Profile for Ben Rothke > Reviews

Browse

Ben Rothke's Profile

Customer Reviews: 411
Top Reviewer Ranking: 2,603
Helpful Votes: 3455




Community Features
Review Discussion Boards
Top Reviewers

Guidelines: Learn more about the ins and outs of Your Profile.

Reviews Written by
Ben Rothke "Information security professional" RSS Feed (USA)
(REAL NAME)   

Show:  
Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11-20
pixel
Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware
Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware
by Aditya K. Sood
Edition: Paperback
Price: $27.64
23 used & new from $23.20

1 of 1 people found the following review helpful
4.0 out of 5 stars Good intro to the topic, September 21, 2014
Targeted cyber attacks are for the most part the same as an APT (advanced persistent threat). It was last year's report on APT1 from Mandiant that brought this important information security topic to the forefront.

In Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware, authors Aditya Sood and Richard Enbody write that there are a few different definitions of what a targeted cyber attack is. They use the standard definition that it's a class of dedicated attacks that aim at a specific user, company or organization, with the intent to gain access to critical data in a stealthy manner. They also note that APT's are simply variants of targeted cyber attacks.

At 158 pages, the book provides a good introduction to the topic with significant amounts of background information. It provides a mid- to high-level overview of the topic.

For those looking for a good introduction to the topic, which can then lead them to a more comprehensive reference, Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware is a good place to start.

Note that Amazon has this being mislabeled as being in published in April 2010, when it was published in April 2014.


Maimonides: Life and Thought
Maimonides: Life and Thought
by Moshe Halbertal
Edition: Hardcover
Price: $30.98
59 used & new from $26.07

1 of 2 people found the following review helpful
5.0 out of 5 stars Much more than a biography, the definitive text to understand who Maimonides was., September 14, 2014
For those that want the basic biographical facts about the life of Moses Maimonides need go no further than Wikipedia. For that, they would get ‘Maimonides: Life’.

What Professor Moshe Halbertal offers in ‘Maimonides: Life and Thought ‘, a much more than a biographical overview, he gets in the very heart of who Maimonides was, by looking at the books and monographs he authored.

Halbertal explains how a work like the Mishneh Torah, Maimonides’ magnum opus was never written before his time, and how a similar work has not been written since. It’s only a Maimonidean scholar of the first rank like Halbertal who can so deftly explain why this work was a literary act unprecedented in the history of Jewish law. It is the Mishneh Torah and the other classic works that make Maimonides not simply a great figure, but a monumental one.

Halbertal does a superb job of describing the struggles Maimonides faced, both religiously and politically.

Chapter 1 is the obligatory overview of the life of Maimonides, while in the remaining 7 chapters, Halbertal explains why each of Maimonides works was necessary, the greatness behind it, and how each of them are still completely relevant.

The Guide for the Perplexed was the most esoteric of all of the writings of Maimonides. Halbertal does a fantastic job of describing the enormity of this work, and the various readings that can be ascribed to it.

Hagiographies of great figures are a dime a dozen. Yet this is a rare work of scholarship that is everything but a hagiography or basic memoir. In ‘Maimonides: Life and Thought‘, Moshe Halbertal has done an extraordinary job of providing the reader with an understanding and appreciation of who Maimonides was.


Architecting the Cloud: Design Decisions for Cloud Computing Service Models (SaaS, PaaS, and IaaS)
Architecting the Cloud: Design Decisions for Cloud Computing Service Models (SaaS, PaaS, and IaaS)
by Michael Kavis
Edition: Hardcover
Price: $36.82
54 used & new from $31.73

3 of 3 people found the following review helpful
5.0 out of 5 stars Extremely honest and enlightening book on how to effectively use the cloud, September 8, 2014
Most books about cloud computing are either extremely high-level quasi-marketing tomes (sometimes written by cloud vendors) about the myriad benefits of the cloud without any understanding of how to practically implement the technology under discussion. The other type of cloud books are highly technical references guides, that provide technical details, but for a limited audience.

