Information Security Science: Measuring the Vulnerability to Data Compromises
Young, Carl
Information Security Science: Measuring the Vulnerability to Data Compromises provides the scientific background and analytic techniques to understand and measure the risk associated with information security threats. This is not a traditional IT security book since it includes methods of information compromise that are not typically addressed in textbooks or journals. In particular, it explores the physical nature of information security risk, and in so doing exposes subtle, yet revealing, connections between information security, physical security, information technology, and information theory. This book is also a practical risk management guide, as it explains the fundamental scientific principles that are directly relevant to information security, specifies a structured methodology to evaluate a host of threats and attack vectors, identifies unique metrics that point to root causes of technology risk, and enables estimates of the effectiveness of risk mitigation. This book is the definitive reference for scientists and engineers with no background in security, and is ideal for security analysts and practitioners who lack scientific training. Importantly, it provides security professionals with the tools to prioritize information security controls and thereby develop cost-effective risk management strategies. Specifies the analytic and scientific methods necessary to estimate the vulnerability to information loss for a spectrum of threats and attack vectors Represents a unique treatment of the nexus between physical and information security that includes risk analyses of IT device emanations, visible information, audible information, physical information assets, and virtualized IT environmentsIdentifies metrics that point to the root cause of information technology risk and thereby assist security professionals in developing risk management strategiesAnalyzes numerous threat scenarios and specifies countermeasures based on derived quantitative metricsProvides chapter introductions and end-of-chapter summaries to enhance the reader's experience and facilitate an appreciation for key concepts INDICE: Part I: Threats, Risk and Risk Assessments Chapter 1: Information Security Threats and Risk Chapter 2: Modeling Information Security Risk Part II: Background and Basic Science Chapter 3: Physics and Information Security Chapter 4: Interference and Noise Chapter 5: Maxwell's Equations and Information Security Part III: The Compromise of Signals Chapter 6: Electromagnetic Signals and Information Security Chapter 7: The Compromise of Electromagnetic Signals Chapter 8: Reducing the Vulnerability to Electromagnetic Signal Compromise Chapter 9: Visible Information Security Chapter 10: Audible Information Security Part IV: Information Technology Risk Measurements and Metrics Chapter 11: Information Technology Risk Factors Chapter 12: Information Technology Risk Measurements Chapter 13: Information Technology Risk Metrics Part V: The Physical Security of Information Assets Chapter 14: Physical Security Controls and Countermeasures Chapter 15: Concentration of Information Security Risk: Data Centers Epilogue
- ISBN: 978-0-12-809643-7
- Editorial: Syngress
- Encuadernacion: Rústica
- Páginas: 408
- Fecha Publicación: 17/05/2016
- Nº Volúmenes: 1
- Idioma: Inglés