![]() The last chapter of this section divides vulnerabilities into four main categories: operational, physical, personnel and technical all of which need to be considered by security professionals. Chapter 4 describes threat actors, including countries today that are still being charged with hacking – like Russia and China. He explains the types of assets and their value in order to best determine the impact of a breach. Ira makes the point that it’s indifference to risks, threats and vulnerabilities by organizations and individuals that cause many breaches. While this provides a good background, it should be supplemented by more quantitative measures available today.Ĭhapters 3, 4 and 5 dive into who the spies are, the techniques they employ, and how they are causing a death by 1,000 cuts. This is another area of the book that shows its age. In 2005, security was still in its infancy, and professionals were starting with the qualitative risk analysis method Ira describes in his book. Ira expands on the types of spies, the intelligence process and forms of information, weaving in stories that bring the examples home.Ĭhapter 2 introduces an elementary risk equation and risk assessment process. Chapter 1 explains who, what, why and how that happens. Today’s cybersecurity professionals need to have experience as intelligence analysts. This isn’t to expand the criminal element, but to help the reader understand that performing the act isn’t very difficult – not getting caught is. In it, you learn their operational methods and literally how to be a spy. In the first section of Spies Among Us, Ira introduces the way spies think, their targets, who they are and how they get you. Even those experienced in cybersecurity need the reminder that “more than 99% of successful attacks are preventable.” These are fundamental concepts many have yet to learn. Time and time again, we see that the methods they use are surprisingly basic and that these incidents could have been prevented with even more basic countermeasures. He includes terrorists (although it’s not a book about terrorism), hackers, criminals and other malicious entities who perform acts to harm you. Ira uses the “spy” throughout the book as a loose term to describe anyone who wants to breach your company, computers, systems, or data. ![]() Even though this book was written in 2005, these are timeless concepts that are still true today. This structure helps the reader understand tools and techniques used by spies, how they exploit common vulnerabilities, and how to reduce their effectiveness. Ira splits the book into three parts: Espionage Concepts, Case Studies and Stopping the Spies. It’s a book for anyone wanting to learn the methods malicious actors use to hide in plain sight in order to disrupt your life. The subtitle, How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day, describes what this book is about. In his book by that name, Ira Winkler shares the techniques spies use to get to you, your company and your sensitive information, and how to defeat them. ![]() ReviewĪs our lives are more and more online, we need to be very aware of the Spies Among Us. However, this is a book cybersecurity professionals should read as a reminder of the timeless, simple security concepts and to hear Ira’s wonderful stories of the Spies Among Us. Some of the technologies are dated, like phone modems, and the book could use updating to include more modern technologies, such as cloud and IoT. These are steps every person and organization must take in our connected world. ![]() In the final section, Ira continues to build on implementing countermeasures to reduce the effects of spies among us. He explains how the vulnerabilities were exploited so the reader understands countermeasures and how to prevent, or at least detect, when it happens to you.Īs you read, or hear, Ira tell the stories, you may swear it is your own company being attacked. He describes, in detail, six cases of successful espionage. This is where he shines as one of the best in the cybersecurity industry. In the second section, Ira tells stories of his experiences. The first part introduces the way spies think, their targets, who they are and how they operate. Book review by Ron Woerner Executive SummaryĪs our lives are more and more online, we need to be very aware of the Spies Among Us.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |