The Art of Deception: Controlling the Human Element of Security

Amazon.co.uk

The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.

After Mitnick's first dozen examples anyone responsible for organizational security is going to lose the will to live. It's been said before, but people and security are antithetical. Organizations exist to provide a good or service and want helpful, friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.

Considering Mitnick's reputation as a hacker guru, it's ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.

Much of Mitnick's security advice sounds practical until you think about implementation, when you realize that more effective security means reducing organizational efficiency--an impossible trade in competitive business. And anyway, who wants to work in an organization where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world, effective organizations have to acknowledge that total security is a chimera--and carry more insurance. --Steve Patient, amazon.co.uk

Book Description

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.

Customer Reviews:

The Art of Humanity.......2007-09-13

Probably one of the very best books I've ever read in my life. This book follows through some of the life of hacker Kevin Mitnick. A lot of good laughs and some surprising and eye opening admissions that are full of lessons for anyone who uses a computer.
Without being condescending or preachy, Kevin shows people the ways around the easiest element of security to break, the user themselves. For anyone who's been involved with computers from the beginning of the first pre-PC's it's like a page of reminiscences from your own brain 20 years ago.
To newer users it's bordering on the insanity that is hacking lol.

This book is worthy of any home user or even IT professionals attention. Mitnick reveals many of the flaws in the human personality that allow people to abuse them, be it verbally, socially or even physically. I can't recommend this book enough to anyone who's had a problem with a hacker or spyware. It will show you, your and everyone else's major character flaw that can be managed effectively to eliminate the naivety that is the Internet.

Essential Reading.......2007-07-06

This is a book everyone should read. It is not only fascinating, but is an essential lesson in self-protection against those who would prey on the trust and vulnerability of honest and kind people.

Hits the nail on the head, but management won't be able to comprehend the implications!.......2007-06-28

Although many of the examples detailed in this book are dated , the concepts are still as easy to leverage as ever.

Mr. Mitnick offers some possible solutions in this book, however he wasted his effort. As any security expert knows, getting upper management buy in to security is difficult at best. Management pays lip service to security, but they are typically more concerned about privacy issues than taking meaningful steps to address known security risks.

When my organization tasked my team to perform a social engineering assessment of their network, that's what they meant. Over and over, we tried to suggest processes that would be easy to manipulate for even the most amateur attacker, only to be immediately cut off and told no. If there is no technical attack to guard against, management can't begin to process the implications.

Good book to share with staff.......2007-01-31

This book served as a great reminder of why we need to be thoughtful about sharing information. I am buying extra copies to share with our staff. The offered advice was especially useful for large organizations with distributed sensitive information.

Fun read.......2007-01-28

If you are intreased in this, good book. Not a lot of detail, but good read.

History: Fiction or Science? (Chronology, No. 1)

Average customer rating:

Calculations are only as good as your numbers
Pants on fire?
Accepted History & Chronology Must Be Changed.
Very Interesting
History as Science Fiction

History: Fiction or Science? (Chronology, No. 1)
Anatoly Fomenko
Manufacturer: Mithec
ProductGroup: Book
Binding: Paperback

Chinese | Ethnic & National | Biographies & Memoirs | Subjects | Books

Irish | Ethnic & National | Biographies & Memoirs | Subjects | Books

Japanese | Ethnic & National | Biographies & Memoirs | Subjects | Books

Women | Specific Groups | Biographies & Memoirs | Subjects | Books

Doctors & Medicine | Humor | Entertainment | Subjects | Books

Lawyers & Criminals | Humor | Entertainment | Subjects | Books

Love, Sex & Marriage | Humor | Entertainment | Subjects | Books

Assyria, Babylonia & Sumer | Ancient | History | Subjects | Books

Early Civilization | Ancient | History | Subjects | Books

General | Ancient | History | Subjects | Books

Historiography | Historical Study | History | Subjects | Books

General | World | History | Subjects | Books

French | Erotica | Literature & Fiction | Subjects | Books

Victorian | Erotica | Literature & Fiction | Subjects | Books

Epic | Poetry | Literature & Fiction | Subjects | Books

German | Poetry | Literature & Fiction | Subjects | Books

Russian | Poetry | Literature & Fiction | Subjects | Books

Spanish | Poetry | Literature & Fiction | Subjects | Books

Chinese | Classics | Literature & Fiction | Subjects | Books

Conspiracy Theories | Current Events | Nonfiction | Subjects | Books

War on Drugs | Crime & Criminals | Nonfiction | Subjects | Books

English (All) | Dictionaries & Thesauruses | Reference | Subjects | Books

Science | Dictionaries & Thesauruses | Reference | Subjects | Books

Online Research | Genealogy | Reference | Subjects | Books

Native American | Earth-Based Religions | Religion & Spirituality | Subjects | Books

