Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft
暫譯: 內部威脅：保護企業免受破壞、間諜行為和盜竊

Description:

As network defense perimeters get stronger and stronger; IT, security, law enforcement, and intelligence professionals are realizing that the greatest threats to their networks are increasingly coming from within their own organizations. These insiders, comprised of current and former employees or contractors, can use their inside knowledge of a target network to carry out acts of sabotage, espionage, and theft of data. This book will teach IT professional and law enforcement officials about the dangers posed by insiders to their IT infrastructure and how to mitigate these risks by designing and implementing secure IT systems as well as security and human resource policies. The book will begin by identifying the types of insiders who are most likely to pose a threat. Next, the reader will learn about the variety of tools and attacks used by insiders to commit their crimes including: encryption, steganography, and social engineering. The book will then specifically address the dangers faced by corporations and government agencies. Finally, the reader will learn how to design effective security systems to prevent insider attacks and how to investigate insider security breeches that do occur. Throughout the book, the authors will use their backgrounds in the CIA to analyze several, high-profile cases involving insider threats.