Privacy and data protection Books
Taylor & Francis Ltd Internet of Everything and Big Data
Book SynopsisThere currently is no in-depth book dedicated to the challenge of the Internet of Everything and Big Data technologies in smart cities. Humankind today is confronting a critical worldwide portability challenge and the framework that moves cities must keep pace with the innovation. Internet of Everything and Big Data: Major Challenges in Smart Cities reviews the applications, technologies, standards, and other issues related to smart cities.This book is dedicated to addressing the major challenges in realizing smart cities and sensing platforms in the era of Big Data cities and Internet of Everything. Challenges vary from cost and energy efficiency to availability and service quality. This book examines security issues and challenges, addresses the total information science challenges, covers exploring and creating IoT environment-related sales adaptive systems, and investigates basic and high-level concepts using the latest techniques implemented by researchers Table of Contents1. Wireless Sensor Networks in Smart Cities. 2. Big Data Analytics. 3. Security Issues in Smart Cities. 4. Artificial Intelligence in Smart-Cities. 5. Performability in IoT-enabled Sensors. 6. Data delivery in IoT-enabled Smart Cities. 7. Deployment Issues in IoT-enabled Sensors. 8. Traffic Modelling in Smart-Cities. 9. Resource Management and Enabling Technologies Localization in IoT-enabled Sensors. 10. Modeling and Simulation with Fuzzy Techniques in Smart Cities. 11. Energy Efficiency in Smart Cities Technologies. 12. Semantic Interoperability for IoT.
£135.00
CRC Press The Privacy Leader Compass
Book Synopsis#1 bestselling privacy book from Taylor & Francis in 2023 and 2024!Congratulations! Perhaps you have been appointed as the Chief Privacy Officer (CPO) or the Data Protection Officer (DPO) for your company. Or maybe you are an experienced CPO/DPO, and you wonder â what can I learn from other successful privacy experts to be even more effective? Or perhaps you are considering a move from a different career path and deciding if this is the right direction for you.Seasoned award-winning Privacy and Cybersecurity leaders Dr. Valerie Lyons (Dublin, Ireland) and Todd Fitzgerald (Chicago, IL USA) have teamed up with over 60 award-winning CPOs, DPOs, highly respected privacy/data protection leaders, data protection authorities, and privacy standard setters who have fought the tough battle.Just as the #1 best-selling and CANON Cybersecurity Hall of Fame winning CISO Compass: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers boTable of ContentsSECTION I. THE PRIVACY LEADER ROADMAP, 1. The Privacy Landscape: Context and Challenges, 2. The McKinsey 7-S Framework Applied to Privacy Leadership, SECTION II. STRATEGY, 3. Developing an Effective Privacy Program Strategy, SECTION III. STRUCTURE, 4. The Privacy Organization Structure, SECTION IV. SYSTEMS, 5. Privacy Frameworks, Standards, and Certifications, 6. Privacy Risk Governance, SECTION V. SHARED VALUES, 7. Privacy and Data Protection: Laws and Principles, 8. Privacy Ethics, and Responsible Privacy, SECTION VI. STAFF, 9. Forging and Maintaining Effective Privacy Teams, SECTION VII. SKILLS, 10. The Privacy Leader’s Key Skills, SECTION VIII. STYLE, 11. Privacy Leadership Styles, SECTION IX. CONCLUSION, 12. Privacy Leadership: Beyond This Book?
