, and conduct emergency response exercises within the organization.

  • Security Technology Convergence Insights

    • 1st Edition
    • Ray Bernard
    • English
    Security technology convergence, which refers to the incorporation of computing, networking, and communications technologies into electronic physical security systems, was first introduced in the 1970s with the advent of computer-based access control and alarm systems. As the pace of information technology (IT) advances continued to accelerate, the physical security industry continued to lag behind IT advances by at least two to three years. Security Technology Convergence Insights explores this sometimes problematic convergence of physical security technology and information technology and its impact on security departments, IT departments, vendors, and management.

  • Corporate Security Management

    Challenges, Risks, and Strategies
    • 1st Edition
    • Marko Cabric
    • English
    Corporate Security Management provides practical advice on efficiently and effectively protecting an organization's processes, tangible and intangible assets, and people. The book merges business and security perspectives to help transform this often conflicted relationship into a successful and sustainable partnership. It combines security doctrine, business priorities, and best practices to uniquely answer the Who, What, Where, Why, When and How of corporate security. Corporate Security Management explores the diverse structures of security organizations in different industries. It shows the crucial corporate security competencies needed and demonstrates how they blend with the competencies of the entire organization. This book shows how to identify, understand, evaluate and anticipate the specific risks that threaten enterprises and how to design successful protection strategies against them. It guides readers in developing a systematic approach to assessing, analyzing, planning, quantifying, administrating, and measuring the security function.

  • Measuring and Communicating Security's Value

    A Compendium of Metrics for Enterprise Protection
    • 1st Edition
    • George Campbell
    • English
    In corporate security today, while the topic of information technology (IT) security metrics has been extensively covered, there are too few knowledgeable contributions to the significantly larger field of global enterprise protection. Measuring and Communicating Security’s Value addresses this dearth of information by offering a collection of lessons learned and proven approaches to enterprise security management. Authored by George Campbell, emeritus faculty of the Security Executive Council and former chief security officer of Fidelity Investments, this book can be used in conjunction with Measures and Metrics in Corporate Security, the foundational text for security metrics. This book builds on that foundation and covers the why, what, and how of a security metrics program, risk reporting, insider risk, building influence, business alignment, and much more.

  • Digital Identity Management

    • 1st Edition
    • Maryline Laurent + 1 more
    • English
    In the past four decades, information technology has altered chains of value production, distribution, and information access at a significant rate. These changes, although they have shaken up numerous economic models, have so far not radically challenged the bases of our society.This book addresses our current progress and viewpoints on digital identity management in different fields (social networks, cloud computing, Internet of Things (IoT), with input from experts in computer science, law, economics and sociology. Within this multidisciplinary and scientific context, having crossed analysis on the digital ID issue, it describes the different technical and legal approaches to protect digital identities with a focus on authentication systems, identity federation techniques and privacy preservation solutions. The limitations of these solutions and research issues in this field are also discussed to further understand the changes that are taking place.

  • Business Espionage

    Risks, Threats, and Countermeasures
    • 1st Edition
    • Bruce Wimmer CPP
    • English
    Business Espionage: Risk, Threats, and Countermeasures provides the best practices needed to protect a company's most sensitive information. It takes a proactive approach, explaining the measures and countermeasures that can be enacted to identify both threats and weaknesses. The text fully explains the threat landscape, showing not only how spies operate, but how they can be detected. Drawn from the author’s 40 years of experience, this vital resource will give readers a true understanding of the threat of business spying and what businesses can do to protect themselves. It is ideal for use as a tool to educate staff on the seriousness of the threat of business espionage.

  • Introduction to Social Media Investigation

    A Hands-on Approach
    • 1st Edition
    • Jennifer Golbeck
    • English
    If you’re interested in using social media as an investigative tool, Introduction to Social Media Investigation will show you how! Social networks and social media, like Facebook, Twitter, and Foursquare, are some of the most popular services on the Web, with hundreds of millions of users. The public information that people share on these sites can be valuable for anyone interested in investigating people of interest through open, public sources. Social media as an investigative device is in its infancy and not well understood. This book presents an overview of social media and discusses special skills and techniques to use when conducting investigations. The book features hands-on tutorials and case studies and offers additional data-gathering techniques.

  • Hospital and Healthcare Security

    • 6th Edition
    • Tony W. York + 1 more
    • English
    Building on the foundation of the previous five editions, Hospital and Healthcare Security, 6th Edition includes new and updated chapters to reflect the current state of healthcare security, particularly in data security and patient privacy, patient-generated violence, and emergency preparedness and management. The recognized leading text in the healthcare security industry, Hospital and Healthcare Security, 6th Edition explains the basics as well as higher expertise concerns, such as the roles of design, emergency management, and policy. Conveying a wide spectrum of topics in an easy to comprehend format, Hospital and Healthcare Security, 6th Edition provides a fresh perspective for healthcare security professionals to better prepare for security issue before they occur.

