Cybersecurity Lexicon


Book Description

Learn the threats and vulnerabilities of critical infrastructure to cybersecurity attack. Definitions are provided for cybersecurity technical terminology and hacker jargon related to automated control systems common to buildings, utilities, and industry. Buildings today are automated because the systems are complicated and so we depend on the building controls system (BCS) to operate the equipment. We also depend on a computerized maintenance management system (CMMS) to keep a record of what was repaired and to schedule required maintenance. SCADA, BCS, and CMMS all can be hacked. The Cybersecurity Lexicon puts cyber jargon related to building controls all in one place. The book is a handy desk reference for professionals interested in preventing cyber-physical attacks against their facilities in the real world. Discussion of attacks on automated control systems is clouded by a lack of standard definitions and a general misunderstanding about how bad actors can actually employ cyber technology as a weapon in the real world. This book covers: Concepts related to cyber-physical attacks and building hacks are listed alphabetically with text easily searchable by key phrase Definitions are providesd for technical terms related to equipment controls common to industry, utilities, and buildings—much of the terminology also applies to cybersecurity in general What You’ll learn Get a simple explanation of cybersecurity attack concepts Quickly assess the threat of the most common types of cybersecurity attacks to your facilities in real time Find the definition of facilities, engineering, and cybersecurity acronyms Who This Book Is For Architects, engineers, building managers, students, researchers, and consultants interested in cybersecurity attacks against facilities in the real world. Also for IT professionals getting involved in cybersecurity responsibilities.




Cyber Lexicon


Book Description

Discover essential cybercrime terminology with "Cyber Lexicon: A Comprehensive Guide to Cybercrime Terminology" eBook. Gain insights into key terms like phishing, malware, and DDoS attacks. Perfect for anyone navigating the complexities of cybersecurity.




Glossary of Key Information Security Terms


Book Description

This glossary provides a central resource of definitions most commonly used in Nat. Institute of Standards and Technology (NIST) information security publications and in the Committee for National Security Systems (CNSS) information assurance publications. Each entry in the glossary points to one or more source NIST publications, and/or CNSSI-4009, and/or supplemental sources where appropriate. This is a print on demand edition of an important, hard-to-find publication.




Coming to Terms with Security


Book Description

This glossary provides clear and precise definitions of arms control terms and places them in a historical context. It introduces the reader to the primary themes and concepts in the field of arms control and explains relevant terminology. The publication looks at the major arms control and disarmament agreements related to conventional, biological, chemical and nuclear weapons. The information is presented in English and Spanish.




Dictionary of Information Security


Book Description

The Dictionary of Information Security is a compilation of security terms and definitions that working security professionals and IT students will find helpful.IT professionals and IT students will find this a handy reference to help them identify terms used in practice, in journals and articles, and on websites. The dictionary has complete coverage of security terms and includes cutting-edge technologies and newer terminology only now becoming accepted use amongst security practitioners. Certification candidates for security specializations like CISSP and Security+ will also find this a valuable resource.* Your one stop shop coverage of malware, wireless technologies, and phishing *An easy to use tol featuring the ability to cross references makeing navigation easy* Includes special coverage of military and government terms for the latest hot topics




Official (ISC)2 Guide to the CISSP CBK


Book Description

As a result of a rigorous, methodical process that (ISC) follows to routinely update its credential exams, it has announced that enhancements will be made to both the Certified Information Systems Security Professional (CISSP) credential, beginning April 15, 2015. (ISC) conducts this process on a regular basis to ensure that the examinations and




The NICE Cyber Security Framework


Book Description

This updated textbook is for courses in cyber security education that follow the National Initiative for Cybersecurity Education (NICE) framework which adopts the Competency- Based Education (CBE) method. The book creates content based on the Knowledge, Skills and Abilities (a.k.a. KSAs) described in the NICE framework. This book focuses on cyber analytics and intelligence areas. The book has 18 chapters: Introduction, Acquisition Management, Continuity Planning and Disaster Recovery, Cyber Defense Analysis and Support, Cyber Intelligence, Cyber Intelligence Analysis, Cyber Operational Planning, Cyber Policy and Strategy Management, Cyber Threat Analysis, Cybersecurity Management, Forensics Analysis, Identity Management, Incident Response, Collection Operations, Computer Network Defense, Data Analysis, Threat Analysis and last chapter, Vulnerability Assessment.




