{"product_id":"cyber-security-policy-guidebook-isbn-9781118027806","title":"Cyber Security Policy Guidebook","description":"\u003cp\u003eDrawing upon a wealth of experience from academia, industry, and government service, \u003ci\u003eCyber Security Policy Guidebook\u003c\/i\u003e details and dissects, in simple language, current organizational cyber security policy issues on a global scale—taking great care to educate readers on the history and current approaches to the security of cyberspace. It includes thorough descriptions—as well as the pros and cons—of a plethora of issues, and documents policy alternatives for the sake of clarity with respect to policy alone. The Guidebook also delves into organizational implementation issues, and equips readers with descriptions of the positive and negative impact of specific policy choices.\u003c\/p\u003e \u003cp\u003eInside are detailed chapters that:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eExplain what is meant by cyber security and cyber security policy\u003c\/li\u003e \u003cli\u003eDiscuss the process by which cyber security policy goals are set\u003c\/li\u003e \u003cli\u003eEducate the reader on decision-making processes related to cyber security\u003c\/li\u003e \u003cli\u003eDescribe a new framework and taxonomy for explaining cyber security policy issues\u003c\/li\u003e \u003cli\u003eShow how the U.S. government is dealing with cyber security policy issues\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eWith a glossary that puts cyber security language in layman's terms—and diagrams that help explain complex topics—\u003ci\u003eCyber Security Policy Guidebook\u003c\/i\u003e gives students, scholars, and technical decision-makers the necessary knowledge to make informed decisions on cyber security policy.\u003c\/p\u003e \u003cp\u003eForeword ix\u003c\/p\u003e \u003cp\u003ePreface xi\u003c\/p\u003e \u003cp\u003eAcknowledgments xv\u003c\/p\u003e \u003cp\u003e\u003cb\u003e1 Introduction 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e1.1 What Is Cyber Security? 1\u003c\/p\u003e \u003cp\u003e1.2 What Is Cyber Security Policy? 3\u003c\/p\u003e \u003cp\u003e1.3 Domains of Cyber Security Policy 7\u003c\/p\u003e \u003cp\u003e1.3.1 Laws and Regulations 7\u003c\/p\u003e \u003cp\u003e1.3.2 Enterprise Policy 9\u003c\/p\u003e \u003cp\u003e1.3.3 Technology Operations 10\u003c\/p\u003e \u003cp\u003e1.3.4 Technology Configuration 10\u003c\/p\u003e \u003cp\u003e1.4 Strategy versus Policy 11\u003c\/p\u003e \u003cp\u003e\u003cb\u003e2 Cyber Security Evolution 15\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e2.1 Productivity 15\u003c\/p\u003e \u003cp\u003e2.2 Internet 21\u003c\/p\u003e \u003cp\u003e2.3 e-Commerce 28\u003c\/p\u003e \u003cp\u003e2.4 Countermeasures 34\u003c\/p\u003e \u003cp\u003e2.5 Challenges 37\u003c\/p\u003e \u003cp\u003e\u003cb\u003e3 Cyber Security Objectives 39\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e3.1 Cyber Security Metrics 40\u003c\/p\u003e \u003cp\u003e3.2 Security Management Goals 45\u003c\/p\u003e \u003cp\u003e3.3 Counting Vulnerabilities 49\u003c\/p\u003e \u003cp\u003e3.4 Security Frameworks 51\u003c\/p\u003e \u003cp\u003e3.4.1 e-Commerce Systems 52\u003c\/p\u003e \u003cp\u003e3.4.2 Industrial Control Systems 57\u003c\/p\u003e \u003cp\u003e3.4.3 Personal Mobile Devices 62\u003c\/p\u003e \u003cp\u003e3.5 Security Policy Objectives 67\u003c\/p\u003e \u003cp\u003e\u003cb\u003e4 Guidance for Decision Makers 69\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e4.1 Tone at the Top 69\u003c\/p\u003e \u003cp\u003e4.2 Policy as a Project 71\u003c\/p\u003e \u003cp\u003e4.3 Cyber Security Management 73\u003c\/p\u003e \u003cp\u003e4.3.1 Arriving at Goals 74\u003c\/p\u003e \u003cp\u003e4.3.2 Cyber Security Documentation 77\u003c\/p\u003e \u003cp\u003e4.4 Using the Catalog 79\u003c\/p\u003e \u003cp\u003e\u003cb\u003e5 The Catalog Approach 83\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e5.1 Catalog Format 87\u003c\/p\u003e \u003cp\u003e5.2 Cyber Security Policy Taxonomy 89\u003c\/p\u003e \u003cp\u003e\u003cb\u003e6 Cyber Security Policy Catalog 93\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e6.1 Cyber Governance Issues 94\u003c\/p\u003e \u003cp\u003e6.1.1 Net Neutrality 95\u003c\/p\u003e \u003cp\u003e6.1.2 Internet Names and Numbers 96\u003c\/p\u003e \u003cp\u003e6.1.3 Copyrights and Trademarks 103\u003c\/p\u003e \u003cp\u003e6.1.4 Email and Messaging 107\u003c\/p\u003e \u003cp\u003e6.2 Cyber User Issues 112\u003c\/p\u003e \u003cp\u003e6.2.1 Malvertising 116\u003c\/p\u003e \u003cp\u003e6.2.2 Impersonation 117\u003c\/p\u003e \u003cp\u003e6.2.3 Appropriate Use 121\u003c\/p\u003e \u003cp\u003e6.2.4 Cyber Crime 125\u003c\/p\u003e \u003cp\u003e6.2.5 Geolocation 136\u003c\/p\u003e \u003cp\u003e6.2.6 Privacy 138\u003c\/p\u003e \u003cp\u003e6.3 Cyber Conflict Issues 140\u003c\/p\u003e \u003cp\u003e6.3.1 Intellectual Property Theft 144\u003c\/p\u003e \u003cp\u003e6.3.2 Cyber Espionage 145\u003c\/p\u003e \u003cp\u003e6.3.3 Cyber Sabotage 150\u003c\/p\u003e \u003cp\u003e6.3.4 Cyber Warfare 150\u003c\/p\u003e \u003cp\u003e6.4 Cyber Management Issues 155\u003c\/p\u003e \u003cp\u003e6.4.1 Fiduciary Responsibility 162\u003c\/p\u003e \u003cp\u003e6.4.2 Risk Management 163\u003c\/p\u003e \u003cp\u003e6.4.3 Professional Certification 171\u003c\/p\u003e \u003cp\u003e6.4.4 Supply Chain 172\u003c\/p\u003e \u003cp\u003e6.4.5 Security Principles 175\u003c\/p\u003e \u003cp\u003e6.4.6 Research and Development 185\u003c\/p\u003e \u003cp\u003e6.5 Cyber Infrastructure Issues 186\u003c\/p\u003e \u003cp\u003e6.5.1 Banking and Finance 190\u003c\/p\u003e \u003cp\u003e6.5.2 Health Care 194\u003c\/p\u003e \u003cp\u003e6.5.3 Industrial Control Systems 197\u003c\/p\u003e \u003cp\u003e\u003cb\u003e7 One Government’s Approach to Cyber Security Policy 211\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e7.1 U.S. Federal Cyber Security Strategy 211\u003c\/p\u003e \u003cp\u003e7.2 A Brief History of Cyber Security Public Policy Development in the U.S. Federal Government 212\u003c\/p\u003e \u003cp\u003e7.2.1 The Bombing of New York’s World Trade Center on February 26, 1993 212\u003c\/p\u003e \u003cp\u003e7.2.2 Cyber Attacks against the United States Air Force, March–May 1994: Targeting the Pentagon 213\u003c\/p\u003e \u003cp\u003e7.2.3 The Citibank Caper, June–October, 1994: How to Catch a Hacker 214\u003c\/p\u003e \u003cp\u003e7.2.4 Murrah Federal Building, Oklahoma City—April 19, 1995: Major Terrorism Events and Their U.S. Outcomes 215\u003c\/p\u003e \u003cp\u003e7.2.5 President’s Commission on Critical Infrastructure Protection— 1996 216\u003c\/p\u003e \u003cp\u003e7.2.6 Presidential Decision Directive 63—1998 218\u003c\/p\u003e \u003cp\u003e7.2.7 National Infrastructure Protection Center (NIPC) and ISACs— 1998 219\u003c\/p\u003e \u003cp\u003e7.2.8 Eligible Receiver— 1997 219\u003c\/p\u003e \u003cp\u003e7.2.9 Solar Sunrise— 1998 220\u003c\/p\u003e \u003cp\u003e7.2.10 Joint Task Force—Computer Network Defense (JTF-CND)— 1998 221\u003c\/p\u003e \u003cp\u003e7.2.11 Terrorist Attacks against the United States—September 11, 2001 Effects of Catastrophic Events on Transportation System Management and Operations 222\u003c\/p\u003e \u003cp\u003e7.2.12 U.S. Government Response to the September 11, 2001 Terrorist Attacks 224\u003c\/p\u003e \u003cp\u003e7.2.13 Homeland Security Presidential Directives 226\u003c\/p\u003e \u003cp\u003e7.2.14 National Strategies 227\u003c\/p\u003e \u003cp\u003e7.3 The Rise of Cyber Crime 230\u003c\/p\u003e \u003cp\u003e7.4 Espionage and Nation-State Actions 232\u003c\/p\u003e \u003cp\u003e7.5 Policy Response to Growing Espionage Threats: U.S. Cyber Command 233\u003c\/p\u003e \u003cp\u003e7.6 Congressional Action 235\u003c\/p\u003e \u003cp\u003e7.7 Summary 236\u003c\/p\u003e \u003cp\u003e\u003cb\u003e8 Conclusion 239\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGlossary 243\u003c\/p\u003e \u003cp\u003eReferences 255\u003c\/p\u003e \u003cp\u003eIndex 267\u003c\/p\u003e  \u003cp\u003e“This very readable and organized guidebook equips readers with a consistent methodology for turning their answers to those questions into cyber security policy.”  (\u003ci\u003eComputing Reviews\u003c\/i\u003e, 24 April 2013)\u003c\/p\u003e \u003cp\u003e\u003cb\u003eDr. Jennifer L. Bayuk\u003c\/b\u003e is an independent cyber security consultant and industry professor at Stevens Institute of Technology in Hoboken, New Jersey.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eJason Healey\u003c\/b\u003e runs the Cyber Statecraft Initiative at the Atlantic Council in Washington, DC.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eDr. Paul Rohmeyer\u003c\/b\u003e directs the Technology Information Management program at Stevens Institute of Technology in Hoboken, New Jersey.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eMarcus H. Sachs\u003c\/b\u003e is the Vice President for National Security Policy at Verizon Communications.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eJeffrey Schmidt\u003c\/b\u003e is a cyber security technology entrepreneur.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eJoseph Weiss\u003c\/b\u003e is an industrial control system cyber security author and consultant.\u003c\/p\u003e  \u003cp\u003eDrawing upon a wealth of experience from academia, industry, and government service, \u003ci\u003eCyber Security Policy Guidebook\u003c\/i\u003e details and dissects, in simple language, current organizational cyber security policy issues on a global scale—taking great care to educate readers on the history and current approaches to the security of cyberspace. It includes thorough descriptions—as well as the pros and cons—of a plethora of issues, and documents policy alternatives for the sake of clarity with respect to policy alone. The Guidebook also delves into organizational implementation issues, and equips readers with descriptions of the positive and negative impact of specific policy choices.\u003c\/p\u003e \u003cp\u003eInside are detailed chapters that:\u003c\/p\u003e \u003cul\u003e \u003cli\u003e \u003cp\u003eExplain what is meant by cyber security and cyber security policy\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eDiscuss the process by which cyber security policy goals are set\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eEducate the reader on decision-making processes related to cyber security\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eDescribe a new framework and taxonomy for explaining cyber security policy issues\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eShow how the U.S. government is dealing with cyber security policy issues\u003c\/p\u003e \u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eWith a glossary that puts cyber security language in layman's terms—and diagrams that help explain complex topics—\u003ci\u003eCyber Security Policy Guidebook\u003c\/i\u003e gives students, scholars, and technical decision-makers the necessary knowledge to make informed decisions on cyber security policy.\u003c\/p\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47989018493157,"sku":"NP9781118027806","price":110.95,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781118027806.jpg?v=1761782457","url":"https:\/\/k12savings.com\/products\/cyber-security-policy-guidebook-isbn-9781118027806","provider":"K12savings","version":"1.0","type":"link"}