  • Application of Big Data for National Security

    A Practitioner’s Guide to Emerging Technologies
    • 1st Edition
    • Babak Akhgar + 5 more
    • English
    Application of Big Data for National Security provides users with state-of-the-art concepts, methods, and technologies for Big Data analytics in the fight against terrorism and crime, including a wide range of case studies and application scenarios. This book combines expertise from an international team of experts in law enforcement, national security, and law, as well as computer sciences, criminology, linguistics, and psychology, creating a unique cross-disciplinary collection of knowledge and insights into this increasingly global issue. The strategic frameworks and critical factors presented in Application of Big Data for National Security consider technical, legal, ethical, and societal impacts, but also practical considerations of Big Data system design and deployment, illustrating how data and security concerns intersect. In identifying current and future technical and operational challenges it supports law enforcement and government agencies in their operational, tactical and strategic decisions when employing Big Data for national security

  • Protecting Transportation

    Implementing Security Policies and Programs
    • 1st Edition
    • R William Johnstone
    • English
    Protecting Transportation: Implementing Security Policies and Programs provides a thorough overview of transportation security in the United States, with a focus on policy. The book coversall major transportation modes and puts the American security system into perspective against other national and international systems. Author R. William Johnstone, a transportation security expert and member of the 9/11 Commission staff, discusses how the current transportation security system came to be and how it is performing. Whether you are a current or aspiring transportation security professional, a policymaker, or an engaged citizen, Johnstone’s presentation equips you to understand today’s issues and debates on a problem that affects every member of the global community. Transportation security has evolved in the years since 9/11 from a relatively modest, sporadic undertaking into a multi-billion dollar enterprise employing tens of thousands. Protecting Transportation describes how that system is organized, funded, and implemented.

  • Environmental and Animal Rights Extremism, Terrorism, and National Security

    • 1st Edition
    • Elzbieta Posluszna
    • English
    As concerns about human treatment of the environment and animals have increased over the years, so have decentralized and extremist groups related to these causes. Environmental and Animal Rights Extremism, Terrorism, and National Security analyzes the international development of radical movements relating to environmental concerns and animal rights in the context of the threats they pose to national security. In addition to tracing the factors responsible for the rapid growth of these movements over the last 25 years, this text presents countermeasures that governments can deploy to neutralize the risk posed by these threats now and in the future. Bringing to bear new developments such as cyber activity and online activism, Environmental and Animal Rights Extremism, Terrorism, and National Security offers an examination of the direct and indirect violence, lone-wolf terrorism, and leaderless resistance that have characterized these radical wings from their inception.By not only identifying the tactics and organizational structures often employed by these groups, but also addressing future trends toward increased radicalization, Environmental and Animal Rights Extremism, Terrorism, and National Security is an important resource for identifying, anticipating, and mitigating threats posed by such movements.

  • The Process of Investigation

    Concepts and Strategies for Investigators in the Private Sector
    • 4th Edition
    • Charles A. Sennewald + 1 more
    • English
    The Process of Investigation, Fourth Edition addresses the needs of today’s private sector investigative professional by providing a full-spectrum treatment of the investigative process, from case inception and investigative strategy selection to executing complex investigative techniques, to creating reports useful for corporate, legal, and prosecutorial purposes.Continuing in the tradition of its previous editions, The Process of Investigation, Fourth Edition covers essential topics overlooked in books on the public aspects of investigation. Investigative skills such as surveillance techniques, interviewing and interrogation, collecting and documenting evidence, and taking confessions and written statements are all discussed, and supplemented with updated case studies and examples from the authors’ own professional experiences.

  • HCISPP Study Guide

    • 1st Edition
    • Timothy Virtue + 1 more
    • English
    The HCISPP certification is a globally-recognized, vendor-neutral exam for healthcare information security and privacy professionals, created and administered by ISC². The new HCISPP certification, focused on health care information security and privacy, is similar to the CISSP, but has only six domains and is narrowly targeted to the special demands of health care information security. Tim Virtue and Justin Rainey have created the HCISPP Study Guide to walk you through all the material covered in the exam's Common Body of Knowledge. The six domains are covered completely and as concisely as possible with an eye to acing the exam. Each of the six domains has its own chapter that includes material to aid the test-taker in passing the exam, as well as a chapter devoted entirely to test-taking skills, sample exam questions, and everything you need to schedule a test and get certified. Put yourself on the forefront of health care information privacy and security with the HCISPP Study Guide and this valuable certification.