Securing Integrated Transportation Networks


Book Description

Securing Integrated Transportation Networks provides a comprehensive look at multimodal transportation security—its dynamics, evolving threats and technology advances that enhance operational security and related infrastructure protection and hardening, as well as the regulatory environment. As threats are evolving, so is the technology used in enhancing transportation security, operational procedures, and regulations. This book will address this dynamic evolution of transportation security. This book serves as a primary reference for information on of the range of activities and components involved in transportation security. It covers the myriad moving parts involved in the relationship between and among logistics, the supply chains and transportation entities, and the concepts, approaches and methods that are being employed to effect greater security. It looks at operations, infrastructure, equipment, laws and regulations, policies and procedures, and risk focused on transportation safety and security by mode and transportation in general. Cooperation and partnering with and among the industry, to include transportation providers and government agencies, is the way forward to ensure that security is maintained and keeps pace with the evolving threat and regulatory landscape. This book benefits students in homeland security, supply chain management and transportation planning and engineering by providing a practical resource written by industry practitioners with "boots-on-the-ground" security experience and analysis of real-world case studies. In addition, it provides a practitioner-focused reference book for those in the transportation and supply chain industries, to include its government, associated industries, and academic partners. - Introduces readers to the characteristics of the motive power, freight or passage haulage units, physical infrastructure required, the operating environment itself and the information technology applicable to both operating and managing customer-provider relationships—all of which to foster safe, secure, effective, and efficient operations - Includes discussion questions and case studies available for assignments and subsequent classroom discussion, whereby real-world scenarios serve to hone analytical abilities - Discusses the risks and vulnerabilities that various supply chains and associated transportation modes may pose to the ability of a firm to maintain ongoing operations, helping them to analyze trade-offs and mitigate threats




Cyber-Physical Attack Recovery Procedures


Book Description

This book provides a template with step-by-step instructions on how to respond and recover when hackers get into your SCADA system and cause building equipment to act erratically or fail completely. When hackers shut off the water, turn off the building power, disable the sewage effluent pumps and activate the fire alarm, you have to do something quick. It is even more alarming that hackers can do all those things at the same time—even from the other side of the planet. Not every equipment failure or power outage is a cyber-physical attack. When your building is attacked, you probably won’t suspect it was a hacker—until you see a pattern. The building control system (BCS) will act "squirrelly" and you will know—it really is a cyber-physical attack. Once a cyber-physical attack occurs, it can mean years of court cases, job losses, higher insurance rates, and maybe even criminal litigation. It also takes years to overcome the loss of safety credibility to your employees and the local community. Cyber-Physical Attack Recovery Procedures provides a detailed guide to taking the right steps ahead of time, and equipping your facility and employees with the training, knowledge, and tools they need and may save lives. The book contains: A one-of-a-kind action plan describing how hackers attack building equipment, the extent of damage possible, and how to respond when a cyber-physical attack occurs. Detailed descriptions of cyber-physical attacks directed against SCADA systems or building controls, as well as cyber booby traps Invaluable appendices, including: Emergency Procedures, Team Staffing and Tasking, Alternate Site Procedures, a Documentation List, Software and Hardware Inventories, Vendor Contact Lists, External Support Agreements, and much more. What you’ll learn Possible ways hackers can cause building equipment to fail. How to quickly assess the threat to his facilities in real time, how to stop a cyber-physical attack. How to restore equipment operation without doing any more damage. Who This Book Is For Architects, Engineers, Building Managers, Students, Researchers and Consultants interested in cybersecurity-attacks against facilities in the real world. Also for IT professionals getting involved in cybersecurity responsibilities.




Cyber Security: Law and Guidance


Book Description

Implementing appropriate security measures will be an advantage when protecting organisations from regulatory action and litigation in cyber security law: can you provide a defensive shield? Cyber Security: Law and Guidance provides an overview of legal developments in cyber security and data protection in the European Union and the United Kingdom, focusing on the key cyber security laws and related legal instruments, including those for data protection and payment services. Additional context is provided through insight into how the law is developed outside the regulatory frameworks, referencing the 'Consensus of Professional Opinion' on cyber security, case law and the role of professional and industry standards for security. With cyber security law destined to become heavily contentious, upholding a robust security framework will become an advantage and organisations will require expert assistance to operationalise matters. Practical in approach, this comprehensive text will be invaluable for legal practitioners and organisations. It covers both the law and its practical application, helping to ensure that advisers and organisations have effective policies and procedures in place to deal with cyber security. Topics include: - Threats and vulnerabilities - Privacy and security in the workplace and built environment - Importance of policy and guidance in digital communications - Industry specialists' in-depth reports - Social media and cyber security - International law and interaction between states - Data security and classification - Protecting organisations - Cyber security: cause and cure Cyber Security: Law and Guidance is on the indicative reading list of the University of Kent's Cyber Law module.