Donn B. Parker
Autor/a de Fighting Computer Crime: A New Framework for Protecting Information
Obres de Donn B. Parker
Crime por Computador 1 exemplars
Etiquetat
Coneixement comú
- Gènere
- male
- Nacionalitat
- USA
- Organitzacions
- ACM (Fellow, 2008)
Membres
Ressenyes
Crime by computer de Donn B Parker
This is an almost funny list of computer crimes. One guy built the first ever wearable computer. He strapped it to his chest, used his toes to tap in cards played at the blackjack table, and read his results from little LED"s he built into his eyeglasses. Despite the high tech tool, he went on to lose an outrageous number of blackjack hands, one after the other. Instead of admitting that he might have made an error in his code, he viewed the unlikely string of losses as a "sign from God." A check printing operator hit the "repeat" button when his checked came up for printing. He only got caught because he tried to cash a bunch of them, all at once, at the same bank. How dumb is that?The book is worth reading, and you can borrow mine if I ever find it. Or you can now get a copy in good condition for under 5 dollars.… (més)
Obsoleting the common three elements of security, confidentiality, integrity, and availability, the fundamentals of his new framework of information security are availability, utility, integrity, authenticity, confidentiality, and possession.
He debunks a number of the tenets of computer security claiming early on that there are “no valid statistics on computer crime,” stressing that information security “can never be a science,” and warning that “starting with vulnerabilities is starting in the middle.” He’s quite harsh in his indictment of numeric and financial threat analysis, claiming that “adopting baseline controls is a simpler, less expensive, and more effective way to select security safeguards than risk assessment.” Parker has a very business-oriented and pragmatic approach to security, and tries to suggest ways that security can help meet business goals instead of conflicting with them.
This is a great book, and I highly recommend it. Readers should not be put off by its date, because it is not about technology, it is about people and making optimal decisions about managing IT and information security-related risks. Many of the counter-productive practices that Parker warns about, gained thru over 3 decades of his experience, continue to plague today's practitioner.… (més)
He debunks a number of the tenets of computer security claiming early on that there are “no valid statistics on computer crime,” stressing that information security “can never be a science,” and warning that “starting with vulnerabilities is starting in the middle.” He’s quite harsh in his indictment of numeric and financial threat analysis, claiming that “adopting baseline controls is a simpler, less expensive, and more effective way to select security safeguards than risk assessment.” Parker has a very business-oriented and pragmatic approach to security, and tries to suggest ways that security can help meet business goals instead of conflicting with them.
This is a great book, and I highly recommend it. Readers should not be put off by its date, because it is not about technology, it is about people and making optimal decisions about managing IT and information security-related risks. Many of the counter-productive practices that Parker warns about, gained thru over 3 decades of his experience, continue to plague today's practitioner.… (més)
Estadístiques
- Obres
- 7
- Membres
- 62
- Popularitat
- #271,094
- Valoració
- 3.1
- Ressenyes
- 2
- ISBN
- 7