£40.84
Taylor & Francis Ltd Dark World
Book SynopsisDiscover the hidden depths of the digital underworld in this comprehensive, interdisciplinary exploration of the dark web.Ideal for security agencies, professionals, counter-terrorism experts, and policymakers alike, this work offers invaluable insights that will enhance understanding and fortify strategies. By shedding particular light on the nuances of the dark market,' this book provides readers with a detailed understanding of the dark web, encompassing both its sinister underbelly and unexpected potential.This book also uncovers the latest trends and cutting-edge mitigation techniques. From illicit transactions to thriving business ventures, it examines the key domains and sectors that thrive within this clandestine environment. This book consolidates myriad perspectives on security and threats on the dark web.Table of Contents1. Cybersecurity and The Dark Web. 2. A Guide to The Dark and Deep Web. 3. Dark Web Access with TOR Browser. 4. The Dark Web's Perils. 5. Cybercrime on The Dark Web. 6. Red Room Deep Web. 7. Terrorist Acts on The Surface and Dark Web. 8. Dark Web Markets. 9. We Are Anonymous. 10. Hitman for Hire. 11. The Positive and Evil Side of The Dark Web. 12. Techniques for Analyzing Dark Web Content. 13. Information Extraction from Dark Web Contents and Logs. 14. Dark Web Forensics. 15. OSINT Opensource Intelligence. 16. Emerging Dark Web Trends and Mitigation Techniques. 17. The Dark Web's Future. 18. Your Business on The Dark Web. Glossary. Bibliography.
£42.74
Taylor & Francis Ltd Cybercrime and Cybersecurity
Book SynopsisThe field of cybersecurity and cybercrime is a critical and rapidly evolving area of study. As our society becomes more and more reliant on technology, the risks of cybercrime increase. This book provides a comprehensive introduction to the field, covering both cybercrime and cybersecurity.The book starts by providing an overview of common threats and the risk management view of cybercrime. It explores the different types of threats, such as hacking, malware, phishing, and social engineering, and the various ways in which they can impact individuals, businesses, and society at large. It also introduces the concept of risk management and the different approaches that can be used to manage cyber risks, such as risk avoidance, mitigation, transfer, and acceptance.From there, the book delves into the three key areas of cybersecurity: people, process, and technology. It explores the role of people in cybersecurity, including staffing, psychological profiling, role sensitiviTable of Contents1. Introduction, 2. Risk Management, 3. Threats, 4. Organisational Responses, 5. Operational Security: Users, 6. Operational Security: Systems, 7. Operational Security: Threat Response, 8. Technical Responses: Securing Systems, 9. Technical Responses: Forensics, 10. Technical Responses: Penetration Testing, 11. Regulatory and Legal Responses, 12. Honeypots and Deception
£104.50
Taylor & Francis Ltd Cybercrime and Cybersecurity
Book SynopsisThe field of cybersecurity and cybercrime is a critical and rapidly evolving area of study. As our society becomes more and more reliant on technology, the risks of cybercrime increase. This book provides a comprehensive introduction to the field, covering both cybercrime and cybersecurity.The book starts by providing an overview of common threats and the risk management view of cybercrime. It explores the different types of threats, such as hacking, malware, phishing, and social engineering, and the various ways in which they can impact individuals, businesses, and society at large. It also introduces the concept of risk management and the different approaches that can be used to manage cyber risks, such as risk avoidance, mitigation, transfer, and acceptance.From there, the book delves into the three key areas of cybersecurity: people, process, and technology. It explores the role of people in cybersecurity, including staffing, psychological profiling, role sensitiviTable of Contents1. Introduction, 2. Risk Management, 3. Threats, 4. Organisational Responses, 5. Operational Security: Users, 6. Operational Security: Systems, 7. Operational Security: Threat Response, 8. Technical Responses: Securing Systems, 9. Technical Responses: Forensics, 10. Technical Responses: Penetration Testing, 11. Regulatory and Legal Responses, 12. Honeypots and Deception
