300 ◾ References
Forno, Richard, and Ronald Baklarz. 1999. e art of information warfare: Insight into the knowledge warrior
philosophy. Parkland, FL: Universal.
Freedman, David, and Charles C. Mann. 1998. At large: e strange case of the world’s biggest Internet invasion.
New York: Simon & Schuster.
Maybury, Mark, Dick Brackney, Sara Matzner, Brad Wood, Tom Longstaff , Lance Spitzner, John Copeland,
and Scott Lewandowski. 2005. Analysis and detection of malicious insiders (White paper). 2005
International Conference on Intelligence Analysis.
Mitnick, Kevin. 2003. e art of deception. New York: Wiley.
Noohan, omas, and Edmond Archuleta. 2008, April. e insider threat to critical infrastructure. National
Infrastructure Advisory Council. http://www.dhs.gov/xlibrary/assets/niac/niac_insider_threat_to_
critical_infrastructures_study.pdf (accessed December 20, 2009).
Raymond, Eric S. 1996. e new hacker’s dictionary. Cambridge, MA: MIT Press.
Stoll, Gliff ord. 2000. e cuckoo’s egg: Tracking a spy through the maze of computer espionage. New York: Pocket
Books.
U.S. Army War College. 2010. U.S. Army fi eld manual (FM3-12-12). Chapter 3: Intelligence, surveil-
lance, and reconnaissance operations. http://www.globalsecurity.org/military/library/policy/army/
fm/3-21-21/chap3.htm (accessed January 20, 2010).
Verizon Business Risk Team. 2008. 2008 data breach investigations report. http://www.verizonbusiness.com/
resources/security/databreachreport.pdf (accessed December 15, 2009)
Verizon Business Risk Team. 2009. 2009 data breach investigations report. http://www.verizon.com/resources/
security/reports/2009_databreach-rp.pdf (accessed December 15, 2009).
Winkler, Ira. 1999. Corporate espionage: What it is, why it's happening in your company, what you must do about
it. Roseville, CA: Prima Lifestyles Publishing.
Chapter 13
Beaver, Kevin. 2005, February 23. Outsourcing IT services: Is it worth the security risk? SearchSecurity.com.
http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci1061490_mem1,00.html?ShortReg=1&
mboxConv=searchSecurity_RegActivate_Submit (accessed December 12, 2009).
Kark, Khalid. 2007, October 2. Misconceptions about information security outsourcing. Forrester. http://
searchsecurity.techtarget.com/tip/0,289483,sid14_gci1274374_mem1,00.html (accessed December
12, 2009).
Marlin, Steven. 2006, July 3. e basics: Outsourcing managed security. Information Week. http://www.
informationweek.com/news/global-cio/showArticle.jhtml?articleID=189800154 (accessed December
12, 2009).
McCarttney, Laton. July 24, 2009. What CIOs need to know about outsourcing IT security. CIO Zone.
http://www.ciozone.com/index.php/Security/What-CIOs-Need-to-Know-About-Outsourcing-IT-
Security.html (accessed December 12, 2009).
Messmer, Ellen. 2008, March 20. Outsourcing security tasks brings controversy. Network World. http://www.
networkworld.com/news/2008/032008-outsourcing-security.html. (accessed December 12, 2009).
Moscaritolo, Angela. September 29, 2009. Majority think outsourcing threatens network security.
SC Magazine. http://www.scmagazineus.com/majority-think-outsourcing-threatens-network-security/
article/150955 (accessed December 12, 2009).
SANS Internet Storm Centers. 2009, September. Top cyber security risks. http://www.sans.org/top-cyber-
security-risks (accessed December 12, 2009).
Schneier, Bruce. 2002. e case for outsourcing security. IEEE Computer Magazine Supplement. http://www.
schneier.com/essay-084.html (accessed December 12, 2009).
Swoyer, Stephen. October 13, 2009. Outsourcing’s impact on network security debated. Microsoft Certifi ed
Professional Magazine. http://mcpmag.com/articles/2009/10/13/outsourcing-impact-on-network-security.
aspx (accessed December 12, 2009).
TAF-K11348-10-0301-C015.indd 300TAF-K11348-10-0301-C015.indd 300 8/18/10 3:13:31 PM8/18/10 3:13:31 PM
References ◾ 301
Chapter 14
Balanced Scorecard Designer. 2000–2010. Employees training and development balanced scorecard (KPI)
metrics template for Excel. http://www.strategy2act.com/solutions/training_metrics_scorecard_excel.
htm.
Buckley, Rob. 2008. Employee education key to successful enterprise security. SC Magazine for IT Security
Professionals. http://www.securecomputing.net.au/Feature/102774,employee-education-key-to-successful-
enterprise-security.aspx (accessed January 13, 2010).
Chameleon Associates. 2009. Predictive profi ling training: Profi ling behaviors and situations is the foun-
dation for every security procedure. http://www.chameleonassociates.com/predictiveprofi ling.php.
(accessed January 14, 2010).
Habber, Lynn. 2009. Security training 101: How to create an eff ective end-user security awareness program.
Network World: Security. http://www.networkworld.com/news/2009/042709-user-security-training.
html (accessed January 14, 2010).
Higgens, Stacey Mieyal. 2005. Staff training crucial to successful security program. Hotel and Motel
Management. HotelMotel.com. http://www2.onity.com/images/media_elements/na_10.pdf (accessed
January 13, 2010).
Nielson, Bryant. 2008. Training mojo: How to align training metrics with company metrics. Bryant Nielson’s
Blog on Training. http://www.bryantnielson.com/training-info/training-mojo-align-training-metrics-
company-metrics (accessed January 13, 2010).
Radcliff , Deborah. 2004. Security simulations: is is only a test. CSO: Data Protection. http://www.csoonline.
com/article/219719/Security_Simulations_ is_Is_Only_A_Test (accessed January 13, 2010).
Rose, Joni. 2008. Staff training on computer security: Creating awareness of malware risks and infection pre-
vention. Suite101®.com. http://designing-training-tools.suite101.com/article.cfm/staff _training_on_
computer_security (accessed February 7, 2010).
Safe at Work Coalition. Success stories and educational materials: Liz Claiborne Inc. http://www.safeatwork-
coalition.org/successstories/lizclaiborne.htm (accessed January 13, 2010).
ompson, Barry. 2009. Successful training techniques. BankersOnline.com: Compliance Gurus. http://www.
bankersonline.com/compliance/thompson_training.html (accessed February 7, 2010).
TAF-K11348-10-0301-C015.indd 301TAF-K11348-10-0301-C015.indd 301 8/18/10 3:13:31 PM8/18/10 3:13:31 PM
TAF-K11348-10-0301-C015.indd 302TAF-K11348-10-0301-C015.indd 302 8/18/10 3:13:31 PM8/18/10 3:13:31 PM
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.