Security De-engineering

Security De-engineering

Solving the Problems in Information Risk Management

eBook - 2012
Average Rating:
Rate this:

As hacker organizations surpass drug cartels in terms of revenue generation, it is clear that the good guys are doing something wrong in information security. Providing a simple foundational remedy for our security ills,Security De-Engineering: Solving the Problems in Information Risk Management is a definitive guide to the current problems impacting corporate information risk management. It explains what the problems are, how and why they have manifested, and outlines powerful solutions.

Ian Tibble delves into more than a decade of experience working with close to 100 different Fortune 500s and multinationals to explain how a gradual erosion of skills has placed corporate information assets on a disastrous collision course with automated malware attacks and manual intrusions. Presenting a complete journal of hacking feats and how corporate networks can be compromised, the book covers the most critical aspects of corporate risk information risk management.

Outlines six detrimental security changes that have occurred in the past decade Examines automated vulnerability scanners and rationalizes the differences between their perceived and actual value Considers security products--including intrusion detection, security incident event management, and identity management

The book provides a rare glimpse at the untold stories of what goes on behind the closed doors of private corporations. It details the tools and products that are used, typical behavioral traits, and the two types of security experts that have existed since the mid-nineties--the hackers and the consultants that came later. Answering some of the most pressing questions about network penetration testing and cloud computing security, this book provides you with the understanding and tools needed to tackle today's risk management issues as well as those on the horizon.

Publisher: Boca Raton, Fla. : CRC Press, c2012 (Norwood, Mass. : [generator])
ISBN: 9781439868348
Additional Contributors: Books24x7, Inc


From the critics

Community Activity


Add a Comment

Nov 01, 2014

This book crams in so much food for thought. While not too technical, it's not light reading, because you may be constantly stopping to think about the section you just read.

It provides important insight into the disconnect between IT staff, who are primarily concerned with system availability, and IT security people who are focused on risk and separation.

This needs to be dealt with by IT people at the same time as they try and bridge the disconnect between security and the mission of the business. This will create awareness of what they are up against.

Should be required reading for anyone in information security.

Age Suitability

Add Age Suitability

There are no age suitabilities for this title yet.


Add a Summary

There are no summaries for this title yet.


Add Notices

There are no notices for this title yet.


Add a Quote

There are no quotes for this title yet.

Explore Further

Subject Headings


Find it at VPL

To Top