  • The Basics of Digital Forensics

    The Primer for Getting Started in Digital Forensics
    • 2nd Edition
    • John Sammons
    • English
    The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book offers guidance on how to conduct examinations by discussing what digital forensics is, the methodologies used, key tactical concepts, and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud and the Internet are discussed. Also, learn how to collect evidence, document the scene, and how deleted data can be recovered. The new Second Edition of this book provides the reader with real-world examples and all the key technologies used in digital forensics, as well as new coverage of network intrusion response, how hard drives are organized, and electronic discovery. This valuable resource also covers how to incorporate quality assurance into an investigation, how to prioritize evidence items to examine (triage), case processing, and what goes into making an expert witness.

  • Augmented Reality Law, Privacy, and Ethics

    Law, Society, and Emerging AR Technologies
    • 1st Edition
    • Brian Wassom
    • English
    Augmented Reality (AR) is the blending of digital information in a real-world environment. A common example can be seen during any televised football game, in which information about the game is digitally overlaid on the field as the players move and position themselves. Another application is Google Glass, which enables users to see AR graphics and information about their location and surroundings on the lenses of their "digital eyewear", changing in real-time as they move about. Augmented Reality Law, Privacy, and Ethics is the first book to examine the social, legal, and ethical issues surrounding AR technology. Digital eyewear products have very recently thrust this rapidly-expanding field into the mainstream, but the technology is so much more than those devices. Industry analysts have dubbed AR the "eighth mass medium" of communications. Science fiction movies have shown us the promise of this technology for decades, and now our capabilities are finally catching up to that vision. Augmented Reality will influence society as fundamentally as the Internet itself has done, and such a powerful medium cannot help but radically affect the laws and norms that govern society. No author is as uniquely qualified to provide a big-picture forecast and guidebook for these developments as Brian Wassom. A practicing attorney, he has been writing on AR law since 2007 and has established himself as the world's foremost thought leader on the intersection of law, ethics, privacy, and AR. Augmented Reality professionals around the world follow his Augmented Legality® blog. This book collects and expands upon the best ideas expressed in that blog, and sets them in the context of a big-picture forecast of how AR is shaping all aspects of society.

  • Google Earth Forensics

    Using Google Earth Geo-Location in Digital Forensic Investigations
    • 1st Edition
    • Michael Harrington + 1 more
    • English
    Google Earth Forensics is the first book to explain how to use Google Earth in digital forensic investigations. This book teaches you how to leverage Google's free tool to craft compelling location-based evidence for use in investigations and in the courtroom. It shows how to extract location-based data that can be used to display evidence in compelling audiovisual manners that explain and inform the data in contextual, meaningful, and easy-to-understand ways. As mobile computing devices become more and more prevalent and powerful, they are becoming more and more useful in the field of law enforcement investigations and forensics. Of all the widely used mobile applications, none have more potential for helping solve crimes than those with geo-location tools. Written for investigators and forensic practitioners, Google Earth Forensics is written by an investigator and trainer with more than 13 years of experience in law enforcement who will show you how to use this valuable tool anywhere at the crime scene, in the lab, or in the courtroom.

  • Industrial Network Security

    Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems
    • 2nd Edition
    • Eric D. Knapp + 1 more
    • English
    As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more important, and heavily mandated. Industrial Network Security, Second Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems. The book examines the unique protocols and applications that are the foundation of industrial control systems, and provides clear guidelines for their protection. This how-to guide gives you thorough understanding of the unique challenges facing critical infrastructures, new guidelines and security measures for critical infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation.

  • A Machine-Learning Approach to Phishing Detection and Defense

    • 1st Edition
    • O.A. Akanbi + 2 more
    • English
    Phishing is one of the most widely-perpetrated forms of cyber attack, used to gather sensitive information such as credit card numbers, bank account numbers, and user logins and passwords, as well as other information entered via a web site. The authors of A Machine-Learning Approach to Phishing Detetion and Defense have conducted research to demonstrate how a machine learning algorithm can be used as an effective and efficient tool in detecting phishing websites and designating them as information security threats. This methodology can prove useful to a wide variety of businesses and organizations who are seeking solutions to this long-standing threat. A Machine-Learning Approach to Phishing Detetion and Defense also provides information security researchers with a starting point for leveraging the machine algorithm approach as a solution to other information security threats.

  • Building an Intelligence-Led Security Program

    • 1st Edition
    • Allan Liska
    • English
    As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective. Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented intelligence also makes the life of the security practitioner easier by helping him more effectively prioritize and respond to security incidents. The problem with current efforts is that many security practitioners don't know how to properly implement an intelligence-led program, or are afraid that it is out of their budget. Building an Intelligence-Led Security Program is the first book to show how to implement an intelligence-led program in your enterprise on any budget. It will show you how to implement a security information a security information and event management system, collect and analyze logs, and how to practice real cyber threat intelligence. You'll learn how to understand your network in-depth so that you can protect it in the best possible way.