In Architecting the Cloud: Design Decisions for Cloud Computing Service Models, author Michael Kavis has written perhaps the most honest book about the cloud available to date. Make no doubt about it; Kavis is a huge fan of the cloud. But more importantly, he knows what the limits of the cloud are, and how cloud computing is not a panacea. That type of candor makes this book an invaluable guide to anyone looking to understand how to effective deploy cloud technologies.

The book is an excellent balance of the almost boundless potential of cloud computing, mixed with a high amount of caution that the potential of the cloud can only be manifest with effective requirements and formal security architecture.

One of the mistakes of using the cloud is that far too many decision makers rush in, without understanding the significant differences (and they are significant) between the 3 main cloud service models.

In chapter 1, he provides a number of enthusiastic cloud success stories to set the stage. He shows how a firm was able to build a solution entirely on the public cloud with a limited budget. He also showcases Netflix, whose infrastructure is built on Amazon Web Services (AWS).

Chapter 3 is titled cloud computing worst practices and the book would be worth purchasing for this chapter alone. The author has a number of cloud horror stories and shows the reader how they can avoid failure when moving to the cloud. While many cloud success stories showcase applications developed specifically for the cloud, the chapter details the significant challenges of migrating existing and legacy applications to the cloud. Such migrations are not easy endeavors, which he makes very clear.

In the chapter, Kavis details one of the biggest misguided perceptions of cloud computing, in that it will greatly reduce the cost of doing business. That is true for some cloud initiatives, but definitely not all, as some cloud marketing people may have you believe.

Perhaps the most important message of the chapter is that not every problem is one that needs to be solved by cloud computing. He cites a few examples where not going with a cloud solution was actually cheaper in the long run.

The book does a very good job of delineating the differences between the various types of cloud architectures and service models. He notes that one reason for leveraging IaaS over PaaS, is that when a PaaS provider has an outage, the customer can only wait for the provider to fix the issue and get the services back online. With IaaS, the customer can architect for failure and build redundant services across multiple physical or virtual data centers.

For many CIO’s, the security fears of the cloud means that they will immediately write-off any consideration of cloud computing. In chapter 9, the author notes that almost any security regulation or standard can be met in the cloud. As none of the regulations and standard dictate where the data must specifically reside.

The book notes that for security to work in the cloud, firm’s needs to apply 3 key strategies for managing security in cloud-based applications, namely centralization, standardization and automation.

In chapter 10, the book deals with creating a centralized logging strategy. Given that logging is a critical component of any cloud-based application; logging is one of the areas that many firms don’t adequate address in their move to the cloud. The book provides a number of approaches to use to create an effective logging strategy.

The only significant issue I have with the book is that while the author is a big fan of Representational state transfer (REST), many firms have struggled to obtain the benefits he describes. RESTful is an abstraction of the architecture of the web; namely an architectural style consisting of a coordinated set of architectural constraints applied to components, connectors and data elements, within a distributed hypermedia system. REST ignores the details of component implementation and protocol syntax in order to focus on the roles of components, the constraints upon their interaction with other components, and their interpretation of significant data elements.

I think the author places too much reliance on RESTful web services and doesn’t detail the challenges in making it work properly. RESTful is not always the right choice even though it is all the rage in some cloud design circle.
While the book is part of the Wiley CIO Series, cloud architects, software and security engineers, technical managers and anyone with an interest in the cloud will find this an extremely valuable resource.

Ironically, for those that are looking for ammunition why the cloud is a terrible idea, they will find plenty of evidence for it in the book. But the reasons are predominantly that those that have failed in the cloud, didn’t know why they were there in the first place, or were clueless on how to use the cloud.

For those that want to do the cloud right, the book provides a vendor neutral approach and gives the reader an extremely strong foundation on which to build their cloud architecture.

The book lists the key challenges that you will face in the migration to the cloud, and details how most of those challenges can be overcome. The author is sincere when he notes areas where the cloud won’t work.

For those that want an effective roadmap to get to the cloud, and one that provides essential information on the topic, Architecting the Cloud: Design Decisions for Cloud Computing Service Models is a book that will certainly meet their needs.


