Skip to Content

Cyberspace and Cybersecurity

By George Kostopoulos

Auerbach Publications – 2013 – 236 pages

Purchasing Options:

  • Add to CartHardback: $83.95
    978-1-46-650133-1
    July 26th 2012

Description

Based on related courses and research on the cyber environment in Europe, the United States, and Asia, Cyberspace and Cybersecurity supplies complete coverage of cyberspace and cybersecurity. It not only emphasizes technologies but also pays close attention to human factors and organizational perspectives.

Detailing guidelines for quantifying and measuring vulnerabilities, the book also explains how to avoid these vulnerabilities through secure coding. It covers organizational-related vulnerabilities, including access authorization, user authentication, and human factors in information security. Providing readers with the understanding required to build a secure enterprise, block intrusions, and handle delicate legal and ethical issues, the text:

  • Examines the risks inherent in information system components, namely hardware, software, and people
  • Explains why asset identification should be the cornerstone of any information security strategy
  • Identifies the traits a CIO must have to address cybersecurity challenges
  • Describes how to ensure business continuity in the event of adverse incidents, including acts of nature
  • Considers intrusion detection and prevention systems (IDPS), focusing on configurations, capabilities, selection, management, and deployment

Explaining how to secure a computer against malware and cyber attacks, the text’s wide-ranging coverage includes security analyzers, firewalls, antivirus software, file shredding, file encryption, and anti-loggers. It reviews international and U.S. federal laws and legal initiatives aimed at providing a legal infrastructure for what transpires over the Internet. The book concludes by examining the role of the U.S. Department of Homeland Security in our country’s cyber preparedness.

Exercises with solutions, updated references, electronic presentations, evaluation criteria for projects, guidelines to project preparations, and teaching suggestions are available upon qualified course adoption.

Reviews

…a timely read, and even more so, a trusted resource … covers a great deal of ground very well and its tutorial and comprehensive checklist style pulls even the risk discussions together in an understandable and educational manner that reinforces awareness to the critical attributes found within this manmade domain. … each individual chapter deals with an important and realistic aspect of cybersecurity together with the vulnerabilities and risks. Together, the chapters provide a first-rate overview of this exceedingly complex topic, a perspective that has equally horizontal as well as vertical implications, and will keep the reader cognizant of the interrelationships among the disparate disciplines making up cyberspace.

—Riley Repko, CEO, Trusted Cyber Solutions LLC & Senior Research Fellow, Virginia Tech University

Contents

Vulnerabilities in Information Systems

Introduction

Measuring Vulnerability

Avoiding Vulnerabilities through Secure Coding

Mistakes Can Be Good

Threats Classification

Threat Modeling Process

Security Starts at Home

Security in Applications

International Awareness

Exercises

Vulnerabilities in the Organization

Introduction

Common Organizational Vulnerabilities

Access Authorization and Authentication

Human Factors

Security Services

External Technologies

Wireless Networks

Bluetooth

Passive Vulnerabilities

Active Vulnerabilities

Precautions

Wireless Fidelity

Wi-Fi Precautions at Home

Wi-Fi Precautions at the Hotspot

Wi-Fi Precautions at the Enterprise

Worldwide Interoperability Microwave Access

WiMAX Features

Cloud Computing

Exercises

Risks in Information Systems Infrastructure

Introduction

Risks in Hardware

Risks in Software

Risks in People

Risks in Laptops

Risks in Cyberspace

Risk Insurance in Cyberspace

Exercises

Secure Information Systems

Introduction

Assets Identification

Assets Communication

Assets Storage

Resource Access Control Facility

Securing the Email Communications

Email Server Side

Email Client Side

Information Security Management

Exercises

Cybersecurity and the CIO

Introduction

CIO: Personality

Trust and Ethics

Communication and Intelligence

Leadership and Entrepreneurship

Courage and Limitations

CIO: Education

University Degrees

Certifications

CIO: Experience

Experience

CIO: Responsibilities

Data Backup and Archiving

Culture of Security

Cyber Training

Contingency Plans

Liability

CIO: Information Security

Internal Information Security Components

Access Control—Electronic

Access Control—Physical

Cyber Policies

Cyber Awareness and Training

Training

Business Continuity

CIO: The Changing Role

Exercises

Building a Secure Organization

Introduction

Business Continuity Planning

Business Impact Analysis (BIA)

