The best defense against the increasing threat of social engineering attacks is Security Awareness Training to warn your organization's staff of the risk and educate them on how to protect your organization's data. Social engineering is not a new tactic, but Building an Security Awareness Program is the first book that shows you how to build a successful security awareness training program from the ground up.Building an Security Awareness Program provides you with a sound technical basis for developing a new training program. The book also tells you the best ways to garner management support for implementing the program. Author Bill Gardner is one of the founding members of the Security Awareness Training Framework. Here, he walks you through the process of developing an engaging and successful training program for your organization that will help you and your staff defend your systems, networks, mobile devices, and data.Forewords written by Dave Kennedy and Kevin Mitnick!

• The most practical guide to setting up a Security Awareness training program in your organization
• Real world examples show you how cyber criminals commit their crimes, and what you can do to keep you and your data safe
• Learn how to propose a new program to management, and what the benefits are to staff and your company
• Find out about various types of training, the best training cycle to use, metrics for success, and methods for building an engaging and successful program

Managing Information Security offers focused coverage of how to protect mission critical systems, and how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vulnerability assessment, and more. It offers in-depth coverage of the current technology and practice as it relates to information security management solutions. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise.

• Chapters contributed by leaders in the field covering foundational and practical aspects of information security management, allowing the reader to develop a new level of technical expertise found nowhere else
• Comprehensive coverage by leading experts allows the reader to put current technologies to work
• Presents methods of analysis and problem solving techniques, enhancing the reader’s grasp of the material and ability to implement practical solutions

Most introductory texts provide a technology-based survey of methods and techniques that leaves the reader without a clear understanding of the interrelationships between methods and techniques. By providing a strategy-based introduction, the reader is given a clear understanding of how to provide overlapping defenses for critical information. This understanding provides a basis for engineering and risk-management decisions in the defense of information.Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel.

• Provides a broad introduction to the methods and techniques in the field of information security
• Offers a strategy-based view of these tools and techniques, facilitating selection of overlapping methods for in-depth defense of information
• Provides very current view of the emerging standards of practice in information security

*** The Second Edition has been updated with new insights and updated references ***Small- and medium-sized companies are now considered by cybercriminals to be attractive targets of opportunity because of the perception that they have minimal security. Many small companies are doing business online using new technologies they may not fully understand. Small businesses supply many larger organizations, resulting in possible connections to corporate networks that bring unforeseen risks. With these risks in mind, we present The Essential Guide to Cybersecurity for SMBs for security professionals tasked with protecting small businesses. Small businesses can reduce their risk and protect themselves by implementing some basic security practices and accepting cybersecurity as a strategic business initiative. The essays included in this book provide both security professionals and executives of small businesses with a blueprint of best practices that will help them protect themselves and their customers.

Any good attacker will tell you that expensive security monitoring and prevention tools aren’t enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. You’ll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone.Written by members of Cisco’s Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture.

The Growing Imperative Need for Effective Information Security GovernanceWith monotonous regularity, headlines announce ever more spectacular failures of information security and mounting losses. The succession of corporate debacles and dramatic control failures in recent years underscores the necessity for information security to be tightly integrated into the fabric of every organization. The protection of an organization's most valuable asset information can no longer be relegated to low-level technical personnel, but must be considered an essential element of corporate governance that is critical to organizational success and survival.Written by an industry expert, Information Security Governance is the first book-length treatment of this important topic, providing readers with a step-by-step approach to developing and managing an effective information security program. Beginning with a general overview of governance, the book covers:

• The business case for information security
• Defining roles and responsibilities
• Developing strategic metrics
• Determining information security outcomes
• Setting security governance objectives
• Establishing risk management objectives
• Developing a cost-effective security strategy
• A sample strategy development
• The steps for implementing an effective strategy
• Developing meaningful security program development metrics
• Designing relevant information security management metrics
• Defining incident management and response metrics

Complemented with action plans and sample policies that demonstrate to readers how to put these ideas into practice, Information Security Governance is indispensable reading for any professional who is involved in information security and assurance.