General | Science | Subjects | Books

General | History & Philosophy | Science | Subjects | Books

History of Science | History & Philosophy | Science | Subjects | Books

Magic & Wizards | Fantasy | Science Fiction & Fantasy | Subjects | Books

Sailor Moon | Popular Characters | Children's Books | Subjects | Books

Pilates | Exercise & Fitness | Health, Mind & Body | Subjects | Books

History | Fashion | Arts & Photography | Subjects | Books

Look Inside Art Books | Trip | Specialty Stores | Books

Look Inside Biographies | Trip | Specialty Stores | Books

Look Inside Children's Books | Trip | Specialty Stores | Books

Look Inside Entertainment Books | Trip | Specialty Stores | Books

Look Inside Health Books | Trip | Specialty Stores | Books

Look Inside History Books | Trip | Specialty Stores | Books

Look Inside Fiction Books | Trip | Specialty Stores | Books

Look Inside Nonfiction Books | Trip | Specialty Stores | Books

Look Inside Reference Books | Trip | Specialty Stores | Books

Look Inside Religion & Spirituality Books | Trip | Specialty Stores | Books

Look Inside Romance Books | Trip | Specialty Stores | Books

Look Inside Science Books | Trip | Specialty Stores | Books

Look Inside Science Fiction & Fantasy Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 2913621058

Book Description

Recorded history is a finely-woven magic fabric of intricate lies about events predating the sixteenth century. There is not a single piece of evidence that can be reliably and independently traced back earlier than the eleventh century. This book details events that are substantiated by hard facts and logic, and validated by new astronomical research and statistical analysis of ancient sources.

Customer Reviews:

Calculations are only as good as your numbers.......2007-08-03

Yes, we can all agree that mainstream history is nearly 100% BS due to politics, economics, ego, problems with dating techniques, and various conspiracies. Agreed. But, I've been researching the distinct possibility that human history (in terms of civilizations) are much more ancient than we've been told, so coming across this book was very interesting to me. I wondered how Fomenko could be wrong (if at all) because he is very persuasive in his presentations. Then it dawned on me. If at previous times in prehistory, due to the various catastrophies that are well documented (comets, asteroids, planetary disruptions, plasma discharge, pole reversals, etc) the Earth was in a different position in relation to the sun, different tilt on its axis, different orbit, different rotation (in terms of velocity and DIRECTION), and the continents were in different positions, then would this not cause the ancients to see the sky (constellations) differently? In other words, is Fomenko making erronious assumptions about the physics of the Earth in pre-history, which then corrupt his data with regards to dating the relevant astrology? The last event to seriously disrupt our planet occured roughly 3500 years ago, according to other good researchers, so is it possible Fomenko has been confused by this? The vastly different physics of our planet in the not so distant past may explain this confusion, which is not to say the "mainstream" version of history is correct; on the contrary. I am not an expert in these fields, but wanted to see if this idea could spark discussion.

Pants on fire?.......2007-07-19

Will people ever read before spamming? Yes, Jesuits could not rewrite world history alone, they had help. Anyway, Dr Prof Acad A.Fomenko does not point to jesuits as the driving force of world wide history manipulation in published volumes 1,2,3;, actually he barely mentions the poor devils. Check it with 'Search inside' feature, please. China is rarely mentioned either, in fact, Dr Fomenko is completely eurocentric. Right, his theory contradicts all mainstream schools of history, because in their actual state they are all built on blatantly erroneus chronology. You don't need a mysterious cabal (conspiracy) to falsify history, the falsification is its modus operandi. It is inherent to history(ians) to falsify (distort) events, as it is inherent to humans to boast as it is inherent to power (authority) to legimize itself by referrring to glorious past made to its own order. Dr Prof Fomenko and team have identified scores of instances of such manipulation in Russian, European, etc.. history, and delivered valid statistical proof thereof. His own 'reconstruction' is completely another story. Forget c14 as a valid method of dating. W.Libby has initially discovered a brilliant method of INDEPENDENT dating. Too bad, c14 method has become a joke after a forced marrige with dendrochronology with consensual chronological scale inbuilt. Radiocarbon method can't stand blind tests, but is so very productive as a rubberstamp.

Accepted History & Chronology Must Be Changed. .......2007-04-09

There is no doubt that history as most know it is a sham, & institution's version of History both University & Church is fradulent & inaccurate. Everything was established with an agenda, The real "Dark Ages" are now when we have access to incredible amounts of information past authorities & more important 'common folk' didn't have but our institutions & educators are slow to evolve because of what has ignorantly & arrogantly been taught for too long. This is on many subjects not just Chronology.

For anyone to question "Why would a Mathematician have anything credible to say of History?" The answer is from Dr. Fomenko's preface in the book: "It would be worthwhile to remind the reader that in the XVI-XVII century Chronology was considered to be a subdivision of Mathematics." These volumes could possibly be some of the most important works to date & should be read by everyone with an interest in History, especially professors & educators who have a duty to the public. I have read both books & must say that 'Chronology 1' has some very eye opening & revolutionary information. Even if these volumes are part true the implications are profound & opens the doors to further investigations & questions which must be done. I speak several different lanquages & must say the logic Dr. Fomenko uses with "inflection" of words & words being read from left to right in one region & right to left in another then written backwards, the removal of vowels & get down to basics of words, or different cities & locations having the same name etc. is correct. Vowel usage has always been optional & varied, actually complicating linquistics & study. The first thing one has to understand is that words never had a fixed spelling in history like we do now, the spelling of words was mutable & regional, as well as names & titles of people were vast, varied & changed, NOTHING WAS FIXED or understood linear. Matters of Life & Death as well as financial profiteering yesterday & today were & are made with ignorant, illogical & conspiratorial views of history & reality, it's time people get closer to the Truth & society collectively grow up.