Business Recovery Strategy (BRS)

Drafting of the BCP

Testing of the BCP

Training in the BCP Implementation

BCP Performance Indicators

System Access Control

System Development and Maintenance

Physical and Environmental Security

Compliance

Personnel Security

Security Organization

Computer and Network Management

Asset Classification and Control

Security Policy

Exercises

Cyberspace Intrusions

Introduction

IDPS Configuration

Sensors

Processor

Consoles

Network

IDPS Capabilities

Information Acquisition

Information Loggings

Detection Techniques

Prevention Actions

IDPS Management

Implementation

Step One: Features

Step Two: Architecture

Step Three: Installation

Step Four: Testing

Step Five: Activation

Operation

Maintenance

IDPS Classification

Host-Based IDPS

Network-Based IDPS

Network Behavior Analysis System

Wireless IDPS

IDPS Comparison

Exercises

Cyberspace Defense

Introduction

File Protection Applications

File Backup

Disaster Recovery

History Deletion

Shredding and Wiping

File Undelete

File Encryption

Loggers

Anti-Loggers

PC Performance Applications

Registry Repair

Anti-Rootkits

Antivirus

Junk Files

Fragmentation

Protection Tools

Security Analyzer

Password Analyzer

Firewalls

Packet-Level Filtering

Circuit-Level Filtering

Application-Level Gateway

Email Protection

Exercises

Cyberspace and the Law

Introduction

International Laws

Europe

United Nations

North Atlantic Treaty Organization

INTERPOL

Impediments to Cyber Law Enforcement

Cyber-Related Laws in the United States

The Commercial Privacy Bill of Rights Act of 2011

The Cybersecurity Act of 2010

The Federal Information Security Management Act of 2002

The USA PATRIOT Act of 2001

The Communications Assistance for Law Enforcement Act of 1994

Computer Security Act of 1987

The Privacy Act of 1974

Cybercrime

Trends in Cyber Abuse

Combating Cybercrime

Exercises

Cyber Warfare and Homeland Security

Introduction

Cyber Warfare

Cyber Weapons Convention

Cyber Terrorism

Cyber Espionage

Homeland Security

National Cyber Security Division

Cybersecurity Preparedness

Challenges

Distributed Defense

Countermeasures

The Cyber Defense Ecosystem

Cybersecurity Training

Cyber Simulation and Exercises

Exercises

References

Index

Author Bio

Dr. George K. Kostopoulos is a faculty member at the University of Maryland University College, where he serves and teaches as a faculty mentor in the master’s degree programs in cybersecurity and information assurance. Dr. Kostopoulos has an extensive international academic career, having taught in seventeen universities around the world, including Boston University, Texas A&M International University, Florida Atlantic University, the University of Heidelberg (Germany), and the American University of Sharjah (UAE). He is the author of numerous scholarly papers and two other books, Digital Engineering and Greece and the European Economic Community.Dr. Kostopoulos received his master’s and PhD degrees in electrical and computer engineering from the Arizona State University, and a master’s in economics from California State Polytechnic University. He is the founder and editor-in-chief of the Journal of Cybersecurity and Information Assurance and a reviewer of numerous scientific conferences.

Name: Cyberspace and Cybersecurity (Hardback)Auerbach Publications 
Description: By George Kostopoulos. Based on related courses and research on the cyber environment in Europe, the United States, and Asia, Cyberspace and Cybersecurity supplies complete coverage of cyberspace and cybersecurity. It not only emphasizes technologies but also pays close...
Categories: IT Security, Internet & Multimedia, Management of IT