The first expert discussion of the foundations of cybersecurityIn Cybersecurity First Principles, Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles. The author convincingly lays out the arguments for the absolute cybersecurity first principle and then discusses the strategies and tactics required to achieve it.In the book, you'll explore:

• Infosec history from the 1960s until the early 2020s and why it has largely failed
• What the infosec community should be trying to achieve instead
• The arguments for the absolute and atomic cybersecurity first principle
• The strategies and tactics to adopt that will have the greatest impact in pursuing the ultimate first principle
• Case studies through a first principle lens of the 2015 OPM hack, the 2016 DNC Hack, the 2019 Colonial Pipeline hack, and the Netflix Chaos Monkey resilience program
• A top to bottom explanation of how to calculate cyber risk for two different kinds of companies

This book is perfect for cybersecurity professionals at all levels: business executives and senior security professionals, mid-level practitioner veterans, newbies coming out of school as well as career-changers seeking better career opportunities, teachers, and students.

Blue Team Field Manual (BTFM) is a Cyber Security Incident Response Guide that aligns with the NIST Cybersecurity Framework consisting of the five core functions of Identify, Protect, Detect, Respond, and Recover by providing the tactical steps to follow and commands to use when preparing for, working through and recovering from a Cyber Security Incident.

This book is a comprehensive guide to implementing the Secure Software Development Lifecycle (SSDLC) in any organization. It covers all phases of the SSDLC, including planning, implementation, testing, deployment, and maintenance, and discusses the key activities and best practices that ensure the security of software at each stage.The book begins by introducing the concept of SSDLC and its importance in today's digital world. It then delves into the planning phase, discussing the importance of defining security requirements and performing threat modeling, as well as the role of supply chain analysis in ensuring the security of the software.The implementation phase covers the importance of secure coding practices and the use of automated testing tools to ensure that software is free of vulnerabilities. The testing phase discusses the various types of testing that should be performed, including unit, integration, and acceptance testing, as well as the importance of load and stress testing.The deployment phase covers the importance of secure release management, training, and documentation, as well as the ongoing support and maintenance activities that ensure the ongoing security of the software.Out of Print.

Use this book to learn how to conduct a timely and thorough Risk Analysis and Assessment documenting all risks to the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI), which is a key component of the HIPAA Security Rule. The requirement is a focus area for the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) during breach investigations and compliance audits. This book lays out a plan for healthcare organizations of all types to successfully comply with these requirements and use the output to build upon the cybersecurity program.  With the proliferation of cybersecurity breaches, the number of healthcare providers, payers, and business associates investigated by the OCR has risen significantly. It is not unusual for additional penalties to be levied when victims of breaches cannot demonstrate that an enterprise-wide risk assessment exists, comprehensive enough to document all of the risks to ePHI.Why is it that so many covered entities and business associates fail to comply with this fundamental safeguard? Building a HIPAA Compliant Cybersecurity Program cuts through the confusion and ambiguity of regulatory requirements and provides detailed guidance to help readers:

• Understand and document all known instances where patient data exist
• Know what regulators want and expect from the risk analysis process
• Assess and analyze the level of severity that each risk poses to ePHI
• Focus on the beneficial outcomes of the process: understanding real risks, and optimizing deployment of resources and alignment with business objectives

Security Smarts for the Self-Guided IT Professional“An extraordinarily thorough and sophisticated explanation of why you need to measure the effectiveness of your security program and how to do it. A must-have for any quality security program!” ―Dave Cullinane, CISSP, CISO & VP, Global Fraud, Risk & Security, eBayLearn how to communicate the value of an information security program, enable investment planning and decision making, and drive necessary change to improve the security of your organization. Security Metrics: A Beginner's Guide explains, step by step, how to develop and implement a successful security metrics program.This practical resource covers project management, communication, analytics tools, identifying targets, defining objectives, obtaining stakeholder buy-in, metrics automation, data quality, and resourcing. You'll also get details on cloud-based security metrics and process improvement. Templates, checklists, and examples give you the hands-on help you need to get started right away.Security Metrics: A Beginner's Guide features:

• Lingo--Common security terms defined so that you're in the know on the job
• IMHO--Frank and relevant opinions based on the author's years of industry experience
• Budget Note--Tips for getting security technologies and processes into your organization's budget
• In Actual Practice--Exceptions to the rules of security explained in real-world contexts
• Your Plan--Customizable checklists you can use on the job now
• Into Action--Tips on how, why, and when to apply new skills and techniques at work

Caroline Wong, CISSP, was formerly the Chief of Staff for the Global Information Security Team at eBay, where she built the security metrics program from the ground up. She has been a featured speaker at RSA, ITWeb Summit, Metricon, the Executive Women's Forum, ISC2, and the Information Security Forum.