£42.74
CRC Press Generative AI and Digital Forensics
Book SynopsisIn todayâs world, cybersecurity attacks and security breaches are becoming the norm. Unfortunately, we are not immune to it, and any individual and entity is at dire risk. The best and only thing that we can do is to mitigate the risks as much as much as possible so that they do not happen at all. But even when a security breach does indeed happen, the immediate reaction is to contain it so that it does not penetrate further into the information technology/network infrastructure. From there, mission-critical processes need to be restored, until the business can resume a normal state of operations, like it was before the security breach.But another key step here is to investigate how and why the security breach happened in the first place. The best way to do this is through what is known as âœdigital forensicsâ. This is where specially trained digital forensics investigators collect and comb through every piece of evidence to determine this. Eventually, the goal is then to use
£28.49
CRC Press Graph Learning Techniques
Book Synopsis
£46.54
CRC Press Controlling Privacy and the Use of Data Assets
Book Synopsis
£56.04
CRC Press Enterprise Fortress
Book SynopsisEnterprise Fortress is a comprehensive guide to building secure and resilient enterprise architectures, aimed at professionals navigating the complex world of cybersecurity. Authored by cybersecurity leader Alex Stevens, the book brings together his 20+ years of experience, blending technical expertise with business strategy. It covers everything from foundational principles to advanced topics, focusing on aligning security with organisational goals. What sets this book apart is its practical, real-world focusâgrounded in hands-on experience and strategic insights, it provides actionable advice that can be immediately applied.This book equips readers with the knowledge to tackle the evolving landscape of cybersecurity. Whether you're developing security frameworks, handling governance and compliance, or leading a security team, Enterprise Fortress has you covered. By combining best practices with innovation, it provides tools and strategies for both current chal
£46.54
Edward Elgar Publishing Ltd GDPR for Startups and Scaleups
Book SynopsisTable of ContentsContents: Foreword I by Adam Mitton Foreword II by Ingrid Ødegaard 1 GDPR for startups and scaleups: an introduction SETTING THE SCENE AND KEY CONCEPTS 2 Setting the scene and key concepts BEFORE YOU START YOUR DATA PROTECTION PROGRAMME 3 Before you start your data protection programme PHASE 1: FOUNDATIONS OF YOUR DATA PROTECTION PROGRAMME 4 Data protection user experience (UX) 5 Data maps and records of processing activity 6 Administrative matters 7 Respecting people’s rights 8 Marketing PHASE 2: DEVELOPING YOUR DATA PROTECTION PROGRAMME 9 International transfers of personal data 10 Data incidents and breaches 11 Accountability, assessments and record keeping 12 Cookies, pixels and tracking technologies 13 Contract negotiations 14 Online advertising ADDITIONAL MATTERS TO CONSIDER AND FINAL THOUGHTS 15 Additional matters to consider 16 Final thoughts Index
£90.25
Edward Elgar Publishing Ltd GDPR for Startups and Scaleups
Book SynopsisTable of ContentsContents: Foreword I by Adam Mitton Foreword II by Ingrid Ødegaard 1 GDPR for startups and scaleups: an introduction SETTING THE SCENE AND KEY CONCEPTS 2 Setting the scene and key concepts BEFORE YOU START YOUR DATA PROTECTION PROGRAMME 3 Before you start your data protection programme PHASE 1: FOUNDATIONS OF YOUR DATA PROTECTION PROGRAMME 4 Data protection user experience (UX) 5 Data maps and records of processing activity 6 Administrative matters 7 Respecting people’s rights 8 Marketing PHASE 2: DEVELOPING YOUR DATA PROTECTION PROGRAMME 9 International transfers of personal data 10 Data incidents and breaches 11 Accountability, assessments and record keeping 12 Cookies, pixels and tracking technologies 13 Contract negotiations 14 Online advertising ADDITIONAL MATTERS TO CONSIDER AND FINAL THOUGHTS 15 Additional matters to consider 16 Final thoughts Index
