Price sheet

Digital Forensic Evidence Examination focuses on the scientific basis for analysis, interpretation, attribution, and reconstruction of digital forensic evidence in a legal context. Drill-Down


Enterprise Information Protection is about effective protection for large enterprises and how it can be attained and maintained over time. Drill-Down


Challenges to Digital Forensic Evidence is a monograph on how the seemingly perfect evidence from computers, networks, and other automated mechanisms goes wrong, and how it can be challenged successfully in a legal setting. Drill-Down


World War 3: We are losing it and most of us didn't even know we were fighting in it - Information Warfare Basics overviews a very wide spectrum of information warfare issues, presenting each one as a series of short subjects and covering the entire spectrum of conflict from many different perspectives. It is both entertaining and eye-opening and is a must read for the warfare, intelligence, or cyber security buff Drill-Down

Security Awareness

Information Security Awareness Basics codifies more than 40 1-page security awareness briefings that provide workers with specific situations and expected behaviors that are commonly used within enterprise environments. It is a basic awareness book that can also be customized for volume production to provide for enterprise-wide awareness programs. Drill-Down

Security Decisions

Security Decisions codifies 30 of the most important decisions made in enterprise security management and technical areas into simple 2-page articles that provide (1) the issues being addressed, (2) options for meeting the need, (3) the decision on which option to use in which circumstance, (4) the basis for the decision, and (5) a summary. It follows this up with summary charts to allow you to codify your enterprise situation today and your decisions, giving a clear road map to the goal state. Drill-Down

Frauds, Spies, and Lies

Frauds, Spies, and Lies and How to Defeat Them Takes a humorous and very timely approach to a serious subject. It describes hundreds of techniques used by fraudsters with examples from corporate frauds, personal frauds, Internet frauds, and intelligence operations along with specific examples from the author's personal experience. It then delves into how and why these frauds work and the mechanisms of frauds and intelligence operations. Next, it describes how counterintelligence operations work, how operations security is used to protect operations, and how everybody can protect themselves against frauds of all sorts. It includes humorous cartoons that give examples of fraud attempts and how to defeat them, many stories that have never before been told, and provides insight into people, their weaknesses, and how to overcome them. Drill-Down

Security Checklists: Governance

Security Checklists provides lists of items that can be used to verify that a program is being operated properly or to implement a set of procedures. The checklists are designed to provide clear linkage to the Governance Guidebook to help programs develop in a unified manner. Drill-Down

Governance Guidebook

The Chief Information Security Officer's Toolkit - Governance Guidebook provides a comprehensive high-level guide for the chief information security officer (CISO) or those who work for them. It is designed to provide clear and concise explanations of key issues in information protection with pictures that facilitate quick reference and explanation. For further details, see our drill-down. A more in-depth top-level description is provided in the security architecture portion of the Web site. Buy it!

Security Metrics

The CISO ToolKit - Security Metrics provides a collection of metrics designed to correspond to the enterprise security governance model provided in the Governance Guidebook to allow an enterprise to measure the overall enterprise information protection program. Metrics are formed from repeatable measurements that are comparable and all of the metrics in this book can be formed by counting the things that have the property of interest out of the total number of things. They relate directly back to program execution and structure to allow independent evaluation, internal or external audit, and meaningful measurement of progress. Drill-Down