The world has changed radically since the first edition of this book was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Here's straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.Once you've built your foundation for penetration testing, you’ll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You’ll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.Learn how to:–Find and exploit unmaintained, misconfigured, and unpatched systems–Perform reconnaissance and find valuable information about your target–Bypass anti-virus technologies and circumvent security controls–Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery–Use the Meterpreter shell to launch further attacks from inside the network–Harness standalone Metasploit utilities, third-party tools, and plug-ins–Learn how to write your own Meterpreter post exploitation modules and scriptsYou'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

Ninja Hacking offers insight on how to conduct unorthodox attacks on computing networks, using disguise, espionage, stealth, and concealment. This book blends the ancient practices of Japanese ninjas, in particular the historical Ninjutsu techniques, with the present hacking methodologies. It looks at the methods used by malicious attackers in real-world situations and details unorthodox penetration testing techniques by getting inside the mind of a ninja. It also expands upon current penetration testing methodologies including new tactics for hardware and physical attacks.This book is organized into 17 chapters. The first two chapters incorporate the historical ninja into the modern hackers. The white-hat hackers are differentiated from the black-hat hackers. The function gaps between them are identified. The next chapters explore strategies and tactics using knowledge acquired from Sun Tzu's The Art of War applied to a ninja hacking project. The use of disguise, impersonation, and infiltration in hacking is then discussed. Other chapters cover stealth, entering methods, espionage using concealment devices, covert listening devices, intelligence gathering and interrogation, surveillance, and sabotage. The book concludes by presenting ways to hide the attack locations and activities.This book will be of great value not only to penetration testers and security professionals, but also to network and system administrators as well as hackers.

• Discusses techniques used by malicious attackers in real-world situations
• Details unorthodox penetration testing techniques by getting inside the mind of a ninja
• Expands upon current penetration testing methodologies including new tactics for hardware and physical attacks

Coding for Penetration Testers discusses the use of various scripting languages in penetration testing. The book presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages. It also provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting. It guides the student through specific examples of custom tool development that can be incorporated into a tester's toolkit as well as real-world scenarios where such tools might be used. This book is divided into 10 chapters that explores topics such as command shell scripting; Python, Perl, and Ruby; Web scripting with PHP; manipulating Windows with PowerShell; scanner scripting; information gathering; exploitation scripting; and post-exploitation scripting. This book will appeal to penetration testers, information security practitioners, and network and system administrators.

• Discusses the use of various scripting languages in penetration testing
• Presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages
• Provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting

Defending your web applications against hackers and attackersThe top-selling book Web Application Hacker's Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender's Cookbook is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants.Each "recipe" shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more.

• Provides practical tactics for detecting web attacks and malicious behavior and defending against them
• Written by a preeminent authority on web application firewall technology and web application defense tactics 
• Offers a series of "recipes" that include working code examples for the open-source ModSecurity web application firewall module

Find the tools, techniques, and expert information you need to detect and respond to web application attacks with Web Application Defender's Cookbook: Battling Hackers and Protecting Users.

Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment―that is, reconnaissance―is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data.Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods.Hacking Web Intelligence is an in-depth technical reference covering the methods and techniques you need to unearth open source information from the Internet and utilize it for the purpose of targeted attack during a security assessment. This book will introduce you to many new and leading-edge reconnaissance, information gathering, and open source intelligence methods and techniques, including metadata extraction tools, advanced search engines, advanced browsers, power searching methods, online anonymity tools such as TOR and i2p, OSINT tools such as Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, Social Network Analysis (SNA), Darkweb/Deepweb, data visualization, and much more.

• Provides a holistic approach to OSINT and Web recon, showing you how to fit all the data together into actionable intelligence
• Focuses on hands-on tools such as TOR, i2p, Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, FOCA, EXIF, Metagoofil, MAT, and many more
• Covers key technical topics such as metadata searching, advanced browsers and power searching, online anonymity, Darkweb / Deepweb, Social Network Analysis (SNA), and how to manage, analyze, and visualize the data you gather
• Includes hands-on technical examples and case studies, as well as a Python chapter that shows you how to create your own information-gathering tools and modify existing APIs

Role engineering secures information systems. It ensures that every user has the right permission to access just the right information, computers, and networks. This book illustrates the entire role engineering process, from project planning to deployment and verification. It also shows how to verify that roles comply with security policies.