  • How to Attack and Defend Your Website

    • 1st Edition
    • Henry Dalziel
    • Alejandro Caceres
    • English
    How to Attack and Defend Your Website is a concise introduction to web security that includes hands-on web hacking tutorials. The book has three primary objectives: to help readers develop a deep understanding of what is happening behind the scenes in a web application, with a focus on the HTTP protocol and other underlying web technologies; to teach readers how to use the industry standard in free web application vulnerability discovery and exploitation tools – most notably Burp Suite, a fully featured web application testing tool; and finally, to gain knowledge of finding and exploiting the most common web security vulnerabilities. This book is for information security professionals and those looking to learn general penetration testing methodology and how to use the various phases of penetration testing to identify and exploit common web protocols. How to Attack and Defend Your Website is be the first book to combine the methodology behind using penetration testing tools such as Burp Suite and Damn Vulnerable Web Application (DVWA), with practical exercises that show readers how to (and therefore, how to prevent) pwning with SQLMap and using stored XSS to deface web pages.

  • Introduction to US Cybersecurity Careers

    • 1st Edition
    • Henry Dalziel
    • English
    Introduction to US Cybersecurity Careers is a concise introduction to the world of cybersecurity and the career opportunities therein. This book provides a basic rundown of industry sectors, roles, and places to search for job opportunities within the US cybersecurity industry. Within this book is vital information for anyone trying to get into the industry - basic knowledge for those looking to start training for a career, tips on networking and resume-building in a fast-evolving and nontraditional sector, and advice on how to get your foot in the door and become recognized in your field. This book is designed to help those who are just starting out in cybersecurity and those who have training and knowledge and want to get into the industry. Introduction to US Cybersecurity Careers is your first-stop reference for everything you need to know to start your journey.

  • How to Defeat Advanced Malware

    New Tools for Protection and Forensics
    • 1st Edition
    • Henry Dalziel
    • Simon Crosby
    • English
    How to Defeat Advanced Malware is a concise introduction to the concept of micro-virtualization... The book provides current facts and figures that prove detection- based security products have become ineffective. A simple strategy is then presented that both leverages the opportunities presented by Bring Your Own Device (BYOD) and protects enterprise end users against advanced malware. The book concludes with case studies demonstrating how hardware- isolated micro-VMs are helping Fortune 500 financial service providers defeat advanced malware. This book is primarily designed for infosec professionals, consultants, network administrators, CIO’s, CTO’s, CISO’s and senior executives who work within the financial industry and are responsible for their company’s endpoint protection. How to Defeat Advanced Malware: New Tools for Protection and Forensics is the first book to compare and contrast current endpoint security products, while making a case for encouraging and facilitating the growth of BYOD and social media by adopting micro-virtualization...

  • Information Security Analytics

    Finding Security Insights, Patterns, and Anomalies in Big Data
    • 1st Edition
    • Mark Talabis + 3 more
    • English
    Information Security Analytics gives you insights into the practice of analytics and, more importantly, how you can utilize analytic techniques to identify trends and outliers that may not be possible to identify using traditional security analysis techniques. Information Security Analytics dispels the myth that analytics within the information security domain is limited to just security incident and event management systems and basic network analysis. Analytic techniques can help you mine data and identify patterns and relationships in any form of security data. Using the techniques covered in this book, you will be able to gain security insights into unstructured big data of any type. The authors of Information Security Analytics bring a wealth of analytics experience to demonstrate practical, hands-on techniques through case studies and using freely-available tools that will allow you to find anomalies and outliers by combining disparate data sets. They also teach you everything you need to know about threat simulation techniques and how to use analytics as a powerful decision-making tool to assess security control and process requirements within your organization. Ultimately, you will learn how to use these simulation techniques to help predict and profile potential risks to your organization.

  • Securing VoIP

    Keeping Your VoIP Network Safe
    • 1st Edition
    • Regis J. Jr (Bud) Bates
    • English
    Securing VoIP: Keeping Your VoIP Network Safe will show you how to take the initiative to prevent hackers from recording and exploiting your company’s secrets. Drawing upon years of practical experience and using numerous examples and case studies, technology guru Bud Bates discusses the business realities that necessitate VoIP system security and the threats to VoIP over both wire and wireless networks. He also provides essential guidance on how to conduct system security audits and how to integrate your existing IT security plan with your VoIP system and security plans, helping you prevent security breaches and eavesdropping.

