Most organizations place a high priority on keeping data secure, but not every organization invests in training its engineers or employees in understanding the security risks involved when using or developing technology. Designed for the non-security professional, What Every Engineer Should Know About Cyber Security and Digital Forensics is an overview of the field of cyber security.
The Second Edition updates content to address the most recent cyber security concerns and introduces new topics such as business changes and outsourcing. It includes new cyber security risks such as Internet of Things and Distributed Networks (i.e., blockchain) and adds new sections on strategy based on the OODA (observe-orient-decide-act) loop in the cycle. It also includes an entire chapter on tools used by the professionals in the field. Exploring the cyber security topics that every engineer should understand, the book discusses network and personal data security, cloud and mobile computing, preparing for an incident and incident response, evidence handling, internet usage, law and compliance, and security forensic certifications. Application of the concepts is demonstrated through short case studies of real-world incidents chronologically delineating related events. The book also discusses certifications and reference manuals in the areas of cyber security and digital forensics.
By mastering the principles in this volume, engineering professionals will not only better understand how to mitigate the risk of security incidents and keep their data secure, but also understand how to break into this expanding profession.
1. Security Threats. 2. Cyber Security. 3. Strategy to Outpace the Adversary. 4. Preparing for an Incident. 5. Incident Response and Digital Forensics. 6. Development Security Operations. 7. Mobile Device Forensic Tools. 8. The Laws Most Likely to Affect IT and IT Security. 9. Cyber Security and Digital Forensic Careers. 10. Theory to Practice.