300 ◾ References
Forno, Richard, and Ronald Baklarz. 1999. e art of information warfare: Insight into the knowledge warrior
philosophy. Parkland, FL: Universal.
Freedman, David, and Charles C. Mann. 1998. At large: e strange case of the world’s biggest Internet invasion.
New York: Simon & Schuster.
Maybury, Mark, Dick Brackney, Sara Matzner, Brad Wood, Tom Longstaff , Lance Spitzner, John Copeland,
and Scott Lewandowski. 2005. Analysis and detection of malicious insiders (White paper). 2005
International Conference on Intelligence Analysis.
Mitnick, Kevin. 2003. e art of deception. New York: Wiley.
Noohan, omas, and Edmond Archuleta. 2008, April. e insider threat to critical infrastructure. National
Infrastructure Advisory Council. http://www.dhs.gov/xlibrary/assets/niac/niac_insider_threat_to_
critical_infrastructures_study.pdf (accessed December 20, 2009).
Raymond, Eric S. 1996. e new hacker’s dictionary. Cambridge, MA: MIT Press.
Stoll, Gliff ord. 2000. e cuckoo’s egg: Tracking a spy through the maze of computer espionage. New York: Pocket
Books.
U.S. Army War College. 2010. U.S. Army fi eld manual (FM3-12-12). Chapter 3: Intelligence, surveil-
lance, and reconnaissance operations. http://www.globalsecurity.org/military/library/policy/army/
fm/3-21-21/chap3.htm (accessed January 20, 2010).
Verizon Business Risk Team. 2008. 2008 data breach investigations report. http://www.verizonbusiness.com/
resources/security/databreachreport.pdf (accessed December 15, 2009)
Verizon Business Risk Team. 2009. 2009 data breach investigations report. http://www.verizon.com/resources/
security/reports/2009_databreach-rp.pdf (accessed December 15, 2009).
Winkler, Ira. 1999. Corporate espionage: What it is, why it's happening in your company, what you must do about
it. Roseville, CA: Prima Lifestyles Publishing.
Chapter 13
Beaver, Kevin. 2005, February 23. Outsourcing IT services: Is it worth the security risk? SearchSecurity.com.
http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci1061490_mem1,00.html?ShortReg=1&
mboxConv=searchSecurity_RegActivate_Submit (accessed December 12, 2009).
Kark, Khalid. 2007, October 2. Misconceptions about information security outsourcing. Forrester. http://
searchsecurity.techtarget.com/tip/0,289483,sid14_gci1274374_mem1,00.html (accessed December
12, 2009).
Marlin, Steven. 2006, July 3. e basics: Outsourcing managed security. Information Week. http://www.
informationweek.com/news/global-cio/showArticle.jhtml?articleID=189800154 (accessed December
12, 2009).
McCarttney, Laton. July 24, 2009. What CIOs need to know about outsourcing IT security. CIO Zone.
http://www.ciozone.com/index.php/Security/What-CIOs-Need-to-Know-About-Outsourcing-IT-
Security.html (accessed December 12, 2009).
Messmer, Ellen. 2008, March 20. Outsourcing security tasks brings controversy. Network World. http://www.
networkworld.com/news/2008/032008-outsourcing-security.html. (accessed December 12, 2009).
Moscaritolo, Angela. September 29, 2009. Majority think outsourcing threatens network security.
SC Magazine. http://www.scmagazineus.com/majority-think-outsourcing-threatens-network-security/
article/150955 (accessed December 12, 2009).
SANS Internet Storm Centers. 2009, September. Top cyber security risks. http://www.sans.org/top-cyber-
security-risks (accessed December 12, 2009).
Schneier, Bruce. 2002. e case for outsourcing security. IEEE Computer Magazine Supplement. http://www.
schneier.com/essay-084.html (accessed December 12, 2009).
Swoyer, Stephen. October 13, 2009. Outsourcing’s impact on network security debated. Microsoft Certifi ed
Professional Magazine. http://mcpmag.com/articles/2009/10/13/outsourcing-impact-on-network-security.
aspx (accessed December 12, 2009).
TAF-K11348-10-0301-C015.indd 300TAF-K11348-10-0301-C015.indd 300 8/18/10 3:13:31 PM8/18/10 3:13:31 PM