The CERT® C Coding Standard, Second Edition: 98 Rules for Developing Safe, Reliable, and Secure Systems (2nd Edition) (SEI Series in Software Engineering)
The CERT® C Coding Standard, Second Edition: 98 Rules for Developing Safe, Reliable, and Secure Systems (2nd Edition) (SEI Series in Software Engineering)
by Robert C. Seacord
Edition: Paperback
Price: $49.83
39 used & new from $43.48

3 of 3 people found the following review helpful
5.0 out of 5 stars Don’t code in C without this invaluable reference, September 1, 2014
For those interested in secure coding, Robert Seacord of CERT is one of the main sources on the topic. Some of the notable books he has authored are:

• Secure Coding in C and C++
• Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs
• Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices
• The CERT Oracle Secure Coding Standard for Java

Seacord’s latest is the CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems.

The book covers the entire core areas that every C programmer needs to know, including areas such as:
• characters and strings
• expressions
• integers
• floating point
• arrays
• memory management
• input/output
• declarations and initialization
• error handling
• concurrency

The rules in the book can be used in parallel to ensure code is C11 (ISO/IEC 9899:2011) compliant.

Each of the rules in the book has the same format: title, description, noncompliant code examples and compliant solutions.

Programmers that implement these coding standards will find short-term gains in that the coding mistakes that leads to critical application errors such as buffer overflows are now mitigated.

This book is meant as a desktop reference for those coding in C. If you have programmers coding in C, you want to ensure that this book is on their desktop,

The goal of the book and its rules is meant to develop safe, reliable, and secure systems. Anyone who wants to do that should read definitely be reading CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems.


Social Engineering in IT Security: Tools, Tactics, and Techniques
Social Engineering in IT Security: Tools, Tactics, and Techniques
by Sharon Conheady
Edition: Paperback
Price: $28.52
37 used & new from $17.90

3 of 3 people found the following review helpful
5.0 out of 5 stars Effective guide on which to build a social engineering testing program, August 21, 2014
When I first got a copy of Social Engineering in IT Security Tools, Tactics, and Techniques by Sharon Conheady, my first thought was that it likely could not have much that Christopher Hadnagy didn't already detail in the definitive text on the topic: Social Engineering: The Art of Human Hacking. Obviously Hadnagy thought differently, as he wrote the foreward to the book; which he found to be a valuable resource.

While there is overlap between the two books; Hadnagy takes a somewhat more aggressive tool-based approach, while Conheady's book takes a somewhat more passive, purely social approach to the topic. There are many more software tools in Hadnagy; while Conheady doesn't reference software tools until nearly half-way through the book.

This book provides an extensive introduction to the topic and details how social engineering has evolved through the centuries. Conheady writes how the overall tactics and goals have stayed the same; while the tools and techniques have been modified to suit the times.

Coming in at about 250 pages, the book finds a good balance between high-level details and actionable tactical things to execute on. Without getting bogged down in filler.

Since the social engineering tools and techniques only get better, the advantage Conheady's book has it that it details a lot that has changed in the 4 years since Hadnagy's book came out.

Conheady writes about mumble attacks, which are telephone-based social engineering attacks that are targeted at call center agents. The social engineer will pose as a speech-impaired customer or as a person calling on behalf of the speech-impaired customer. The goal of this method is to make the victims; in this case call center agents feel awkward or embarrassed and release the desired information. Given the pressure in which most call center agents are under; this is a simple yet highly effective attack.

Like Hadnagy, this also has a detailed social engineering test methodology. Conheady details a methodology with 5 stages: planning and target identification, research and reconnaissance, scenario creation, attack execution and exit, and reporting. She notes that one does not have to be a slave to the methodology, and it can be modified depending on the project.

Social engineering can often operate on the limit of what is legal and ethical. The author goes to great lengths to write what the ethical and legal obligations are for the tester.
The book is filled with lots of practical advice as Conheady is seasoned and experienced in the topic. From advice to dealing with bathrooms as a holding location, gaining laptop connectivity and more; she writes of the many small details that can make the difference between a successful social engineering test and a failed one.