Master powerful strategies to acquire and analyze evidence from real-life scenariosKey Features

• A straightforward guide to address the roadblocks face when doing mobile forensics
• Simplify mobile forensics using the right mix of methods, techniques, and tools
• Get valuable advice to put you in the mindset of a forensic professional, regardless of your career level or experience

Book Description: Investigating digital media is impossible without forensic tools. Dealing with complex forensic problems requires the use of dedicated tools, and even more importantly, the right strategies. In this book, you'll learn strategies and methods to deal with information stored on smartphones and tablets and see how to put the right tools to work.We begin by helping you understand the concept of mobile devices as a source of valuable evidence. Throughout this book, you will explore strategies and """"""""plays"""""""" and decide when to use each technique. We cover important techniques such as seizing techniques to shield the device, and acquisition techniques including physical acquisition (via a USB connection), logical acquisition via data backups, over-the-air acquisition. We also explore cloud analysis, evidence discovery and data analysis, tools for mobile forensics, and tools to help you discover and analyze evidence.By the end of the book, you will have a better understanding of the tools and methods used to deal with the challenges of acquiring, preserving, and extracting evidence stored on smartphones, tablets, and the cloud.

In an age in which the boundaries between the real and the virtual are becoming increasingly blurred, this timely guide teaches both the key issues of identity management as well as appropriate strategies and preventative measures for ensuring personal safety in the virtual world. In a corporate setting, it is essential to identify and control the way in which the organization deals with customers, suppliers, employees, and other users who may interact with the information systems of the company. Providing strategies for overcoming this task in real-world terms as well as questions that assist in focusing on the key issues in each chapter—ranging from role-based access control to single sign-ons and electronic identity smart cards—this text provides students and professionals alike with a valuable tool for understanding the complexity of identity in a virtual world.

Identity and Access Management: Business Performance Through Connected Intelligence provides you with a practical, in-depth walkthrough of how to plan, assess, design, and deploy IAM solutions. This book breaks down IAM into manageable components to ease systemwide implementation. The hands-on, end-to-end approach includes a proven step-by-step method for deploying IAM that has been used successfully in over 200 deployments. The book also provides reusable templates and source code examples in Java, XML, and SPML.

• Focuses on real-word implementations
• Provides end-to-end coverage of IAM from business drivers, requirements, design, and development to implementation
• Presents a proven, step-by-step method for deploying IAM that has been successfully used in over 200 cases
• Includes companion website with source code examples in Java, XML, and SPML as well as reusable templates

The second edition of Security Operations Management continues as the seminal reference on corporate security management operations. Revised and updated, topics covered in depth include: access control, selling the security budget upgrades to senior management, the evolution of security standards since 9/11, designing buildings to be safer from terrorism, improving relations between the public and private sectors, enhancing security measures during acute emergencies, and, finally, the increased security issues surrounding the threats of terrorism and cybercrime. An ideal reference for the professional, as well as a valuable teaching tool for the security student, the book includes discussion questions and a glossary of common security terms. Additionally, a brand new appendix contains contact information for academic, trade, and professional security organizations.

• Fresh coverage of both the business and technical sides of security for the current corporate environment
• Strategies for outsourcing security services and systems
• Brand new appendix with contact information for trade, professional, and academic security organizations

Understand how Zero Trust security can and should integrate into your organization. This book covers the complexity of enterprise environments and provides the realistic guidance and requirements your security team needs to successfully plan and execute a journey to Zero Trust while getting more value from your existing enterprise security architecture. After reading this book, you will be ready to design a credible and defensible Zero Trust security architecture for your organization and implement a step-wise journey that delivers significantly improved security and streamlined operations.Zero Trust security has become a major industry trend, and yet there still is uncertainty about what it means. Zero Trust is about fundamentally changing the underlying philosophy and approach to enterprise security―moving from outdated and demonstrably ineffective perimeter-centric approaches to a dynamic, identity-centric, and policy-based approach.Making this type of shift can be challenging. Your organization has already deployed and operationalized enterprise security assets such as Directories, IAM systems, IDS/IPS, and SIEM, and changing things can be difficult. Zero Trust Security uniquely covers the breadth of enterprise security and IT architectures, providing substantive architectural guidance and technical analysis with the goal of accelerating your organization‘s journey to Zero Trust.