Customer Reviews

Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks

5 star:		(7)
4 star:		(0)
3 star:		(0)
2 star:		(0)
1 star:		(0)

 

 

I really enjoyed reading this book. It provides a comprehensive framework for understanding insider threats and Risk management.

The author integrates a lot of components like Risk Assessment, Threat Modeling, Privacy assessment, Cyber security, Application security, Web services and Computer architecture as it relates to insider threat identification and prevention. If you deal with any of these components - you must read this book. You will learn so much - all in one place.

This book is logically arranged; the author does an excellent job building from one topic to another. It is an eye-opening and fascinating book as it presents the methods, safeguards, and techniques that help protect an organization from insider computer fraud.

I really liked Chapter 3 which covered Risk Assessment very well. It walks the reader with a step by step risk assessment methodology, which is very critical in any environment.

As a IT Security professional this book has become an invaluable resource for me.

Bottom line: Must read and well worth the price.

"Insider Computer Fraud" is a comprehensive overview that gives anyone, even computer novices, a solid framework of the topic. A topic of such breadth could overwhelm many individuals, but Brancik manages to divide the material into edible chunks that inform without drowning the reader in excess. If you scan the contents you can easily identify the area you want to focus on -- the well thought out design of the book is a real plus.
For professors looking for a textbook on this subject, "Insider Computer Fraud" is a good option. Each topic adds onto the prior chapter and gives a logic sequence to the material.
Interesting sub-topics such as the Novelty Neural Network and The Brain will capture the reader's attention. A good mix of theory and application makes this book a good choice for anyone interested in increasing their knowledge of a highly complex subject.

"Insider Computer Fraud" is a thorough and and extremely well done coverage of a complex topic which has important implications for people and the companies they work in. We often focus on external threats but as recent event show insider threat is as critical and can impact whole industries over night. Brancik's coverage of Novelty Neural Networks and their use to detecting insider fraud is an important contribution. Anyone in the financial services industry that has a role in protecting against computer fraud should read this book.

Ken Brancik has written a tour de force compendium about insider computer fraud. His years of practical experience shine through in this very practical book for anybody who needs to act in the defense of real systems. Brancik's own experience is combined with exhaustive references to case studies, legislation, and research.

The reader will enjoy a thorough presentation of the domain theory, combined with very detailed explanation of technical methods. For example, Brancik provides a rich taxonomy, which will be of huge value to any practitioner looking to divide and conquer such problems. Moreover, this taxonomy is only one of the elements in "an in-depth framework for detecting and defending against insider IT attacks". The book's content is true to the claim of its title.

Beyond what can be done and needs to be done as the first steps to thwart such attacks, Brancik also points the way to the future. Statistical models of anomaly, for example, have had a small place in computer security when compared to rule-based pattern detectors. Both approaches are needed, and this book describes neural networks -- associative memories in particular -- as a way toward more powerful hybrid systems of the future.

"Insider Computer Fraud" would make a great textbook for the student, an invaluable cookbook for the practitioner, and a provocative guide to the researcher. It is also a must-have reference for anybody in the field of computer fraud more generally.

Ken Brancik has managed to hit the mark that so many have missed. He provides a comprehensive framework for understanding and countering insider threats. This book is useful for a multidisciplinary audience, from attorneys to management to technical staff. By addressing web security, IT architecture, and application security, he creates the "big picture" of insider fraud and then steps the reader through a methodology to effectively counter these threats. A seasoned and well respected cyber security professional, Ken Brancik, has made a substantial contribution toward beating the bad guys with this excellent work.

Just started and finished (3 days in a row :)) this excellent book on insider fraud - it is one of my best buying decisions.

I was impressed with the framework and found the loan example very clear. Altough the issue of insider fraud is considered a high risk there are not many good academic resources to help so not only the book is enjoyable to read it is very usefull to technical and business people interested in the subject.

Very good work

Brancik covers computer fraud from every angle imaginable. It's precise, thorough and methodical. The index is detailed and specific in getting the exact information you need quickly. This book can be used as a reference for looking to tighten security and also as a textbook in the classroom. I specifically liked Chapter 6 that covered web services, which is the most widely missed security flaw in companies today.

Brancik put together a fraud taxonomy that also can be used by professionals to measure how secure they are. This goes beyond most classroom lectures because this is the kind of information you need in real life work scenarios. What I liked mostly about this book was that the chapters flow into one another and while it covered a wide range of topics it did not feel like I was reading just another computer textbook. The book covers security and audit like no other book on the market and I have read most of them being in the banking sector for a number of years. I recommend this book highly.