Very Interesting.......2007-03-07

It is a good proposal and I believe it will mature into something even better in the future. I think it deserves to be read.

History as Science Fiction.......2007-01-10

Anatoly Fomenko has written a very intriguing book, full of pictures, charts, and computer 'proof' of his thesis: backwards of AD900 we don't really know what happened or when. Between AD900 and AD1600 there is more certainty, but there is still a lot of fuzzy ground, and things don't get reliable until we get past the 1600's where the printing press made it very difficult for the perpetrators of this timeline manipulation to change anything that had been committed to print. The Dark Ages did not happen. Books were burned for a reason. One organization has doubled the actual length of its existence by expanding the real chronology. Read why.

I had always wondered why Christ died about AD33 and yet men waited until the 11th century to form the Knights Templar, the Cathars, etc and go after the Holy Land by force. Why the 1000 year gap? Turns out there wasn't more than a 10-12 year gap and he proves it using astronomy. This also implies that the planet is not as old as we have been told, and current Christian and other creationist scientists are already championing that idea without being aware of Fomenko's book. The two groups, creationist scientists and the Russian mathematical analysts corroborate each other. Fascinating.

Of course, all this flies in the face of what we have been told traditionally is the 'proper' chronology of western civilization, and most readers will experience 'cognitive dissonance' in reading this book. It means that our history going backwards from AD1600 becomes progressively more incorrect and unreliable until it cannot be trusted at all... in the space of 700-800 years.

Naturally, the curious, open-minded reader will want to know WHO did this, WHY, and did any of the events we think of as really ancient ever happen?
Dr. Fomenko is a respected scientist/mathematician at Moscow State University who has already answered these questions to the satisfaction of his initially skeptical colleagues. Most of them are now believers, a few still refuse to believe (the usual diehards), and of course the western press has ignored Fomenko's work -- for obvious reasons when you read the book. The ones who perpetrated this chronology ruse have a lot to answer for. They are still with us. That's why this book is a well-kept secret.

I gave the book a 4-star rating because I was unable to check out some of his claims; those I checked were as he said. But if even 1/3 of his claims are true, this punches a big hole in what we think is our history, the meaning of western civilization, our educational process (for repeating the ruse as gospel), and the trustworthiness of the organization that perpetrated this ruse, well-intentioned or not.

This book relates to current research into a Young Earth paradigm, to John Keel's discoveries about our planet, and Fr Malachi Martin's insights (in his now out-of-print books). We are indeed sheep who are manipulated and kept ignorant -- for a reason. While knowing what these men have to say may be the "booby prize" (as in: 'what can you do with this knowledge?'), it will provide interesting reading. Didn't someone say: "...and the Truth will set you free."?? For you to judge if this book contains the truth.

Mind Hacks: Tips & Tricks for Using Your Brain (Hacks)

Average customer rating:

Interesting but disappointed
Mind hacks
Not really a "hacks" book
Mind Hacks: Tips & Tools for Using Your Brain
A fun book

Mind Hacks: Tips & Tricks for Using Your Brain (Hacks)
Tom Stafford , and Matt Webb
Manufacturer: O'Reilly Media, Inc.
ProductGroup: Book
Binding: Paperback

Network Security | Networking | Computers & Internet | Subjects | Books

General | Programming | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

Neuropsychology | Psychology & Counseling | Health, Mind & Body | Subjects | Books

General | Mental Health | Health, Mind & Body | Subjects | Books

Cognitive Psychology | Behavioral Sciences | Science | Subjects | Books

General | Behavioral Sciences | Science | Subjects | Books

Internet Security | O'Reilly | By Publisher | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

Look Inside Health Books | Trip | Specialty Stores | Books

Look Inside Science Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0596007795

Book Description

The brain is a fearsomely complex information-processing environment--one that often eludes our ability to understand it. At any given time, the brain is collecting, filtering, and analyzing information and, in response, performing countless intricate processes, some of which are automatic, some voluntary, some conscious, and some unconscious. Cognitive neuroscience is one of the ways we have to understand the workings of our minds. It's the study of the brain biology behind our mental functions: a collection of methods--like brain scanning and computational modeling--combined with a way of looking at psychological phenomena and discovering where, why, and how the brain makes them happen. Want to know more? Mind Hacks is a collection of probes into the moment-by-moment works of the brain. Using cognitive neuroscience, these experiments, tricks, and tips related to vision, motor skills, attention, cognition, subliminal perception, and more throw light on how the human brain works. Each hack examines specific operations of the brain. By seeing how the brain responds, we pick up clues about the architecture and design of the brain, learning a little bit more about how the brain is put together. Mind Hacks begins your exploration of the mind with a look inside the brain itself, using hacks such as "Transcranial Magnetic Stimulation: Turn On and Off Bits of the Brain" and "Tour the Cortex and the Four Lobes." Also among the 100 hacks in this book, you'll find:

Release Eye Fixations for Faster Reactions
See Movement When All is Still
Feel the Presence and Loss of Attention
Detect Sounds on the Margins of Certainty
Mold Your Body Schema
Test Your Handedness
See a Person in Moving Lights
Make Events Understandable as Cause-and-Effect
Boost Memory by Using Context
Understand Detail and the Limits of Attention

Steven Johnson, author of "Mind Wide Open" writes in his foreword to the book, "These hacks amaze because they reveal the brain's hidden logic; they shed light on the cheats and shortcuts and latent assumptions our brains make about the world." If you want to know more about what's going on in your head, then Mind Hacks is the key--let yourself play with the interface between you and the world.