£52.25
Edward Elgar Publishing Ltd Identified Tracked and Profiled
Book SynopsisTrade Review‘Facial recognition technologies (FRT) are spreading rapidly worldwide, and have become embedded in numerous everyday government and corporate practices. This widespread adoption has prompted extensive criticism, particularly from civil society groups concerned about human rights abuses and discriminatory impacts for marginalized and vulnerable communities. In Identified, Tracked, and Profiled, Peter Dauvergne provides a much-needed and thoroughly comprehensive overview of the regulatory issues and policy disputes around FRT. This book is essential reading for those interested in political contests over our changing digital landscape.’ -- Ron Deibert, University of Toronto, CanadaTable of ContentsContents: PART I INTRODUCTION 1. Introducing facial recognition technology 2. Resisting the normalization of facial recognition PART II REINING IN FACIAL RECOGNITION TECHNOLOGY 3. The movement to oppose facial recognition 4. The politics of facial recognition bans in the United States 5. Regulating facial recognition in the United States 6. Rising global opposition to face surveillance PART III THE GLOBAL POLITICAL ECONOMY OF FACIAL RECOGNITION 7. The corporate politics of facial recognition 8. The everyday politics of facial recognition in China 9. The globalization of facial recognition technology PART IV CONCLUSIONS 10. The future of facial recognition technology Appendix: interviews Index
£19.90
Cambridge University Press The Privacy Fallacy
Book SynopsisExplains how privacy laws are overridden by technology companies and how they can be improved. Drawing from behavioral science, psychology, sociology, and economics, the book dispels misconceptions that trap us into ineffective approaches to growing digital harms. It then develops solutions based on corporate accountability.Trade Review'To protect privacy in the digital age, Ignacio Cofone argues, we must rethink privacy harms. These harms are social and systemic as well as individual, and they will not be remedied by market and contractual approaches. This beautifully written book is an excellent introduction to problems of digital exploitation that affect everyone.' Jack Balkin, Yale Law School'Why are privacy rules failing us when we need them the most? In this superb book, Ignacio Cofone expertly threads together privacy law's many missteps and proposes a way forward that doesn't rest on myths and misconceptions. The Privacy Fallacy clearly and effectively stakes out an essential turning point for lawmakers and society: We either commit to holding companies liable for the full range of harms they cause, or we continue to indulge in the fantasy that privacy can be individually negotiated and that our laws have it under control.' Woodrow Hartzog, Boston University'With the rigor of an economist and the heart of a humanist, Cofone explores why privacy law has been disappointingly powerless in today's data-driven society. He proposes a new understanding of privacy harm to ground a more effective liability regime. A clear and engaging read for experts and interested laypeople alike!' Katherine J. Strandburg, New York University School of LawTable of ContentsIntroduction; 1. The traditionalist approach to privacy; 2. The privacy myths: rationality and apathy; 3. The consent illusion; 4. Manipulation by design; 5. Traditionalist data protection rules; 6. Pervasive data harms; 7. Privacy as corporate accountability; Conclusion.
£29.99
John Wiley & Sons Inc SSFIPS Securing Cisco Networks with Sourcefire