  • Designing and Building Security Operations Center

    • 1st Edition
    • David Nathans
    • English
    Do you know what weapons are used to protect against cyber warfare and what tools to use to minimize their impact? How can you gather intelligence that will allow you to configure your system to ward off attacks? Online security and privacy issues are becoming more and more significant every day, with many instances of companies and governments mishandling (or deliberately misusing) personal and financial data. Organizations need to be committed to defending their own assets and their customers’ information. Designing and Building a Security Operations Center will show you how to develop the organization, infrastructure, and capabilities to protect your company and your customers effectively, efficiently, and discreetly. Written by a subject expert who has consulted on SOC implementation in both the public and private sector, Designing and Building a Security Operations Center is the go-to blueprint for cyber-defense.

  • PCI Compliance

    Understand and Implement Effective PCI Data Security Standard Compliance
    • 4th Edition
    • Branden R. Williams + 1 more
    • English
    Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. This is the first book to address the recent updates to PCI DSS. The real-world scenarios and hands-on guidance are also new approaches to this topic. All-new case studies and fraud studies have been added to the Fourth Edition. Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need in order to understand the current PCI Data Security standards and how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally-identifia... information.

  • Cyber Reconnaissance, Surveillance and Defense

    • 1st Edition
    • Robert Shimonski
    • English
    At a time when online surveillance and cybercrime techniques are widespread, and are being used by governments, corporations, and individuals, Cyber Reconnaissance, Surveillance and Defense gives you a practical resource that explains how these activities are being carried out and shows how to defend against them. Expert author Rob Shimonski shows you how to carry out advanced IT surveillance and reconnaissance, describes when and how these techniques are used, and provides a full legal background for each threat. To help you understand how to defend against these attacks, this book describes many new and leading-edge surveillance, information-gatherin... and personal exploitation threats taking place today, including Web cam breaches, home privacy systems, physical and logical tracking, phone tracking, picture metadata, physical device tracking and geo-location, social media security, identity theft, social engineering, sniffing, and more.

  • Detecting and Combating Malicious Email

    • 1st Edition
    • Julie JCH Ryan + 1 more
    • English
    Malicious email is, simply put, email with a malicious purpose. The malicious purpose could be fraud, theft, espionage, or malware injection. The processes by which email execute the malicious activity vary widely, from fully manual (e.g. human-directed) to fully automated. One example of a malicious email is one that contains an attachment which the recipient is directed to open. When the attachment is opened, malicious software is installed on the recipient’s computer. Because malicious email can vary so broadly in form and function, automated detection is only marginally helpful. The education of all users to detect potential malicious email is important to containing the threat and limiting the damage. It is increasingly necessary for all email users to understand how to recognize and combat malicious email. Detecting and Combating Malicious Email describes the different types of malicious email, shows how to differentiate malicious email from benign email, and suggest protective strategies for both personal and enterprise email environments.

  • Managing Online Risk

    Apps, Mobile, and Social Media Security
    • 1st Edition
    • Deborah Gonzalez
    • English
    In recent years, building a corporate online presence has become nonnegotiable for businesses, as consumers expect to connect with them in as many ways as possible. There are benefits to companies that use online technology, but there are risks as well. Managing Online Risk presents the tools and resources needed to better understand the security and reputational risks of online and digital activity, and how to mitigate those risks to minimize potential losses. Managing Online Risk highlights security and risk management best practices that address concerns such as data collection and storage, liability, recruitment, employee communications, compliance violations, security of devices (in contexts like mobile, apps, and cloud computing), and more. Additionally, this book offers a companion website that was developed in parallel with the book and includes the latest updates and resources for topics covered in the book.

  • CSA Guide to Cloud Computing

    Implementing Cloud Privacy and Security
    • 1st Edition
    • Raj Samani + 2 more
    • English
    CSA Guide to Cloud Computing brings you the most current and comprehensive understanding of cloud security issues and deployment techniques from industry thought leaders at the Cloud Security Alliance (CSA). For many years the CSA has been at the forefront of research and analysis into the most pressing security and privacy related issues associated with cloud computing. CSA Guide to Cloud Computing provides you with a one-stop source for industry-leading content, as well as a roadmap into the future considerations that the cloud presents. The authors of CSA Guide to Cloud Computing provide a wealth of industry expertise you won't find anywhere else. Author Raj Samani is the Chief Technical Officer for McAfee EMEA; author Jim Reavis is the Executive Director of CSA; and author Brian Honan is recognized as an industry leader in the ISO27001 standard. They will walk you through everything you need to understand to implement a secure cloud computing structure for your enterprise or organization.