Customer Reviews:

Interesting but disappointed.......2007-07-02

Learning about the mind is okay, but I didn't learn anything that I hadn't seen in Psych 101, and a few interesting articles later on.

Calling it a "hacks" book is false advertising, at best. Should it make it to another printing, I would hope O'Reilly would rename it.

The information seemed accurate, so I'll give it that.

Mind hacks.......2007-02-13

This is a really great book. More novelty than improvement, but still great. If you're looking for something that will be useful as well as attention grabbing then look for the second edition; "Mind Performance Hacks"

Not really a "hacks" book.......2006-11-02

I was sorely disappointed in this book--I checked it out from the local library and hoped that it would actually live up to the subtitle of including tips and tools for using my brain. It didn't; the few "tips" included were those that are found in virtually every other discussion of how to improve memory.

This book is more geared toward folks who are designing user interfaces--it talks about how the brain processes information (and thus describes ways to improve information conveyance).

Mind Hacks: Tips & Tools for Using Your Brain.......2006-07-25

It's a book very interested about language in mind and speech comprehension. I read a short comment in BBC Focus magazine and I wish to read because it's very easy to learn the misteries of mind in cognitive science applied to language and psichology.

A fun book.......2006-04-30

It is not a typical "hacks" book in that it does not tell you how to utilize you brain more effectively or do neat things. It *does* have a lot of exercises that show you cool things on how your brain works with sections describing how your brain works - and a number of experiments (blind spot, Magnet interaction with the brain, word parsing in the the mind, and so on). This book goes very well with a recent title called _Mind Wide Open_ by Steven Johnson.

If you want traditional "hacks" the book "Mind Performance Hacks" just came out, and is chock full of those sorts of experiments, while less informative, does do things like memory tricks, meath calculation, creativity enhancement and so on.

I view "Mind Hacks" as more informative, though, so would recommend this as the first one to get, though the next purchase in this should be the "Mind Performance Hacks."

PeopleSoft HRMS Reporting (The Prentice Hall PTR Enterprise Resource Planning Series)

Average customer rating:

Good peoplesoft book
Excellent documentation for PeopleSoft HRMS
Great Book for quick start
A treasure for technical and functional users
Great Reference Book

PeopleSoft HRMS Reporting (The Prentice Hall PTR Enterprise Resource Planning Series)
Adam T. Bromwich
Manufacturer: Prentice Hall PTR
ProductGroup: Book
Binding: Paperback

Human Resources & Personnel Management | Industries & Professions | Business & Investing | Subjects | Books

Databases | Software | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0130216127

Amazon.com

Adam Bromwich's objective in PeopleSoft HRMS Reporting is to synchronize the perspectives of technical people (PeopleSoft designers and administrators) and functional people (managers who use PeopleSoft). If technicians know what managers need and managers know what technicians can do, more productive enterprises will result. Bromwich succeeds admirably, explaining the human resources, payroll, and benefits aspects of the PeopleSoft HRMS database. Taking a table-by-table approach to the information PeopleSoft stores, the book explains each field in many of the most useful tables and details unusual formatting where it's an issue. He also explains how various pieces of data relate to one another and how best to access them. In one sense, this is a guided tour of a great big relational database.

What's neat about Bromwich's style is his frequent inclusion of workaday tricks and shortcuts for getting things done quickly and easily. These aren't the contrived "hints and tips" that characterize so many software books. Rather, they're practical procedures that the author has learned on the job as a consultant. He's also quick to clarify confusing aspects of PeopleSoft's interface, explaining, for example, that a pay run ID is not the same as a user run ID or a run control ID. He's also careful to explain how PeopleSoft has changed through its revisions, documenting how what used to be a straightforward record of U.S. Social Security numbers is now a more complex facility for handling many countries' citizen-identification systems. --David Wall

Topics covered: The structure and contents of three major PeopleSoft databases: human resources, payroll, and benefits. Detailed attention goes to dates, control tables, personal information tables, department trees, payroll runs, tax issues, and query design with the SQR language.

Customer Reviews:

Good peoplesoft book.......2007-03-29

This is a good book for beginners on Peoplesoft. Some of the core concepts are well explained. I am told there are not many books around on peoplesoft that are good and this one ranks high..

Excellent documentation for PeopleSoft HRMS.......2005-09-23

It is truly a thorough documentation of every important part of PeopleSoft HRMS. It is a handy-dandy book for anybody working in HRMS. Thanks to the author for taking time and putting thoughts to write such a gem.