The book also details many areas where the job of the social engineer is made easy based on poor security practices at the location. Chapter 7 details how many locations have access codes on doors often don't do much to keep social engineers out. Many doors have 4-character codes, and she writes that she has seen keypads where the combination numbers have been so worn down that you can spot them straightaway.

As noted earlier, the book focuses more on the human techniques of social engineering than on software tools. She does not ignore that tools and in chapter 9 provides a list of some of the more popular tools to use, including Maltego, Cree.py and others. She also has lists of other tools to use such as recording devices, bugging devices, phone tools and more.

With all those, she still notes that the cell phone is the single most useful item you can bring with you on a social engineering test. She writes that some of the many uses a cell phone has is to discourage challengers, fake a call to look busy, use the camera and more.

While most of the book is about how to execute a social engineering test, chapter 10 details how you can defend against social engineering. She notes that it is notoriously difficult to defend against social engineering because it targets the weakest link in the security chain: the end-user. She astutely notes that a firm can't simply roll out a patch and immunize its staff against the latest social engineering attack. Even though there are vendors who make it seem like you can.

The chapter also lists a number of indicators that a firm may be experiencing a social engineering attack.

Hadnagy's Social Engineering: The Art of Human Hacking is still the gold-standard on the topic. But Social Engineering in IT Security Tools, Tactics, and Techniques certainly will give it a run for the money.

Hadnagy's approach to social engineering is quite broad and aggressive. Conheady takes more of a kinder, gentler approach to the topic.

For those that are looking for an effective guide on which to build their social engineering testing program on, this certainly provides all of the core areas and nearly everything they need to know about the fundamentals of the topic.


Carry On: Sound Advice from Schneier on Security
Carry On: Sound Advice from Schneier on Security
by Bruce Schneier
Edition: Hardcover
Price: $22.04
65 used & new from $3.97

4 of 4 people found the following review helpful
5.0 out of 5 stars Schneier writes the playbook that Washington should have been following all along, August 11, 2014
Bruce Schenier has been called an information security rock star. If that’s the case, then Carry On: Sound Advice from Schneier on Security is his greatest hits collection 2008-2013.

The roughly 175 essays in the book represent a collection of articles Schneier wrote for this Crypto-Gram newsletter, his blog and other blogs, magazines, newspapers and other periodicals.

Some of the articles, such as the 2008 piece Chinese Cyberattacks: Myth of Menace are clearly dated. A number of the other articles are somewhat redundant in that they were written on the same topic for different audiences.

But the vast majority of the essays reveal Schneier’s insight and pragmatic approach, which makes this a most important book to read. You may not agree with Schenier on every point, but every point of his is well researched and defended. Personally, I think his approach to CCTV’s and public cameras as a method for crime reduction needs to be reviewed against current data on the topic.

Many of the essays show his deep frustration with Washington and the politics of security; which has resulted in creating a security theatre dealing with movie-plot threats. Billions of dollars have been spent in this area, with almost nothing to show for it.

Another premise of the book is that most people don’t understand how to deal with risk and end up worrying about things that pose very little risk to them; of which a large number of essays are dedicated to this topic. Schenier notes the fears people have of school shootings, child abduction, mass food poisonings and the like, all of which are extremely rare. They worry about these while being oblivious do automobile deaths, DUI deaths and similar, which pose real and daily risks.

When it comes to post-9/11 security, Schneier feels most of the time, money and effort has gone to waste, protecting against imaginary threats. He notes that two things have made airplane travel safe post 9/11, namely: reinforcing the cockpit door, and convincing passengers that they need to fight back. But having tens of thousands of clueless and incompetent TSA agents seizing water bottles and patting down wheelchair-bound grannies have done absolutely nothing to increase air safety.

The book is both fascinating and frustrating. Fascinating in that the book will open your eyes to how to deal with risk and security, and ultimately how to carry on. But frustrating in that those in Washington who have been trusted to do this, have rarely done it right.

In Carry On: Sound Advice from Schneier on Security, Schneier writes the playbook that Washington should have been following all along.