  • School Security

    How to Build and Strengthen a School Safety Program
    • 1st Edition
    • Paul Timm
    • English
    It seems that every day there’s a new story about a security lapse, emergency lock-down, or violent act taking place at a school somewhere in the United States. Today it’s simply inexcusable not to have adequate security measures in place—regardless of how safe you think your community may be. In School Security, author Paul Timm, a nationally acclaimed school security expert, explains how to make your institution a safer place to learn with easy-to-follow steps. Throughout the book, Timm emphasizes a proactive rather than reactive approach to school security. Readers are introduced to basic loss prevention and safety concepts, including how to communicate safety information to students and staff, how to raise security awareness, and how to prepare for emergencies. The book discusses how to positively influence student behavior, lead staff training programs, and write sound security policies. An entire chapter is dedicated to describing what school security resources are available for follow-up reading and further training. School Security isn’t just a book for security professionals: it helps people without formal security training—namely, educators and school administrators—effec... address school risk.

  • Information Governance and Security

    Protecting and Managing Your Company’s Proprietary Information
    • 1st Edition
    • John G. Iannarelli + 1 more
    • English
    Information Governance and Security shows managers in any size organization how to create and implement the policies, procedures and training necessary to keep their organization’s most important asset—its proprietary information—safe from cyber and physical compromise. Many intrusions can be prevented if appropriate precautions are taken, and this book establishes the enterprise-level systems and disciplines necessary for managing all the information generated by an organization. In addition, the book encompasses the human element by considering proprietary information lost, damaged, or destroyed through negligence. By implementing the policies and procedures outlined in Information Governance and Security, organizations can proactively protect their reputation against the threats that most managers have never even thought of.

  • Introduction to Emergency Management, Enhanced

    • 5th Edition
    • George Haddow + 2 more
    • English
    Introduction to Emergency Management, Fifth Edition, offers a fully up-to-date analysis of US emergency management principles. In addition to expanding coverage of risk management in a time of climate change and terrorism, Haddow, Bullock, and Coppola discuss the impact of new emergency management technologies, social media, and an increasing focus on recovery. They examine the effects of the 2012 election results and discuss FEMA’s controversial National Flood Insurance Program (NFIP). Introduction to Emergency Management, Fifth Edition, gives instructors and students the best textbook content, instructor-support materials, and online resources to prepare future EM professionals for this demanding career.

  • Smart Security: Understanding and Contributing to the Business

    Proven Practices
    • 1st Edition
    • J. David Quilter
    • English
    Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes.In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and security measures and metrics, along with how to demonstrate return on investment and leverage executive leadership. The practices and tools discussed in this presentation will reduce business losses and help improve security and operations.Smart Security: Understanding and Contributing to the Business is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.

  • Integrated Security Systems Design

    A Complete Reference for Building Enterprise-Wide Digital Security Systems
    • 2nd Edition
    • Thomas L. Norman
    • English
    Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible.The revised edition covers why designing an integrated security system is essential and how to lead the project to success. With new and expanded coverage of network architecture, physical security information management (PSIM) systems, camera technologies, and integration with the Business Information Management Network, Integrated Security Systems Design, 2nd Edition, shows how to improve a security program’s overall effectiveness while avoiding pitfalls and potential lawsuits.

  • Personal Security: Keeping Yourself and Your Family Safe

    Proven Practices
    • 1st Edition
    • Rosalind Jackson
    • English
    Personal Security: Keeping Yourself and Your Family Safe is a video presentation. Length: 26 minutes.In Personal Security: Keeping Yourself and Your Family Safe, presenter Rosalind W. Jackson provides personal security guidelines for securing your workplace, home, and automobile. This presentation addresses topics such as assault prevention and deterrence, physical resistance, and personal safety techniques. It also covers issues such as theft and harassment, and provides safety tips for automated teller machines (ATMs), hotels, elevators, automobiles, and at home with children. It touches on safety issues unique to children, as well as sexual assault, domestic violence, and what to do following an attack. This presentation is an excellent resource for security professionals and non-security professionals alike.Personal Security: Keeping Yourself and Your Family Safe is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.

  • Preventing Workplace Violence: A Training Guide for Managers and Supervisors

    Proven Practices
    • 1st Edition
    • Rosalind Jackson
    • English
    Preventing Workplace Violence: A Training Guide for Managers and Supervisors is a video presentation. Length: 25 minutes.In Preventing Workplace Violence: A Training Guide for Managers and Supervisors, presenter Rosalind W. Jackson provides the fundamentals of workplace violence prevention, including initial program development. This presentation explains the components needed to develop a good baseline program, and focuses on recognizing patterns of unacceptable behavior. It addresses policy development and expert consultation considerations, along with the use of education and team coordination. The presentation also includes a sample workplace violence policy statement, and discusses the impact of workplace violence on the business.Preventing Workplace Violence: A Training Guide for Managers and Supervisors is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.

