segunda-feira, 17 de dezembro de 2012

Common Sense Guide to Mitigating Insider Threats, 4th Edition


Common Sense Guide to Mitigating Insider Threats, 4th Edition

This fourth edition of the Common Sense Guide to Mitigating Insider Threats provides the most current recommendations of the CERT® Program (part of Carnegie Mellon University's Software Engineering Institute), based on an expanded database of more than 700 insider threat cases and continued research and analysis. It introduces the topic of insider threats, explains its intended audience and how this guide differs from previous editions, defines insider threats, and outlines current patterns and trends. The guide then describes 19 practices that organizations should implement across the enterprise to prevent and detect insider threats, as well as case studies of organizations that failed to do so. Each practice includes features new to this
edition: challenges to implementation, quick wins and high-impact solutions for small and large organizations, and relevant security standards. This edition also focuses on six groups within an organization-human resources, legal, physical security, data owners, information technology, and software engineering-and maps the relevant groups to each practice. The appendices provide a revised list of information security best practices, a new mapping of the guide's practices to established security standards, a new breakdown of the practices by organizational group, and new checklists of activities for each practice.

Glossário de Termos -Riscos


The following terminology is based on the 2009 version. The terms are now defined by a single sentence. The comments paragraph associated with each term is not part of the definition, but is provided to give additional context, qualification and explanation. It should be noted that the terms are not necessarily mutually exclusive, and in some cases may have overlapping meanings.

The Dark Side of the Net Past Present and Future of the Cyberthreat Story

The Dark Side of the Net Past Present and Future of the Cyberthreat Story

Stuxnet Cyberwar Revolution in Military Affairs

Stuxnet Cyberwar Revolution in Military Affairs