Showing 1–12 of 51 results

Big Data Analytics in Cybersecurity and IT Management

$163.10

The power of big data in cybersecurity — Big data analytics for network forensics — Dynamic analytics-driven assessment of vulnerabilities and exploitation — Big data analytics for mobile app security — Machine unlearning: repairing learning models in adversarial — Environments — Cybersecurity training — Machine unlearning: repairing learning models in adversarial environments — Big data analytics for mobile app security — Security, privacy and trust in cloud computing: challenges and solutions — Cybersecurity in internet of things (IOT) — Data visualization for cyber security — Analyzing deviant socio-technical behaviors using social network analysis and cyber forensics-based methodologies — Security tools — Data and research initiatives for cybersecurity analysis

Ebook Cryptography And Network Security: Principles And Practice 7th Global Edition

$54.10

For courses in Cryptography, Computer Security, and Network Security The Principles and Practice of Cryptography and Network Security Stallings’ Cryptography and Network Security, Seventh Edition, introduces students to the compelling and evolving field of cryptography and network security. In an age of viruses and hackers, electronic eavesdropping, and electronic fraud on a global scale, security is paramount. The purpose of this book is to provide a practical survey of both the principles and practice of cryptography and network security. In the first part of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practical applications that have been implemented and are in use to provide network security. The Seventh Edition streamlines subject matter with new and updated material – including Sage, one of the most important features of the book. Sage is an open-source, multiplatform, freeware package that implements a very powerful, flexible, and easily learned mathematics and computer algebra system. It provides hands-on experience with cryptographic algorithms and supporting homework assignments. With Sage, students learn a powerful tool that can be used for virtually any mathematical application. The book also provides an unparalleled degree of support for instructors and students to ensure a successful teaching and learning experience.

Out of stock

Securing an IT Organization through Governance, Risk Management, and Audit

Past events have shed light on the vulnerability of mission-critical computer systems at highly sensitive levels. It has been demonstrated that common hackers can use tools and techniques downloaded from the Internet to attack government and commercial information systems. Although threats may come from mischief makers and pranksters, they are more likely to result from hackers working in concert for profit, hackers working under the protection of nation states, or malicious insiders.

Securing an IT Organization through Governance, Risk Management, and Audit introduces two internationally recognized bodies of knowledge: Control Objectives for Information and Related Technology (COBIT 5) from a cybersecurity perspective and the NIST Framework for Improving Critical Infrastructure Cybersecurity (CSF). Emphasizing the processes directly related to governance, risk management, and audit, the book provides details of a cybersecurity framework (CSF), mapping each of the CSF steps and activities to the methods defined in COBIT 5. This method leverages operational risk understanding in a business context, allowing the information and communications technology (ICT) organization to convert high-level enterprise goals into manageable, specific goals rather than unintegrated checklist models.

The real value of this methodology is to reduce the knowledge fog that frequently engulfs senior business management, and results in the false conclusion that overseeing security controls for information systems is not a leadership role or responsibility but a technical management task. By carefully reading, implementing, and practicing the techniques and methodologies outlined in this book, you can successfully implement a plan that increases security and lowers risk for you and your organization.

Features

Introduces COBIT 5 methods from a cybersecurity perspective
Provides details of the cybersecurity framework (CSF) with emphasis on the processes directly related to governance, risk management, and audit
Maps each of the CSF steps and activities to the methods defined in COBIT 5 which results in an extension of the CSF objectives with practical and measurable activities
Leverages operational risk understanding in a business context, allowing readers to be proactive and competitive
Conveys value to the ICT organization’s stakeholders, converting high-level enterprise goals into manageable, specific goals rather than unintegrated checklist models

Out of stock
Out of stock

Security without Obscurity: A Guide to PKI Operations

Most books on public key infrastructure (PKI) seem to focus on asymmetric cryptography, X.509 certificates, certificate authority (CA) hierarchies, or certificate policy (CP), and certificate practice statements. While algorithms, certificates, and theoretical policy are all excellent discussions, the real-world issues for operating a commercial or private CA can be overwhelming.

Security without Obscurity: A Guide to PKI Operations provides a no-nonsense approach and realistic guide to operating a PKI system. In addition to discussions on PKI best practices, the book supplies warnings against bad PKI practices. Scattered throughout the book are anonymous case studies identifying both good and bad practices.

The highlighted bad practices, based on real-world scenarios from the authors’ experiences, illustrate how bad things are often done with good intentions but cause bigger problems than the original one being solved.