Great Book for quick start.......2003-04-11

I am a DBA and wanted to work on building a warehouse for PeopleSoft HRMS along with generating reports for the client. This book really helped me and my team to understand the hr/payroll concepts quickly. If you are a DBA/developer working in Peoplesoft environment, good to have this book in your library.

A treasure for technical and functional users.......2002-07-28

This book is a treasure for anyone who needs to get quickly up-to-speed on the PeopleSoft HRMS data architecture and the most common tables against which queries and reports are executed. This alone would make the book invaluable because of the confusing PeopleSoft documentation and the thousands of tables. However, the author goes well beyond by breaking down the most important tables, grouped by function, into attributes and explaining how to create highly useful business reports from them.

In addition to the thorough coverage of the data architecture, the book also provides an excellent compendium of information and tips for using SQR to its fullest potential. Although my main interest is in the tables, I considered material on SQR to be a bonus and learned a great deal from this section.

If you are working with PeopleSoft on either the technical or functional side this book will probably be your most used reference. The author deserves the highest accolades for clear writing, technical knowledge and the ability to distill the essentials into one of the best references and tutorials I've read in a long time.

Great Reference Book.......2002-02-18

I have been working with Peoplesoft product since last five years,I have seen may books in the market but this is the only book I have seen which has very usefull information which helps the begenners a lot to understand main tables and also gives overview of HRMS functionality.

Book Description

This book provides educators with both the theoretical and the practical considerations for planning and implementing technology in schools. It is one of the very few books directed to educational leaders who realize the importance of a long-term vision and investment in technology. Emphasis is placed throughout on the importance of the total application as opposed to any individual component of technology planning. Staff development, facilities, and finances are treated with the same importance as hardware and software. It is meant to form a foundation from which educators will provide the leadership and become agents for realizing the powerful potential of technology in their schools.

Enemy at the Water Cooler: Real-Life Stories of Insider Threats and Enterprise Security Management Countermeasures

Average customer rating:

Real Life Security Stories
"If the only tool you have is a hammer, then every problem is a nail."
Explores an important often neglected topic
Great information and case studies - great book
too relevant for today's security world

Enemy at the Water Cooler: Real-Life Stories of Insider Threats and Enterprise Security Management Countermeasures
Brian Contos
Manufacturer: Syngress
ProductGroup: Book
Binding: Paperback

General | Business & Investing | Subjects | Books

MIS | Industries & Professions | Business & Investing | Subjects | Books

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Look Inside Business Books | Trip | Specialty Stores | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Business & Investing | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 1597491292

Book Description

The book covers a decade of work with some of the largest commercial and government agencies around the world in addressing cyber security related to malicious insiders (trusted employees, contractors, and partners). It explores organized crime, terrorist threats, and hackers. It addresses the steps organizations must take to address insider threats at a people, process, and technology level.

Todays headlines are littered with news of identity thieves, organized cyber criminals, corporate espionage, nation-state threats, and terrorists. They represent the next wave of security threats but still possess nowhere near the devastating potential of the most insidious threat: the insider. This is not the bored 16-year-old hacker. We are talking about insiders like you and me, trusted employees with access to information - consultants, contractors, partners, visitors, vendors, and cleaning crews. Anyone in an organizations building or networks that possesses some level of trust.

* Full coverage of this hot topic for virtually every global 5000 organization, government agency, and individual interested in security.

* Brian Contos is the Chief Security Officer for one of the most well known, profitable and respected security software companies in the U.S.ArcSight.

Customer Reviews:

Real Life Security Stories.......2007-04-13

'Enemy at the Water Cooler: Real-Life Stories of Insider Threats and Enterprise Security Management Countermeasures' by Brian Contos is an interesting look at some real-life situations that have occurred where nasties have gotten into systems and wrecked the havoc that they are looking to cause. While some reviewers have argued that this book is just a sales pitch to go out and buy anti-hacker software and hardware to combat these criminals, they are probably right!!! Security is always a matter of finding the right balance but certainly erring on the side of caution certainly is the safer way to go in most cases!!

Good book for IT people and specifically security whizzes to take a look at.

**** RECOMMENDED

"If the only tool you have is a hammer, then every problem is a nail." .......2007-01-09

Ignore the main title - look at the subtitle. This book is little more than a sales pitch for Enterprise Security Management systems, or more specifically the ESM sold by the author's company, with a random assortment of largely unattributed and barely analyzed anecdotes on information security incidents mostly relating to ESM. The link to "insider threats' is tenuous at best and in the most part is merely used as an excuse to hype the wonders of ESM.

If you are seriously interested in ESM, you probably wrote the gushing "review notes" on the cover or the foreword (written by Hugh Njemanze, CTO of - you guessed it - the same ESM company). I'm far from convinced that anyone else (except perhaps from the ESM company and its customers who may be happy with an extremely biased view of the value of ESM) would benefit from this book, even if it is "vendor neutral" (page xxii). If you are looking for some meaningful insight into and analysis of the "insider threat", and perhaps some practical and worthwhile countermeasures apart from ESM, look elsewhere.

Explores an important often neglected topic.......2006-12-01

Even though hacker Kevin Mitnick's notorious exploits are more than a decade old, the media, and even some security professionals, continue to be obsessed with him. In early October 2006 alone, his name came up a few dozen times in a search of the prior month of Google News. Those obsessed with hackers are missing the far greater threat: trusted insiders.