Book SynopsisCisco has announced big changes to its certification program. As of February 24, 2020, all current certifications will be retired, and Cisco will begin offering new certification programs. The good news is if you're working toward any current CCNA certification, keep going. You have until February 24, 2020 to complete your current CCNA. If you already have CCENT/ICND1 certification and would like to earn CCNA, you have until February 23, 2020 to complete your CCNA certification in the current program. Likewise, if you're thinking of completing the current CCENT/ICND1, ICND2, or CCNA Routing and Switching certification, you can still complete them between now and February 23, 2020. Up the ante on yourFirePOWER with Advanced FireSIGHT Administrationexam prep Securing Cisco Networks with Sourcefire IPS Study Guide, Exam 500-285,provides 100% coverage of theFirePOWER with Advanced FireSIGHT AdminTable of ContentsIntroduction xv Assessment Test xxv Chapter 1 Getting Started with FireSIGHT 1 Industry Terminology 2 Cisco Terminology 3 FirePOWER and FireSIGHT 3 Out with the Old… 4 Appliance Models 5 Hardware vs. Virtual Devices 6 Device Models 6 Defense Center Models 7 FireSIGHT Licensing 8 License Dependencies 9 Network Design 9 Inline IPS 10 Passive IPS 11 Router, Switch, and Firewall 11 Policies 12 The User Interface 13 Initial Appliance Setup 14 Setting the Management IP 15 Initial Login 15 Summary 17 Hands-on Lab 17 Review Questions 19 Chapter 2 Object Management 21 What Are Objects? 22 Getting Started 23 Network Objects 25 Individual Network Objects 25 Network Object Groups 25 Security Intelligence 26 Blacklist and Whitelist 26 Sourcefire Intelligence Feed 27 Custom Security Intelligence Objects 28 Port Objects 29 VLAN Tag 30 URL Objects and Site Matching 31 Application Filters 33 Variable Sets 35 File Lists 39 Security Zones 41 Geolocation 43 Summary 44 Hands-on Lab 45 Exam Essentials 49 Review Questions 51 Chapter 3 IPS Policy Management 53 IPS Policies 54 Default Policies 55 Policy Layers 56 Creating a Policy 57 Policy Editor 58 Summary 65 Hands-on Labs 65 Hands-on Lab 3.1: Creating an IPS Policy 66 Hands-on Lab 3.2: Viewing Connection Events 66 Exam Essentials 66 Review Questions 68 Chapter 4 Access Control Policy 71 Getting Started with Access Control Policies 72 Security Intelligence Lists 75 Blacklists, Whitelists, and Alerts 76 Security Intelligence Page Specifics 77 Configuring Security Intelligence 79 Access Control Rules 86 Access Control UI Elements 86 Rule Categories 88 A Simple Policy 97 Saving and Applying 98 Summary 100 Hands]on Lab 100 Exam Essentials 104 Review Questions 105 Chapter 5 FireSIGHT Technologies 107 FireSIGHT Technologies 108 Network Discovery Policy 109 Discovery Information 114 User Information 120 Host Attributes 124 Summary 126 Hands-on Labs 126 Hands-on Lab 5.1: Configuring a Discovery Policy 127 Hands-on Lab 5.2: Viewing Connection Events 127 Hands-on Lab 5.3: Viewing the Network Map 127 Hands-on Lab 5.4: Creating Host Attributes 128 Exam Essentials 128 Review Questions 130 Chapter 6 Intrusion Event Analysis 133 Intrusion Analysis Principles 134 False Positives 134 False Negatives 135 Possible Outcomes 135 The Goal of Analysis 136 The Dashboard and Context Explorer 136 Intrusion Events 141 An Introduction to Workflows 141 The Time Window 142 The Analysis Screen 145 The Caveat 154 Rule Comment 168 Summary 175 Hands]on Lab 175 Exam Essentials 177 Review Questions 178 Chapter 7 Network]Based Malware Detection 181 AMP Architecture 182 SHA]256 183 Spero Analysis 183 Dynamic Analysis 183 Retrospective Events 184 Communications Architecture 184 File Dispositions 185 File Disposition Caching 185 File Policy 185 Advanced Settings 186 File Rules 187 File Types and Categories 191 File and Malware Event Analysis 193 Malware Events 194 File Events 196 Captured Files 197 Network File Trajectory 199 Context Explorer 203 Summary 204 Hands]on Lab 204 Exam Essentials 205 Review Questions 206 Chapter 8 System Settings 209 User Preferences 210 Event Preferences 211 File Preferences 211 Default Time Windows 211 Default Workflows 212 System Configuration 212 System Policy 215 Health 217 Health Monitor 217 Health Policy 218 Health Events 218 Blacklist 220 Health