  • Personnel Protection: Kidnapping Issues and Policies

    Proven Practices
    • 1st Edition
    • Jerome Miller + 1 more
    • English
    Personnel Protection: Kidnapping Issues and Policies is a video presentation. Length: 9 minutes.In Personnel Protection: Kidnapping Issues and Policies, presenters Jerome Miller and Radford Jones discuss the issue of kidnapping as it relates to an executive security program. It covers the risks for kidnapping of the executive or executive’s family members, along with strategies for creating a sound corporate kidnapping policy. The presenters also discuss what kind of response the organization should make during a kidnapping, as the first hours immediately following are always critical to a successful resolution.This presentation is one of 11 modules in the Personnel Protection presentation series, which is designed for companies considering an executive security program or for companies with an executive security program already in place. Other topics in this series include: concepts of executive security; advance procedures; the executive threat assessment profile; residential security; security personnel; security procedures for worksite, aircraft, and vehicle operations; and executive compensation issues, including IRS requirements.The Personnel Protection presentation series is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.

  • Hacking and Penetration Testing with Low Power Devices

    • 1st Edition
    • Philip Polstra
    • English
    Hacking and Penetration Testing with Low Power Devices shows you how to perform penetration tests using small, low-powered devices that are easily hidden and may be battery-powered. It shows how to use an army of devices, costing less than you might spend on a laptop, from distances of a mile or more. Hacking and Penetration Testing with Low Power Devices shows how to use devices running a version of The Deck, a full-featured penetration testing and forensics Linux distribution, and can run for days or weeks on batteries due to their low power consumption. Author Philip Polstra shows how to use various configurations, including a device the size of a deck of cards that can easily be attached to the back of a computer. While each device running The Deck is a full-featured pen-testing platform, connecting systems together via 802.15.3 networking gives you even more power and flexibility. This reference teaches you how to construct and power these devices, install operating systems, and fill out your toolbox of small low-power devices with hundreds of tools and scripts from the book's companion website. Hacking and Pen Testing with Low Power Devices puts all these tools into your hands and will help keep you at the top of your game performing cutting-edge pen tests from anywhere in the world!

  • Information Hiding in Speech Signals for Secure Communication

    • 1st Edition
    • Zhijun Wu
    • English
    In the digital world, the need to protect communications increases every day. While traditional digital encryption methods are useful, there are many other options for hiding your information. Information Hiding in Speech Signals for Secure Communication provides a number of methods to hide secret speech information using a variety of digital speech coding standards. Professor Zhijun Wu has conducted years of research in the field of speech information hiding, and brings his state-of-the-art techniques to readers of this book, including a mathematical model for information hiding, the core concepts of secure speech communication, the ABS-based information hiding algorithm, and much more. This book shows how to implement a secure speech communication system, including applications to various network security states. Readers will find information hiding algorithms and techniques (embedding and extracting) that are capable of withstanding the advanced forms of attack. The book presents concepts and applications for all of the most widely used speech coding standards, including G.711, G.721, G.728, G.729 and GSM, along with corresponding hiding and extraction algorithms. Readers will also learn how to use a speech covert communication system over an IP network as well as a speech secure communication system applied in PSTN.

  • Security Leader Insights for Risk Management

    Lessons and Strategies from Leading Security Professionals
    • 1st Edition
    • Richard Chase
    • English
    How do you, as a busy security executive or manager, stay current with evolving issues, familiarize yourself with the successful practices of your peers, and transfer this information to build a knowledgeable, skilled workforce the times now demand? With Security Leader Insights for Risk Management, a collection of timeless leadership best practices featuring insights from some of the nation’s most successful security practitioners, you can.This book can be used as a quick and effective resource to bring your security staff up to speed on security’s role in risk management. Instead of re-inventing the wheel when faced with a new challenge, these proven practices and principles will allow you to execute with confidence knowing that your peers have done so with success. Part one looks at the risk assessment and subtopics such as compliance, using risk assessments to increase security’s influence, and risk indicator dashboards. Part two discusses risk management topics such as board-level risk, global risk, risk appetite, and enterprise risk management (ERM).Security Leader Insights for Risk Management is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real-world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.

  • Online Security for the Business Traveler

    • 1st Edition
    • Deborah Gonzalez
    • English
    Whether attending conferences, visiting clients, or going to sales meetings, travel is an unavoidable necessity for many businesspeople. Today’s high-tech enabled businessperson travels with electronic devices such as smartphones, tablets, laptops, health sensors, and Google Glass. Each of these devices offers new levels of productivity and efficiency, but they also become the weak link in the security chain: if a device is lost or stolen during travel, the resulting data breach can put the business in danger of physical, financial, and reputational loss. Online Security for the Business Traveler provides an overview of this often overlooked problem, explores cases highlighting specific security issues, and offers practical advice on what to do to ensure business security while traveling and engaging in online activity. It is an essential reference guide for any travelling business person or security professional.