The insider threat shouldn't be a surprise: employee theft takes a bigger bite out of retailers than does shoplifting, and company personnel give away more secrets than are stolen by spies.

On average, authorized network users gain access to 10 to 20 times more resources than they need to perform their jobs, and this extra access leads to most network security breaches. With that as its starting point, Enemy at the Water Cooler looks at the problem of the trusted insider and how to reduce both the threat and the vulnerability. Author Brian Contos astutely notes that insider attacks are the hardest ones to defend against, detect, and manage.

The first part of the book sketches the risks that insiders pose to an organization. It also details mechanisms that can be used to control these risks.

One such solution is ESM (Enterprise Security Management) software. (Full disclosure: the author is the CSO for a leading ESM vendor and some of the illustrations in the book are screenshots from this vendor's product.) ESM software centrally collects and analyzes log data from various entities within a network. When correctly deployed, ESM can be used to discover internal risks, in addition to correlating security information and performing other valuable tasks.

The final chapters of the book run through real-life case studies in which Contos shows how ESM mitigated, or could have mitigated, the risk.

Although the book has a lot of information, at $49.95 for fewer than 250 pages, the book is overpriced. Even though it can come across as self-serving, the book should be commended for tackling a vital and often neglected topic.

Great information and case studies - great book.......2006-11-15

This book was extremely easy to read and enjoyable. The case studies made complex concepts such as collaborative attacks and advanced intruder discovery/remediation techniques understandable. I've even shared the case studies with my management as examples of risk to help push our insider threat program forward. I found that sharing key case studies that are relevant to our business helped to make my point about why we need to pay more attention to threats from the inside. And the way the book is written, I don't need to translate tech talk to business talk.

In addition to the insider threat information, the initial chapter that gives an overview of computer-based threats from organized crime, nation-states and terrorist was an eyeopener. The author does an excellent job explaining how these groups use insiders (employees mostly) to help carryout their agendas.

Since reading the book I've also listened to several webcasts and podcasts from the author. I found these to be informative and in several instances, the case studies from the book are explored in even more detail as the author discusses subtitle points that aren't necessarily covered in the book.

I've read a few books on insider threat now, and this is by far one of my favorites, and more so, it has shown great utility at work. Engineers like it, and so does my senior management.

too relevant for today's security world.......2006-11-15

great problem statement and introduction to the overall issues and background surrounding insider threat. Insider threat is one of the hardest problems to understand and address in today's fast moving technology rich organizations. The author seems to have real world experience in dealing with these types of issues and I really enjoyed the insights especially in the use case examples. A nice read.

thanks

Business Intelligence: The Savvy Manager's Guide (The Savvy Manager's Guides)

Average customer rating:

Everyone has some friends
Great Pimer for BI
Author's Note
Excellent structured and indepth presentation of topic
Good Overview for Business Manager

Business Intelligence: The Savvy Manager's Guide (The Savvy Manager's Guides)
David Loshin
Manufacturer: Morgan Kaufmann
ProductGroup: Book
Binding: Paperback

General | Business & Investing | Subjects | Books

Human Resources & Personnel Management | Industries & Professions | Business & Investing | Subjects | Books

MIS | Industries & Professions | Business & Investing | Subjects | Books

Systems Analysis | Management & Leadership | Business & Investing | Subjects | Books

General | Programming | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Business & Investing | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books
Similar Items:

ASIN: 1558609164

Book Description

Business Intelligence describes the basic architectural components of a business intelligence environment, ranging from traditional topics such as business process modeling, data modeling, and more modern topics such as business rule systems, data profiling, information compliance and data quality, data warehousing, and data mining. This book progresses through a logical sequence, starting with data model infrastructure, then data preparation, followed by data analysis, integration, knowledge discovery, and finally the actual use of discovered knowledge. The book contains a quick reference guide for business intelligence terminology. Business Intelligence is part of Morgan Kaufmann's Savvy Manager's Guide series.

* Provides clear explanations without technical jargon, followed by in-depth descriptions.
* Articulates the business value of new technology, while providing relevant introductory technical background.
* Contains a handy quick-reference to technologies and terminologies.
* Guides managers through developing, administering, or simply understanding business intelligence technology.
* Bridges the business-technical gap.
* Is Web enhanced. Companion sites to the book and series provide value-added information, links, discussions, and more.

Customer Reviews:

Everyone has some friends.......2007-08-04

I had the misfortune of getting the book from the author when I attended a BI session where he was the guest feature.

He was terrible; did not have one straight answer for even simple questions. The book does not have even one original thought and is re-hash of good books written earlier. Of-course it would have been a huge surprise if it did.

I had, happily, forgotten about that wasted afternoon and this crappy book till a search on 'analytics' revealed that this book has such high ratings from readers.

Then I was somewhat relieved to see that it was just 6 of the author's close friends who had sent in the reviews.

PLEASE save yourself the money and take a look at this book at a bookstore/library before you invest your time and money in it.

Great Pimer for BI.......2007-03-23

This book is a great primer for BI. If you only plan to read one book on the subject, this would be a good choice.