This book offers readers the opportunity to benefit from the authors’ more than 50 years of combined experience in developing PKI-related policies, standards, practices, procedures, and audits, as well as designing and operating various commercial and private PKI systems.

Features

Provides a no-nonsense approach and realistic guide for operating a PKI system
Includes discussions on PKI best practices and contains warnings against PKI bad practices
Presents multiple anonymous case studies that illustrate what not to do when handling particular problems

Out of stock
Out of stock

The Data Protection Officer: Profession, Rules, and Role

The EU’s General Data Protection Regulation created the position of corporate Data Protection Officer (DPO), who is empowered to ensure the organization is compliant with all aspects of the new data protection regime. Organizations must now appoint and designate a DPO. The specific definitions and building blocks of the data protection regime are enhanced by the new General Data Protection Regulation and therefore the DPO will be very active in passing the message and requirements of the new data protection regime throughout the organization. This book explains the roles and responsiblies of the DPO, as well as highlights the potential cost of getting data protection wrong.

Features
Explains the General Data Protection Regulation
Explains the roles and responsiblies of the DPO position required by the General Data Protection Regulation
Highlights the potential cost of getting data protection wrong

Out of stock
Out of stock

Enterprise Mobility with App Management, Office 365, and Threat Mitigation: Beyond BYOD

Enable employees to be productive and access data from any location or device Protect both corporate assets and employee privacy, so your people can be fully productive from any device, anywhere. Learn how to use Microsoft Intune to manage applications to satisfy your unique requirements, make the most of Mobile Device Management (MDM) for Office 365, and defend on-premises resources with Microsoft Advanced Threat Analytics (ATA). Plan, deploy, and deliver complete enterprise mobility while improving security * Choose the right Microsoft enterprise mobility solution for your organization* Protect apps and data with Microsoft Intune Mobile Application Management (MAM)* Identify suspicious user or device activity in hybrid cloud/on-premises environments* Prepare for and successfully implement Microsoft ATA* Flexibly manage diverse mobile devices with MDM for Office 365* Configure access, define policies, enroll mobile devices, and manage compliance

About the Author

YURI DIOGENES is a Senior Content Developer on the CSI Enterprise Mobility Team, focusing on BYOD and Azure Security Center. Previously, Yuri has worked as a writer for the Windows Security Team and as a Support Escalation Engineer for the CSS Forefront Team, also at Microsoft. He has a Master of Science degree in Cybersecurity Intelligence and Forensics from UTICA College and an MBA from FGF in Brazil, and he holds several industry certifications. He is co-author of Enterprise Mobility Suite: Managing BYOD and Company-Owned Devices (Microsoft Press, 2015), Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion (Microsoft Press, 2010), and three other Forefront titles from Microsoft Press. JEFF GILBERT is a Senior Content Publishing Manager on the Enterprise Mobility Team at Microsoft. He manages the documentation teams supporting Microsoft System Center Configuration Manager and Microsoft Intune. Prior to returning to management, he was responsible for authoring cross-product solutions to IT business problems involving enterprise client-management technologies, including Microsoft System Center Configuration Manager, Microsoft Intune, and MDOP. Previously, Jeff was the content publishing manager for MDOP and a senior technical writing lead for the Configuration Manager 2007 documentation team. Before joining Microsoft, Jeff was an SMS administrator with the US Army. Jeff is a regular speaker on enterprise client management and MDOP technologies at conferences including the Microsoft Management Summit (MMS), TechEd, ITDev Connections, and the Minnesota Management Summit (MMS). ROBERT MAZZOLI is a Senior Content Developer with Microsoft on the Enterprise Mobility team, working on developing enterprise mobility solutions using the Microsoft Enterprise Mobility Suite and MDM for Office 365. Robert joined the Enterprise Mobility team in 2014 and has been a speaker on enterprise mobility solutions and mobile device management at several conferences, including Ignite 2015 and the 2015 Microsoft MVP Summit. Previously, Robert was a Senior Content Developer for Microsoft Exchange Server and Exchange Online in Office 365, specializing in Exchange hybrid deployments and managing the Exchange Server Deployment Assistant. Before joining Microsoft, Robert owned an information technology consulting business and served as an officer in the United States Navy.