Introduction to Cyber-Warfare: A Multidisciplinary Approach
Introduction to Cyber-Warfare: A Multidisciplinary Approach
by Paulo Shakarian
Edition: Paperback
Price: $44.04
46 used & new from $37.04

1 of 1 people found the following review helpful
5.0 out of 5 stars Provides a great introduction to cyberwarfare, August 4, 2014
Cyberwarfare is a most controversial topic. At the 2014 MISTI Infosec World Conference, noted security curmudgeon Marcus Ranum gave a talk on Cyberwar: Putting Civilian Infrastructure on the Front Lines, Again. Be it the topic or Marcus being Marcus, a third of the participants left within the first 15 minutes. They should have stayed, as Ranum, agree with him or not, provided some riveting insights on the topic.

While a somewhat broad term, in Wikipedia, cyberwarfare (often called information warfare) is defined as politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare.

The authors define cyber war as an extension of policy by actions taken in cyber space by state or nonstate actors that either constitute a serious threat to a nation’s security or are conducted in response to a perceived threat against a nation’s security.

As to a book on the topic, for most readers, cyberwarfare is something that they may be victims of, but will rarely be an actively part of.

In Introduction to Cyber-Warfare: A Multidisciplinary Approach, authors Paulo Shakarian, Jana Shakarian and Andrew Ruef provide an excellent overview of the topic. The book takes a holistic, or as they call it multidisciplinary, approach to the topic. It looks at the information security aspect of cyberwarfare, as well the military, sociological and other aspects of the topic.

The book is divided into 3 parts and 13 densely packed and extremely well-researched and footnoted chapters, namely:
Part I: Cyber Attack
Chapter 2: Political Cyber Attack Comes of Age in 2007
Chapter 3: How Cyber Attacks Augmented Russian Military Operations
Chapter 4: When Who Tells the Best Story Wins: Cyber and Information Operations in the Middle East
Chapter 5: Limiting Free Speech on the Internet: Cyber Attack Against Internal Dissidents in Iran and Russia
Chapter 6: Cyber Attacks by Nonstate Hacking Groups: The Case of Anonymous and Its Affiliates

Part II: Cyber Espionage and Exploitation
Chapter 7: Enter the Dragon: Why Cyber Espionage Against Militaries, Dissidents, and Nondefense Corporations Is a Key
Component of Chinese Cyber Strategy
Chapter 8: Duqu, Flame, Gauss, the Next Generation of Cyber Exploitation
Chapter 9: Losing Trust in Your Friends: Social Network Exploitation
Chapter 10: How Iraqi Insurgents Watched U.S. Predator Video—Information Theft on the Tactical Battlefield

Part III: Cyber Operations for Infrastructure Attack
Chapter 11: Cyber Warfare Against Industry
Chapter 12: Can Cyber Warfare Leave a Nation in the Dark? Cyber Attacks Against Electrical Infrastructure
Chapter 13: Attacking Iranian Nuclear Facilities: Stuxnet

The book provides numerous case studies of the largest cyberwarfare events to date. Issues around China and their use of cyberwarfare constitute a part of the book. Chapter 7 details the Chinese cyber strategy and shows how the Chinese cyber doctrine and mindset is radically different from that of those in the west.

The book compares the board games of chess (a Western game) and Go (a Chinese game) and how the outcomes and strategies of the games are manifest in each doctrine.

The chapter also shows how the Chinese government outlawed hacking, while at the same time the military identified the best and most talented hackers in China, and integrated them into Chinese security firms, consulting organizations, academia and the military.

One of the more fascinating case studies details the cyber war against the corporate world from China. The book provides a number of examples and details the methodologies they used, in addition to providing evidence of how the Chinese were involved.

For an adversary, one of the means of getting information is via social networks. This is often used in parallel by those launching some sort of cyberwarfare attack. LinkedIn is one of the favorite tools for such an effort. The authors write of the dangers of transitive trust; where user A trusts user B, and user B trusts user C. Via a transitive trust, user A will then trust user C based simply on the fact that user B does. This was most manifest in the Robin Sage exercise.

This was where Thomas Ryan created a fictitious information security professional names Robin Sage. He used her fake identity and profile to make friends with others in the information security world, both commercial, federal and military and he was able to fool even seasoned security professionals. Joan Goodchild wrote a good overview of the experiment here.