Author's Note.......2006-04-27

Thanks for looking at the reviews for my book, "Business Intelligence - The Savvy Manager's Guide." If you are interested in the topics I describe in this book, you may also find my colleague Dave McComb's Savvy Manager's Guide, "Semantics in Business Systems" of great interest as well. As we focus more and more on understanding meaning, content, and context of the data that is available to us through multiple media, it is important to get a handle on notions of semantics, taxonomies, and information organization. Dave's book is a good complement to mine!

Excellent structured and indepth presentation of topic.......2005-11-02

The book does a fantastic job of providing a managerial level overview of the business intelligence area and the various topics it includes (ETL, Data Cleansing, Metadata, Data Werehousing, ....).

To me its easily the first book one should start with in understanding these areas. After which you can choose to dig into areas of interest - data mining, ....

I direct a group of product managers in one of the leading business intelligence/ETL companies in this arena and I have made this required reading for all my product managers.

I highly recommend this book. Simply buy it - read it.

Good Overview for Business Manager.......2005-10-13

This book does a very good job of providing an overview and insight into the concepts of business intelligence without getting bogged down in the details of technology. The book covers a wide range of topics from the value of business intellligence (BI) to the issues of data quality and information compliance. Additionally, the book includes a quick reference guide at the end of the book which is an executive summary of the topics presented and at the end of many chapters includes a section titled "To Learn More" which provides links and references to further explore the topic.

I am an IT professional familiar with BI, charged with designing and implementing a BI stretgy for my organization. This book did not add significantly to my knowledge, however as a tool for those unfamiliar with the concepts and challenges of BI this is a very good read and reference tool.

Lessons in Learning, e-Learning, and Training: Perspectives and Guidance for the Enlightened Trainer

Average customer rating:

Worth the money...
Just Learn It!
Great Answers to Real World Learning Problems

Lessons in Learning, e-Learning, and Training: Perspectives and Guidance for the Enlightened Trainer
Roger C. Schank
Manufacturer: Pfeiffer
ProductGroup: Book
Binding: Paperback

General | Business & Investing | Subjects | Books

Human Resources & Personnel Management | Industries & Professions | Business & Investing | Subjects | Books

Motivational | Management & Leadership | Business & Investing | Subjects | Books

Training | Management & Leadership | Business & Investing | Subjects | Books

Organizational Learning | Organizational Behavior | Business & Investing | Subjects | Books

Manager's Guides to Computing | Business & Culture | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Look Inside Business Books | Trip | Specialty Stores | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Business & Investing | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0787976660

Book Description

From Roger C. Schank—one of the most highly respected thinkers, writers, and speakers in the training, learning, and e-learning community—comes a compelling book of essays that explore the myriad issues related to challenges faced by today’s instructional designers and trainers. The essays offer a much-needed perspective on what trainers do, why they do it, and how they do it. Lessons in Learning, e-Learning, and Training serves as a barometer to the issues that often perplex trainers and helps to illuminate three main points: what can and cannot be taught; how people think and learn; and what technology can really effectively provide. In addition, each essay is filled with practical guidance and includes a summary of ideas, tips and techniques, things to think about, checklists, and other job aids.

Customer Reviews:

Worth the money..........2007-01-04

I was looking for a few quick tips and some basics to get me started in the eLearning category. This book delivered on that need. It reads like a motivational speech and most of the content seems to come straight from the author's own experience but still good content given my newness to the subject area and body of knowledge.

Just Learn It!.......2005-06-13

A few days ago, I finished reading Roger Schank's latest book, Lessons in Learning, e-Learning, and Training, and I've recommended it to everyone with whom I've spoken at any length since. If you follow Roger's work, you won't find many new concepts. What's new is that Roger has chiselled his messages in bold relief so that only the totally clueless can fail to get the point. He eats his own cooking by bringing his material to life through compelling stories.

Admittedly, Roger is a lightening rod. No one who has experienced him is ambivalent. Many people can't get past his faux-movie star persona: Roger's a big, buff, bald, larger-than-life character who beats George Hamilton in the tanning department and tops Salvador Dali in ego. He's also an original thinker whose acolytes from the Institute for Learning Sciences have spread his gospel far and wide. He particularly irks academics because he's one of them, having been a professor at Stanford, Yale, Carnegie-Mellon, and Northwestern.

Ruth Clark sums up Lessons in Learning, e-Learning, and Training in the foreword: "The basic premise of this book is that learning is an inductive process. In everyday words, learning occurs by experience, and the best instruction offers learners opportunities to distill their knowledge and skills from interactive stories."

From the book:

"People who learn on their own learn exactly what they find interesting and potentially useful."

"For years I have been preaching that the big three issues in education are reasoning, communication, and human relations. Schools must enable students to learn these skills, that they are more important in daily life by far than physics, mathematics, or ancient history."

"Classrooms are, for the most part, a waste of time."

"We define ourselves through the stories we choose to tell. Story exchange is what conversation is all about. Stories are at the center of our ability to understand the world around us."

"Time constraints are the enemy of learning by doing. It takes time to practice - and without practice there is no real learning."