Out of stock

Cryptography and Network Security: Principles and Practice 7th Global Edition

$69.70

For courses in Cryptography, Computer Security, and Network Security The Principles and Practice of Cryptography and Network Security Stallings’ Cryptography and Network Security, Seventh Edition, introduces students to the compelling and evolving field of cryptography and network security. In an age of viruses and hackers, electronic eavesdropping, and electronic fraud on a global scale, security is paramount. The purpose of this book is to provide a practical survey of both the principles and practice of cryptography and network security. In the first part of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practical applications that have been implemented and are in use to provide network security. The Seventh Edition streamlines subject matter with new and updated material – including Sage, one of the most important features of the book. Sage is an open-source, multiplatform, freeware package that implements a very powerful, flexible, and easily learned mathematics and computer algebra system. It provides hands-on experience with cryptographic algorithms and supporting homework assignments. With Sage, students learn a powerful tool that can be used for virtually any mathematical application. The book also provides an unparalleled degree of support for instructors and students to ensure a successful teaching and learning experience.

Out of stock

Security and Auditing of Smart Devices: Managing Proliferation of Confidential Data on Corporate and BYOD Devices

Most organizations have been caught off-guard with the proliferation of smart devices. The IT organization was comfortable supporting the Blackberry due to its ease of implementation and maintenance. But the use of Android and iOS smart devices have created a maintenance nightmare not only for the IT organization but for the IT auditors as well. This book will serve as a guide to IT and Audit professionals on how to manage, secure and audit smart device. It provides guidance on the handling of corporate devices and the Bring Your Own Devices (BYOD) smart devices.

About the Author

Sajay Rai has more than 30 years of experience in information technology, specializing in information technology processes, IT architecture, security, business continuity, disaster recovery, privacy, IT audit and information risk. Mr. Rai is the Founder and CEO of Securely Yours LLC, which is focused on delivering innovative solutions through delivery channels like Software-as-a-Service, Managed Services and traditional IT consulting. Prior to starting Securely Yours LLC, Mr. Rai was a Partner with Ernst & Young LLP for 10 years and was responsible for the information advisory practice in the Detroit Metro area. He also served as the national leader of EY’s Information Security and Business Continuity practices. Mr. Rai’s clients included General Motors, Blue Cross Blue Shield of Michigan, Yazaki North America, Tecumseh and Federal Mogul. He also served as a member of his firm’s Partners Advisory Council. Mr. Rai also worked with IBM for 13 years, most recently serving as an executive of the national Business Continuity and Contingency consulting practice. He was instrumental in starting the company’s Information Security consulting practice and managing its information technology consulting practice in Latin America. Mr. Rai co-authored Defending the Digital Frontier: A Security Agenda, which guides business and IT executives on how to develop an effective and efficient information security program within their enterprise. He also co-authored Institute of Internal Auditors’ publications of “Sawyer’s Internal Audit Handbook 6th Edition” and the publication of IIA’s Global Technology Audit Guide (GTAG) No. 9 on the topic of Identity and Access Management. Mr. Rai is a member of IIA’s Professional Issues Committee (PIC). He also serves on the board of ISACA Detroit Chapter, IIA’s Detroit Chapter, Society of Information Management (SIM) Detroit Chapter and as a member of Walsh College’s Accounting Advisory and Technology Committees. Mr. Rai is a regular speaker at industry conferences on information security, business continuity, disaster recovery, technology strategy and is frequently quoted in magazines and newspapers. He has also served as expert witness in litigation cases in the area of information technology and information security. He holds a Master’s degree in Information Management from Washington University of St. Louis, and a Bachelors degree in Computer Science from Fontbonne College of St. Louis.

Out of stock
Out of stock

The Mobile Application Hacker’s Handbook

See your app through a hacker’s eyes to find the real sources of vulnerability The Mobile Application Hacker’s Handbook is a comprehensive guide to securing all mobile applications by approaching the issue from a hacker’s point of view. Heavily practical, this book provides expert guidance toward discovering and exploiting flaws in mobile applications on the iOS, Android, Blackberry, and Windows Phone platforms. You will learn a proven methodology for approaching mobile application assessments, and the techniques used to prevent, disrupt, and remediate the various types of attacks. Coverage includes data storage, cryptography, transport layers, data leakage, injection attacks, runtime manipulation, security controls, and cross-platform apps, with vulnerabilities highlighted and detailed information on the methods hackers use to get around standard security. Mobile applications are widely used in the consumer and enterprise markets to process and/or store sensitive data. There is currently little published on the topic of mobile security, but with over a million apps in the Apple App Store alone, the attack surface is significant. This book helps you secure mobile apps by demonstrating the ways in which hackers exploit weak points and flaws to gain access to data. * Understand the ways data can be stored, and how cryptography is defeated * Set up an environment for identifying insecurities and the data leakages that arise * Develop extensions to bypass security controls and perform injection attacks * Learn the different attacks that apply specifically to cross-platform apps IT security breaches have made big headlines, with millions of consumers vulnerable as major corporations come under attack. Learning the tricks of the hacker’s trade allows security professionals to lock the app up tight. For better mobile security and less vulnerable data, The Mobile Application Hacker’s Handbook is a practical, comprehensive guide.