In chapter 10, the book details how Iraqi insurgents viewed Predator drones video feeds. Woody Allen said that eighty percent of success is just showing up. In this case, all the insurgents had to do was download the feed, as it was being transmitted unencrypted. Very little cyberwarfare required.

When the drone was being designed, the designers used security by obscurity in their decision not to encrypt the video feed. They felt that since the Predator video feeds were being transmitted on frequencies that were not publically known, no access control, encryption or other security mechanisms would be needed.

The downside is that once the precise frequency was determined by the insurgency, in the case of the Predator drone, the Ku-band, the use of the SkyGrabber satellite internet downloader made it possible for them to effortless view the video feeds.

The only negative about the book is a minor one. It has over 100 pictures and illustrations. Each one states: for the color version of this figure, the reader is referred to the online version of the book. Having that after every picture is a bit annoying. Also, the book never says where you can find the online version of the book.

How good is this book? In his review of it, Krypt3ia said it best when he wrote: I would love to start a kickstarter and get this book into the hands of each and every moron in Congress and the House. The reality is that this book should indeed be read by everyone in Washington, as they are making decisions on the topic, without truly understanding it.

For most readers, this will be the book that tells them everyone they need to know that their congressman should know. Most people will never be involved with any sort of warfare, and most corporate information security professional will not get involved with cyberwarfare. Nonetheless, Introduction to Cyber-Warfare: A Multidisciplinary Approach is a fascinating read about a most important topic.


Security Awareness: Applying Practical Security in Your World
Security Awareness: Applying Practical Security in Your World
by Mark D. Ciampa
Edition: Paperback
Price: $78.34
65 used & new from $50.00

1 of 1 people found the following review helpful
4.0 out of 5 stars Good resource to add to any information security awareness program, July 22, 2014
Security awareness is a vital part of information security. Just how important is it? In September, the 10-day SANS Security Awareness Summit 2014 will cover every aspect of the topic.

For those that want to get an appreciation for the topic but can’t make it to Dallas for the Summit, Security Awareness: Applying Practical Security in Your World is a good resource for the reader that wants both an understanding of the theoretical awareness issues, and how to practically address them.

Author Mark Ciampa is a computer science professor Western Kentucky University with an expansive background on the topic.

The book has an awareness focus for Windows users. The reader is expected to be somewhat technical, and relatively comfortable with using Windows tools.

For those looking for a mid-level reference on the topic, a book that’s not too basic, and also not so broad, Security Awareness: Applying Practical Security in Your World is a good resource to add to any information security awareness program.


Data-Driven Security: Analysis, Visualization and Dashboards
Data-Driven Security: Analysis, Visualization and Dashboards
by Bob Rudis
Edition: Paperback
Price: $40.71
36 used & new from $26.76

2 of 2 people found the following review helpful
5.0 out of 5 stars Superb book for effective use of data to drive information security, July 7, 2014
There is a not so fine line between data dashboards and other information displays that provide pretty but otherwise useless and unactionable information; and those that provide effective answers to key questions. Data-Driven Security: Analysis, Visualization and Dashboards is all about the later.

In this extremely valuable book, authors and noted experts Jay Jacobs and Bob Rudis bring their decades of experience to the reader and show you how to find security patterns in your data logs and extract enough information from it to create effective information security countermeasures. By using data correctly and truly understanding what that data means, the authors show how you can achieve much greater levels of security.

The book is meant for a serious reader who is willing to put in the time and effort to learn the programming necessary (mainly in Python and R) to truly understand what information exists deep in the recesses of their logs. As to R, it is a GNU project and a free software programming language and software environment for statistical computing and graphics. The R language is widely used among statisticians and data miners for developing statistical software and data analysis. For analysis the level of which Jacobs and Rudis prescribe, R is a godsend.