Socratic Arts links to many of Roger's papers and to his hyperbook Engines for Education. Excerpt from Engines:

Mostly, [kids] should be learning that learning is fun. They should be learning that expanding one's horizons is fun, that learning you were wrong about something is not so painful, and that taking an educational risk is worth doing. They should be learning that school is a good place to do these things. The children of today dread going back to school in September, dread exams, dread receiving their grades, and are generally fearful. No wonder school is stressful. But there is no reason children cannot have intellectual fun, cannot be excited by ideas, and cannot be challenged to acquire new knowledge. Natural learning is a basically enjoyable thing to do. Two-year-olds love to learn. Many adults love to learn. Only school-age children associate learning with fear of failure. We must get the fear of failure out of the school system. Cramming for an exam or trying to please a teacher ought not to be the goal of those seeking an education. If we fail to understand this in a profound way, there will be no helping our schools or our children.

Roger's latest Educational Outrage column rants about criticism of Trump University (of which he is Chief Learning Officer). Why does the press take on Donald Trump for naming a university for himself but accept it when Leland Stanford did the same thing? Actually, Stanford named the school for his son, Leland Stanford, Jr., but that's beside the point. The reaction of the press sets Roger in motion on an old but worthy rant:

The question is why school teaches the subjects that it does and whether that should be allowed to continue. Most of what you learn in high school is irrelevant to anyone's real life. Ask any high school student - they know this all too well. The truth is that unless you want to be a professor, most of what you learn in college or graduate school can be quite irrelevant as well. Even MBA programs, practical as they may be in principle, tend to forget that the students are just there to learn how to do well in business. Professors, who are of course quite academic, might not be the best determiners of what students want to learn or need to learn. Typically they just teach what they want to teach, which is not the same thing. The high school curriculum, school incarnate, was designed by a bunch of professors in 1892. They were not thinking about what students might need to learn in order to succeed in today's world.

...

I have always said that everything wrong with education starts with the letter P:

1. Publishers - because they dominate the world of education the way it was.
2. Politicians - because they only care about measurable change in existing education, hence tests.
3. Princeton - or any great university that requires SATs and a fixed HS curriculum that was designed in 1892.
4. Princeton - home of the education testing service the great evil of our time.
5. Press - which intimidates all schools with publishing results of minute differences in test score results.
6. Parents - who insist that school be like it was when they went to school.

Great Answers to Real World Learning Problems.......2005-03-24

The key to this book is summed up in the first chapter:

People who learn on their own learn exactly what they find interesting or potentially useful.

After making this point he goes on for the rest of the book telling stories. Mr. Schank uses stories as a teaching aid. Stories move material from the what he wants to tell the student, to the this is "interesting or potentially useful" column in the student mind. Motivated students learn.

The next strongest point is that people learn mostly by doing. Some things are hard to train by doing. How do you train Art History by doing? Well, how about you give the class some pictures, with the instruction that some of them are old masters and some are forgeries. The class assignment is to determine which is which. Now the students have to really examine the pictures. They have to learn techniques, they have to DO!.

Finally he gets to eLearning and to a discussion on what high school and the rest of our educational system teaches. As I look at the job the local schools are doing, someone should ask these questions, but the teachers union isn't going to like the answers.

Statistical Methods for Survival Data Analysis (Wiley Series in Probability and Statistics)

Average customer rating:

It's the best resource I found for survival data analysis!

Statistical Methods for Survival Data Analysis (Wiley Series in Probability and Statistics)
Elisa T. Lee , and John Wenyu Wang
Manufacturer: Wiley-Interscience
ProductGroup: Book
Binding: Hardcover

General | Medicine | Subjects | Books

General | Research | Medicine | Subjects | Books

Research | Medical | Professional & Technical | Subjects | Books

Look Inside Science Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Medicine | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0471369977

Book Description

Third Edition brings the text up to date with new material and updated references.

New content includes an introduction to left and interval censored data; the log-logistic distribution; estimation procedures for left and interval censored data; parametric methods iwth covariates; Cox's proportional hazards model (including stratification and time-dependent covariates); and multiple responses to the logistic regression model.
Coverage of graphical methods has been deleted.
Large data sets are provided on an FTP site for readers' convenience.
Bibliographic remarks conclude each chapter.

Customer Reviews:

It's the best resource I found for survival data analysis!.......1997-10-21

As a graduate student in epidemiology who is incessantly looking for better ways to learn abstract concepts in statistics, I highly recommend this book by Elisa Lee. It's one of the few books that I found which explains advanced level statistics, such as parametric and non-parametric analysis, in a way that non-statisticans like myself can understand. It's also a handy reference to have at your side while reading the methods section of journal articles.

The IT Consultant : A Commonsense Framework for Managing the Client Relationship

Average customer rating:

its like getting $2000 training in the form of a book.
Discouraging
Over-rated
A great Read
Insightful!

The IT Consultant : A Commonsense Framework for Managing the Client Relationship
Rick Freedman , and Rick Freeman
Manufacturer: Pfeiffer
ProductGroup: Book
Binding: Hardcover

General | Business & Investing | Subjects | Books

Consulting | Industries & Professions | Business & Investing | Subjects | Books