  • Measuring and Managing Information Risk

    A FAIR Approach
    • 1st Edition
    • Jack Freund + 1 more
    • English
    Using the factor analysis of information risk (FAIR) methodology developed over ten years and adopted by corporations worldwide, Measuring and Managing Information Risk provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity. Intended for organizations that need to either build a risk management program from the ground up or strengthen an existing one, this book provides a unique and fresh perspective on how to do a basic quantitative risk analysis. Covering such key areas as risk theory, risk calculation, scenario modeling, and communicating risk within the organization, Measuring and Managing Information Risk helps managers make better business decisions by understanding their organizational risk.

  • The Handbook for School Safety and Security

    Best Practices and Procedures
    • 1st Edition
    • Lawrence J. Fennelly + 1 more
    • English
    School security is one of the most pressing public concerns today. Yet in most schools, there is little security expertise or detailed knowledge about how to implement and manage a security program. The Handbook for School Safety and Security rectifies this problem by providing the salient information school administrators and security professionals need to address the most important security issues schools face. Made up of contributions from leading experts in school security, The Handbook for School Safety and Security provides a wealth of practical information for securing any K-12 school. It discusses key approaches and best practices for school crime prevention, including such topics as crisis management and mass notification. It also covers the physical measure needed for protecting a school, including detailed discussions of access control, lighting, alarms, and locks. While there is no single fix for the myriad of security challenges facing today’s school security professionals, the best practices found in The Handbook for School Safety and Security will help increase the safety and security of any school.

  • Security for Business Professionals

    How to Plan, Implement, and Manage Your Company’s Security Program
    • 1st Edition
    • Bradley A. Wayland
    • English
    Security for Business Professionals offers business executives and managers everything they need to set-up a security program, especially for those who don’t have the resources to hire an in-house security staff. It can also be used for assessing the adequacy of an existing security program. The book provides an overview of the key security objectives and challenges that managers face, such as how to measure the effectiveness of a security program and balance the costs and benefits. It also shows how to develop security procedures that conform to key regulatory requirements, and how to assess an organization’s most important risks, vulnerabilities, and threats. Security for Business Professionals addresses key physical and informational security concerns, including areas such as asset protection, loss prevention, and personnel security. It also discusses how to develop emergency and incident response plans, and concludes with suggested safety and security exercises and training recommendations.

  • Windows Performance Analysis Field Guide

    • 1st Edition
    • Clint Huffman
    • English
    Microsoft Windows 8.1 and Windows Server 2012 R2 are designed to be the best performing operating systems to date, but even the best systems can be overwhelmed with load and/or plagued with poorly performing code. Windows Performance Analysis Field Guide gives you a practical field guide approach to performance monitoring and analysis from experts who do this work every day. Think of this book as your own guide to "What would Microsoft support do?" when you have a Windows performance issue. Author Clint Huffman, a Microsoft veteran of over fifteen years, shows you how to identify and alleviate problems with the computer resources of disk, memory, processor, and network. You will learn to use performance counters as the initial indicators, then use various tools to "dig in" to the problem, as well as how to capture and analyze boot performance problems.

  • Building an Information Security Awareness Program

    Defending Against Social Engineering and Technical Threats
    • 1st Edition
    • Bill Gardner + 1 more
    • English
    The best defense against the increasing threat of social engineering attacks is Security Awareness Training to warn your organization's staff of the risk and educate them on how to protect your organization's data. Social engineering is not a new tactic, but Building an Security Awareness Program is the first book that shows you how to build a successful security awareness training program from the ground up. Building an Security Awareness Program provides you with a sound technical basis for developing a new training program. The book also tells you the best ways to garner management support for implementing the program. Author Bill Gardner is one of the founding members of the Security Awareness Training Framework. Here, he walks you through the process of developing an engaging and successful training program for your organization that will help you and your staff defend your systems, networks, mobile devices, and data. Forewords written by Dave Kennedy and Kevin Mitnick!

  • Security Risk Assessment

    Managing Physical and Operational Security
    • 1st Edition
    • John M. White
    • English
    Security Risk Assessment is the most up-to-date and comprehensive resource available on how to conduct a thorough security assessment for any organization. A good security assessment is a fact-finding process that determines an organization’s state of security protection. It exposes vulnerabilities, determines the potential for losses, and devises a plan to address these security concerns. While most security professionals have heard of a security assessment, many do not know how to conduct one, how it’s used, or how to evaluate what they have found. Security Risk Assessment offers security professionals step-by-step guidance for conducting a complete risk assessment. It provides a template draw from, giving security professionals the tools needed to conduct an assessment using the most current approaches, theories, and best practices.

Related subjects