| Description |
1 online resource (384 pages) |
| Contents |
Cover; Title Page; Copyright; Contents; About the Authors; Acknowledgments; Chapter 1 Counting the Costs of Cyber Attacks; 1.1 Anatomy of a Data Exfiltration Attack; 1.1.1 The Plan; 1.1.2 The Malware; 1.1.3 Finding a Way In; 1.1.4 Using Suppliers with Authorized Access; 1.1.5 Installing the Malware; 1.1.6 Harvesting the Data; 1.1.7 Selling the Stolen Data; 1.1.8 Buy Back and Discovery; 1.1.9 Disclosure; 1.1.10 Customer Management; 1.1.11 Target's Costs; 1.1.12 Strategic Impacts on Target Corporation; 1.1.13 And the Rescator Team?; 1.1.14 Fallout; 1.2 A Modern Scourge |
|
1.2.1 Types of Cyber Losses1.2.2 The Direct Payout Costs of a Cyber Attack; 1.2.3 Operational Disruption Causing Loss of Revenue; 1.2.4 Consequential Business Losses from a Cyber Attack; 1.2.5 Cyber Attack Economic Multipliers; 1.3 Cyber Catastrophes; 1.3.1 NotPetya and WannaCry Cyber Catastrophes; 1.3.2 Near-miss Cyber Catastrophes; 1.3.3 Is Cyber Threat Systemic?; 1.3.4 Potential Cyber Catastrophes; 1.3.5 Cyber Catastrophes Could Impact Infrastructure; 1.3.6 Could a Cyber Catastrophe Trigger a Financial Crisis?; 1.3.7 The 'Cyber Catastrophe' of Tech Aversion; 1.4 Societal Cyber Threats |
|
1.4.1 Cyber Threats to Democracy1.4.2 The Cyber Threat of Triggering War; 1.5 Cyber Risk; 1.5.1 Risk Terminology; 1.5.2 A Framework for Risk Assessment; 1.5.3 Risk Tolerance of Your Organization; 1.5.4 Risk of Cyber Catastrophes; 1.6 How Much Does Cyber Risk Cost Our Society?; 1.6.1 Collecting Information on Cyber Loss Incidents; 1.6.2 Incident Rate in Advanced Economies; 1.6.3 Costs of Cyber Attacks to the US Economy; 1.6.4 Cyber Risk Levels Across the World; 1.6.5 Global Costs of Cyber Attacks; 1.6.6 Trends of Future Cyber Risk; 1.6.7 Risk of Future Cyber Catastrophes |
|
1.6.8 Working Together to Solve Cyber RiskEndnotes; Chapter 2 Preparing for Cyber Attacks; 2.1 Cyber Loss Processes; 2.2 Data Exfiltration; 2.2.1 Protecting Your Data; 2.2.2 Regulation and Data; 2.2.3 Causes of Data Exfiltration Loss; 2.2.4 Costs of Data Exfiltration; 2.2.5 Other Costs and Consequences; 2.3 Contagious Malware Infection; 2.3.1 Melissa, 1999; 2.3.2 ILOVEYOU, 2000; 2.3.3 Generations of Malware; 2.3.4 WannaCry, 2017; 2.3.5 NotPetya, 2017; 2.3.6 Antivirus Software Industry; 2.3.7 Malware Payloads; 2.3.8 Risk of Malware Infection; 2.3.9 Ransomware |
|
2.3.10 Cyber Extortion Attacks on Larger Organizations2.3.11 The Business of Extortion; 2.3.12 Ransomware Attacks on the Rise; 2.4 Denial of Service Attacks; 2.4.1 The Threat of DDoS Attacks; 2.4.2 How to Protect Against a DDoS Attack; 2.4.3 Intensity of Attack; 2.4.4 Duration of DDoS Attacks; 2.4.5 Repeat Attacks on Targets; 2.4.6 Magnitude of DDoS Attack Activity; 2.4.7 Motivation of DDoS Attackers; 2.4.8 The Big Cannons; 2.4.9 Sectoral Preferences in DDoS Targeting; 2.4.10 IoT Being Used for DDoS Attacks; 2.5 Financial Theft; 2.5.1 Networks of Trust; 2.5.2 Credit Card Theft |
| Note |
2.5.3 Wholesale and Back-End Financial Systems |
| Summary |
The non-technical handbook for cyber security risk management Solving Cyber Risk distills a decade of research into a practical framework for cyber security. Blending statistical data and cost information with research into the culture, psychology, and business models of the hacker community, this book provides business executives, policy-makers, and individuals with a deeper understanding of existing future threats, and an action plan for safeguarding their organizations. Key Risk Indicators reveal vulnerabilities based on organization type, IT infrastructure and existing security measures, while expert discussion from leading cyber risk specialists details practical, real-world methods of risk reduction and mitigation. By the nature of the business, your organization's customer database is packed with highly sensitive information that is essentially hacker-bait, and even a minor flaw in security protocol could spell disaster. This book takes you deep into the cyber threat landscape to show you how to keep your data secure.-Understand who is carrying out cyber-attacks, and why -Identify your organization's risk of attack and vulnerability to damage -Learn the most cost-effective risk reduction measures -Adopt a new cyber risk assessment and quantification framework based on techniques used by the insurance industry By applying risk management principles to cyber security, non-technical leadership gains a greater understanding of the types of threat, level of threat, and level of investment needed to fortify the organization against attack. Just because you have not been hit does not mean your data is safe, and hackers rely on their targets' complacence to help maximize their haul. Solving Cyber Risk gives you a concrete action plan for implementing top-notch preventative measures before you're forced to implement damage control. |
| Bibliography |
Includes bibliographical references and index. |
| Subject |
Computer security.
|
|
Data protection.
|
|
Sécurité informatique. |
|
Protection de l'information (Informatique) |
|
Computer security |
|
Data protection |
| Added Author |
Leverett, Eireann.
|
|
Woo, Gordon.
|
| Other Form: |
Print version: Coburn, Andrew. Solving Cyber Risk : Protecting Your Company and Society. Newark : John Wiley & Sons, Incorporated, ©2018 9781119490937 |
| ISBN |
9781119490913 |
|
111949091X |
|
9781119490920 |
|
1119490928 |
|
(hbk.) |
|
More Resources