Fighting Computer Crime: A New Framework for Protecting Information (Paperback)

by Donn B. Parker (Author) "I hate having to worry about security..." (more)
Key Phrases: information security unit, information security coordinators, security technologists, United States, New York, Bob Courtney (more...)

Editorial Reviews

Product Description
Who are the cybercriminals and what can we do to stop them? From the #1 cybercrime expert, a revolutionary new approach to . Fighting Computer Crime A top computer crime expert explains why current computer security methods fall dangerously short of the mark and what we can do to fix them. Based on his 30 years as a cybercrime fighter, during which he interviewed more than 200 perpetrators and their victims, Donn B. Parker provides valuable technical insight about the means cybercriminals employ, as well as penetrating psychological insights into their criminal behavior and motivations. Using many riveting real-life crime stories to illustrate his points, he reveals:
* Who your greatest security threats really are (be prepared for some surprises!)
* Why employees undergoing divorce can be your organization's greatest computer security risk
* How to overcome cyberterrorists who will employ any high-tech or low-tech means necessary to crash your systems.
* Effective countermeasures for each threat covered in the book
* How to neutralize even the most powerful cybercrime scheme attempts
* Why and how the incorrect, incomplete, inarticulate security folk art must be revitalized

From the Publisher
Leading computer crime-prevention expert Donn Parker argues in this compelling and often alarming book that current approaches to preventing computer crime are dangerously simplistic and are not working. Focusing too much on protecting the privacy of information, these approaches fail to address other dangerous threats to businesses. Current security measures are only designed to protect against the loss of privacy. Parker presents a valuable new framework for understanding a greatly expanded list of criminal threats, describing proven countermeasures and discussing actual crime cases. Boldly critiquing many prominent business and government figures for failing to establish effective prevention tactics, this book pulls no punches in its drive to improve virtual security.

See all Editorial Reviews

Product Details

• Paperback: 528 pages
• Publisher: Wiley (September 10, 1998)
• Language: English
• ISBN-10: 0471163783
• ISBN-13: 978-0471163787
• Product Dimensions: 9 x 7.6 x 1.3 inches
• Shipping Weight: 2.1 pounds (View shipping rates and policies)
• Average Customer Review: 4.1 out of 5 stars See all reviews (11 customer reviews)
• Amazon.com Sales Rank: #670,071 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

11 of 12 people found the following review helpful:

5.0 out of 5 stars Mind-expanding book on information security, July 20, 1999

By	J. G. Heiser (Sunninghill, Berks) - See all my reviews (REAL NAME)

This book is probably too radical to be useful as study material for the CISSP, which tends to be mired in a traditional security practice concept that Parker characterizes as `alchemy.'

Obsoleting the common three elements of security, confidentiality, integrity, and availability, the fundamentals of his new framework of information security are availability, utility, integrity, authenticity, confidentiality, and possession.

He debunks a number of the tenets of computer security claiming early on that there are "no valid statistics on computer crime," stressing that information security "can never be a science," and warning that "starting with vulnerabilities is starting in the middle." He's quite harsh in his indictment of numeric and financial threat analysis, claiming that "adopting baseline controls is a simpler, less expensive, and more effective way to select security safeguards than risk assessment." Parker has a very business-oriented and pragmatic approach to security, and tries to suggest ways that security can help meet business goals instead of conflicting with them.

I purchased the book on a recommendation that I would find his comprehensive threats/assets/vulnerabilities model of security useful. Within the offenders sub-category, for instance, he breaks down the characteristics of a computer criminal by skills, knowledge, resource availability, authority, motivation, intent, and extremism. This represents a much more sophisticated analysis of information attackers than the typical hacker-criminal-spy spectrum that I usually describe. He's only lukewarm towards the value of technical penetration testing and characterizes social engineering demonstrations as misguided and harmful.

I hadn't realized it when purchasing Fighting Computer Crime, but my introduction to the concepts of computer security was through a copy of Parker's first book that I read in 1980. As a consultant at SRI, he's been fighting computer crime since the early 1960s. Although he is very oriented towards criminal justice, which may be a turn-off to some, his approach to security is holistic and multi-disciplinary. After hundreds of meetings with computer criminals, he's developed a detailed understanding of how they behave, what they do and how to protect information from them.

This is the most mind-expanding book on computer security that I've ever read. While I don't agree with Parker 100%, there isn't a lot that I could find fault with. I find his arguments very compelling and I strongly recommend this book for all computer security practitioners and those with responsibility for information systems.

7 of 8 people found the following review helpful:

5.0 out of 5 stars A qualified endorsement, April 24, 2000

By	D. Kall Loper (Dallas/Ft. Worth, TX) - See all my reviews (REAL NAME)

I have selected Parker's book as a primary text in a computer crime class. I do not agree with all of Parker's assertions, but I don't recall any being baseless. That is a rare quality in a computer security book. His approach to computer security is not simply rehashed from the previous texts in this area.

This book is not for everyone. It is an excellent point of departure for discussions of crime policy and security theory. It provides enought technical detail to make the concepts clear. It is not a security cookbook.

5 of 6 people found the following review helpful:

5.0 out of 5 stars A must read computer crime prevention guide by the master!!!, April 7, 1999

By A Customer

I have purchased and read dozens of computer security and computer crime related books over the past ten years. None of them even remotely compare to this one written by the master himself. I've seen and heard Donn Parker at a number of security conferences throughout the country.

Every time that I attend one of his speaking sessions, I learn something new and valuable for protecting my company. The back cover of the book refers to him as "the #1 cybercrime expert", and after hearing him for years, and now reading his book, I agree! This book will help save your company. Not only does it present a `real world' look at the problems, it provides possible solutions for every one of them.

Donn's writing style is excellent as well. While reading certain parts of the book, it felt like he was right there explaining things in a way that only he can. The book is jammed full of checklists, suggestions, war stories and warnings about things that most of us are doing wrong. It is truly "A New Framework for Protecting Information". I highly recommend it!