About the Author

DOMINIC CHELL is a director of MDSec and a recognized expert in mobile security, providing training to leading global organizations.
TYRONE ERASMUS is an expert on Android security and heads Mobile Practice at MWR InfoSecurity SA.
SHAUN COLLEY is a security consultant and researcher at IOActive specializing in mobile security and reverse engineering.
OLLIE WHITEHOUSE is Technical Director with NCC Group who has previously worked for BlackBerry and Symantec specialising in mobile security.

Out of stock
Out of stock

Enterprise Systems Integration 2nd Edition

The convergence of knowledge, technology, and human performance which comprises today’s enterprise allows creative business process design. Thus, an organization can create new and innovative ways to service customers or to do business with suppliers and make itself a leader in its field. This capability relies on a successful strategy that integrates the enterprise. Enterprise Systems Integration, Second Edition continues to provide you with the business insight and the technical know-how that ensures successful systems integration.The book combines the perspectives, knowledge, and experience of more than 70 experts in the various areas that involve enterprise integration. Their expertise ranges from hands-on experience with technology and project management to the higher-level issues of business and management strategy. Each chapter examines an issue or technology relevant to today’s enterprise. Collectively, these chapters span the range of enterprise computing and systems integration. Once armed with the strategy and technologies, you must successfully deploy ERP systems within budget and on time. In addition, you must be able to integrate them into the rest of the enterprise. Still, ERP software does not make up the full picture of today’s enterprise. Legacy systems, e-commerce and other Web-based systems, client/server applications, networks and communications systems, data warehousing, and integrated databases enter into the mix. Enterprise Systems Integration, Second Edition paints a comprehensive picture of the technologies that comprise today’s enterprise and shows you how to make them work together.

Out of stock
Out of stock

Fraud Analytics Using Descriptive, Predictive, and Social Network Techniques: A Guide to Data Science for Fraud Detection (Wiley and SAS Business Series) 1st Edition

Detect fraud earlier to mitigate loss and prevent cascading damage Fraud Analytics Using Descriptive, Predictive, and Social Network Techniques is an authoritative guidebook for setting up a comprehensive fraud detection analytics solution. Early detection is a key factor in mitigating fraud damage, but it involves more specialized techniques than detecting fraud at the more advanced stages. This invaluable guide details both the theory and technical aspects of these techniques, and provides expert insight into streamlining implementation. Coverage includes data gathering, preprocessing, model building, and post-implementation, with comprehensive guidance on various learning techniques and the data types utilized by each. These techniques are effective for fraud detection across industry boundaries, including applications in insurance fraud, credit card fraud, anti-money laundering, healthcare fraud, telecommunications fraud, click fraud, tax evasion, and more, giving you a highly practical framework for fraud prevention. It is estimated that a typical organization loses about 5% of its revenue to fraud every year. More effective fraud detection is possible, and this book describes the various analytical techniques your organization must implement to put a stop to the revenue leak. * Examine fraud patterns in historical data * Utilize labeled, unlabeled, and networked data * Detect fraud before the damage cascades * Reduce losses, increase recovery, and tighten security The longer fraud is allowed to go on, the more harm it causes. It expands exponentially, sending ripples of damage throughout the organization, and becomes more and more complex to track, stop, and reverse. Fraud prevention relies on early and effective fraud detection, enabled by the techniques discussed here. Fraud Analytics Using Descriptive, Predictive, and Social Network Techniques helps you stop fraud in its tracks, and eliminate the opportunities for future occurrence.

About the Author

BART BAESENS is a full professor at KU Leuven, and a lecturer at the University of Southampton. He has done extensive research on analytics, customer relationship management, web analytics, fraud detection, and credit risk management. He regularly advises and provides consulting support to international firms with respect to their analytics and credit risk management strategy. VERONIQUE VAN VLASSELAER is a PhD researcher in the Department of Decision Sciences and Information Management at KU Leuven. Her research focuses on the development of new techniques for fraud detection by combining predictive and network analytics. WOUTER VERBEKE is an assistant professor at Vrije Universiteit Brussel (Brussels, Belgium). His research is situated in the field of predictive analytics and complex network analysis with applications in fraud, marketing, credit risk, human resources management, and mobility.

Out of stock