The following are the 12 densely packed chapters in the book:

1 : The Journey to Data-Driven Security
2 : Building Your Analytics Toolbox: A Primer on Using R and Python for Security Analysis
3 : Learning the "Hello World" of Security Data Analysis
4 : Performing Exploratory Security Data Analysis
5 : From Maps to Regression
6 : Visualizing Security Data
7 : Learning from Security Breaches
8 : Breaking Up with Your Relational Database
9 : Demystifying Machine Learning
10 : Designing Effective Security Dashboards
11 : Building Interactive Security Visualizations
12 : Moving Toward Data-Driven Security

After completing the book, the reader will have the ability to know which questions to ask to gain security insights, and use that data to ensure the overall security of their data and networks. Getting to that level is not a trivial at all a trivial task; even if there are vendors who can promise to do that.

For many people performing data analysis, the dependable Excel spreadsheet is their basic choice for data manipulation. The book calls the spreadsheet a gateway tool between a text editor and programming. The book notes that spreadsheets work as long as the data is not too large or complex. The book quotes a 2013 report to shareholders from J.P. Morgan in which parts of their 2012 $6 billion in losses was due in part to problems with their Excel spreadsheets.

The authors suggest using Excel as a temporary solution for quick one-shot tasks. For those that have repeating analytical tasks or models that are used repeatedly, it's best to move to some type of structured programming language, specifically those that the book suggest and for provides significant amounts of code examples.

The goal of all data extraction is to use data analysis to answer real questions. A large part of the book focuses on how to ask the right question. In chapter 1, the authors write that every good data analysis project begins with setting a goal and creating one or more research questions. Without a well-formed question guiding the analysis, you may wasting time and energy seeking convenient answers in the data, or worse, you may end up answering a question that nobody was asking in the first place.

The value of the book is that it shows the reader how to focus on context and purpose of the data analysis by setting the research question appropriately; rather than simply parsing large amounts of data. It's ultimately irrelevant if you can use Hadoop to process petabytes of data if you don't know what you are looking for.

Visualization is a large part of what this book is about, and in chapter 6 - Visualizing Security Data, the book notes that the most efficient path to human understanding is via the visual sense. It goes on to details the many advantages data visualization has, and the key to making it work.

As important as visualization is, describing the data is equally important. In chapter 7, the book introduces the VERIS (Vocabulary for Event Recording and Incident Sharing) framework. VERIS is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS helps organizations collect useful incident-related information and to share that information, anonymously and responsibly with others.

The book shows how you can use dashboards for effective data visualization. But the authors warn that a dashboard is not an art show. They caution that given the graphical nature of dashboards, it's easy to fall into the trap of making them look like pieces of modern or fringe art; when they are far more akin to architectural and industrial diagrams that require more controlled, deliberate and constrained design.

The book uses the definition of dashboard according to Stephen Few, in that it's a "visual display of the most important information needed to achieve one or more objectives that has been consolidated in a single computer screen so it can be monitored at a glance". The book enables the reader to create dashboards like that.

Data-Driven Security: Analysis, Visualization and Dashboards is a superb book written by two experts who provide significant amounts of valuable information in every chapter. For those that are willing to put the time and effort into the serious amount of work that the book requires, they will find it a vital resource that will certainly help them achieve much higher levels of security.


Cyber Crime, Security and Digital Intelligence
Cyber Crime, Security and Digital Intelligence
by Mark Johnson
Edition: Hardcover
Price: $113.95
31 used & new from $63.97

1 of 1 people found the following review helpful
4.0 out of 5 stars Very good information security resource, June 30, 2014
Cyber Crime, Security and Digital Intelligence by Mark Johnson is a high-level introductory text to information security.

The books 12 chapters cover the following topics:

1. Threats to key sectors
2. Cyber security fundamentals
3. Cyber-attack fundamentals
4. Organized cyber attacks
5. Cloud risks
6. Web 2.0 risks
7. Cyber security threat actors
8. Common vulnerabilities
9. Cyber security control frameworks
10. Cyber security
11. Digital intelligence
12. The future of cyber security

The book focuses on how cybercrime has developed and is continuously evolving.

For those that want a good and thorough technical introduction to the topic, in a book that won't make you feel like a dummy, Cyber Crime, Security and Digital Intelligence is a good resource.


Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11-20