Book Reviews: Investigations
11/01/2007 - For the basics, one of the best chapters categorizes fraud into three primary types. One is duplicate-payment fraud, defined as the issuance of two or more identical checks to pay the same debt for a service. Second is multiple-payee fraud, which is similar, but the checks are not identical. The third type is shell fraud, the payment of alleged debts for fictitious projects or services. For each type, detailed analysis and case studies are provided.
Book Reviews: ID issues \ Identity Theft
11/01/2007 - Throughout the book, Smith plays the 9-11 card too much. If only the United States had had a massive database of financial transactions, surveillance images, and other personal data, Smith writes, the terrorists might have been stopped. He does admit, however, that technology such as databases and DNA can be used only to mitigate, not eliminate, threats to society.
Book Reviews: How-to
11/01/2007 - Author Ed Skoudis provides amazing insight into the types of tools attackers use to bring down computers and networks or to steal and manipulate information stored on those systems. As would be expected, worms and viruses receive considerable attention, but Skoudis also is adept at explaining backdoors, Trojan horses, malicious mobile code, rootkits, and numerous other tools and scenarios.
Book Reviews: Surveillance
11/01/2007 - The book has six parts, with writings ranging from the historical to the latest in current thought. A discussion of civil liberties during wartime leads off the book. Selections from the U.S. Constitution and a federal habeas corpus statute round out the first chapter and provide a legal context for the subject.
Book Reviews: Contingency Planning \ Disaster Management
11/01/2007 - Jim Kennedy’s chapter, “Business Continuity and Disaster Recovery,” deserves special mention because it is an excellent overview of the changes to traditional disaster planning brought about by the World Trade Center attacks. Less successful is a chapter entitled “Blending Corporate Governance with Corporate Security,” which discusses Sarbanes-Oxley. The author asserts that Section 404 of the act deals with “systems of control,” which he says are by their very nature computer information systems. Yet Section 404 does not specifically mention computer systems, and any security requirements beyond those necessary to ensure accurate financial accounting and reporting are beyond the scope of Sarbanes-Oxley. To flatly state that increased information security measures are required under this law is misleading.
Book Reviews: Access Control
10/29/2007 - Learn the skills and tools necessary to install and maintain effective intrusion alarm devices and systems.
Book Reviews: Terrorism
10/29/2007 - What makes Islamist terrorism tick?
Book Reviews: Financial Markets
10/29/2007 - Financial scandals follow a pattern, and learning how this pattern plays out is essential to preventing future business crime and financial meltdowns.
Book Reviews: Legal Issues
10/29/2007 - Author James F. Pastor weaves together security standards, best practices, and the law to help lawyers who litigate civil premises liability cases.
Book Reviews: Homeland Security
10/29/2007 - The term "instant classic" is an oxymoron, but it nevertheless may apply to Counterdeception Principles and Applications for National Security.
Book Reviews: Terrorism
10/29/2007 - Among the many books that purport to point the way forward for America in the wake of 9-11, this one stands out, chiefly for its clarity and sensibility. It is often difficult to deny the common sense of Brian Michael Jenkins' commentary.
Book Reviews: IT Security