Monitor Alerts 221 Summary 222 Hands-on Lab 222 Hands-on Lab 8.1: Creating a New System Policy 223 Hands-on Lab 8.2: Viewing Health Information 223 Exam Essentials 223 Review Questions 225 Chapter 9 Account Management 227 User Account Management 228 Internal versus External User Authentication 229 User Privileges 229 Predefined User Roles 230 Creating New User Accounts 231 Managing User Role Escalation 237 Configuring External Authentication 239 Creating Authentication Objects 240 Summary 246 Hands-on Lab 247 Hands-on Lab 9.1: Configuring a User in the Local Database 247 Hands-on Lab 9.2: Configuring Permission Escalation 247 Exam Essentials 248 Review Questions 249 Chapter 10 Device Management 251 Device Management 252 Configuring the Device on the Defense Center 254 NAT Configuration 266 Virtual Private Networks 267 Point-to-Point VPN 267 Star VPN 269 Mesh VPN 270 Advanced Options 270 Summary 271 Hands-on Labs 271 Hands-on Lab 10.1: Creating a Device Group 272 Hands-on Lab 10.2: Renaming the Device 272 Hands-on Lab 10.3: Modifying the Name of the Inline Interface Set 272 Exam Essentials 273 Review Questions 274 Chapter 11 Correlation Policy 277 Correlation Overview 278 Correlation Rules, Responses, and Policies 279 Correlation Rules 279 Rule Options 284 Responses 286 Correlation Policy 291 White Lists 295 Traffic Profiles 301 Summary 308 Hands-on Lab 308 Exam Essentials 309 Review Questions 311 Chapter 12 Advanced IPS Policy Settings 313 Advanced Settings 314 Preprocessor Alerting 316 Application Layer Preprocessors 316 SCADA Preprocessors 320 Transport/Network Layer Preprocessors 320 Specific Threat Detection 325 Detection Enhancement 326 Intrusion Rule Thresholds 327 Performance Settings 327 External Responses 330 Summary 330 Hands]on Lab 331 Hands]on Lab 12.1: Modifying the HTTP Configuration Preprocessor 331 Hands]on Lab 12.2: Enabling Inline Normalization 332 Hands]on Lab 12.3: Demonstrating the Validation of Preprocessor Settings on Policy Commit 332 Exam Essentials 333 Review Questions 334 Chapter 13 Creating Snort Rules 337 Overview of Snort Rules 338 Rule Headers 339 The Rule Body 342 Writing Rules 352 Using the System GUI to Build a Rule 353 Summary 355 Exam Essentials 356 Review Questions 357 Chapter 14 FireSIGHT v5.4 Facts and Features 359 Branding 360 Simplified IPS Policy 361 Network Analysis Policy 362 Why Network Analysis? 365 Access Control Policy 365 General Settings 366 Network Analysis and Intrusion Policies 366 Files and Malware Settings 368 Transport/Network Layer Preprocessor Settings 368 Detection Enhancement Settings 368 Performance/Latency Settings 369 SSL Inspection 369 SSL Objects 370 New Rule Keywords 376 File_type 376 Protected_content 377 Platform Enhancements 377 International Enhancements 378 Minor Changes 378 Summary 378 Appendix Answers to Review Questions 379 Index 393
£41.25
John Wiley & Sons Inc Social Engineering
Book SynopsisTable of ContentsAcknowledgments xi Foreword xix Preface xxi 1 A Look into the New World of Professional Social Engineering . What Has Changed? 2 Why Should You Read This Book? 4 An Overview of Social Engineering 6 The SE Pyramid 11 What’s in This Book? 14 Summary 15 2 Do You See What I See? 17 A Real-World Example of Collecting OSINT 17 Nontechnical OSINT 22 Tools of the Trade 59 Summary 61 3 Profiling People Through Communication 63 The Approach 66 Enter the DISC 68 Summary 80 4 Becoming Anyone You Want to Be 83 The Principles of Pretexting 84 Summary 98 5 I Know How to Make You Like Me 101 The Tribe Mentality 103 Building Rapport as a Social Engineer 105 The Rapport Machine 120 Summary 121 6 Under the Influence 123 Principle One: Reciprocity 125 Principle Two: Obligation 128 Principle Three: Concession 131 Principle Four: Scarcity 134 Principle Five: Authority 137 Principle Six: Consistency and Commitment 142 Principle Seven: Liking 146 Principle Eight: Social Proof 148 Influence vs. Manipulation 151 Summary 156 7 Building Your Artwork 157 The Dynamic Rules of Framing 159 Elicitation 168 Summary 182 8 I Can See What You Didn’t Say 183 Nonverbals Are Essential 184 All Your Baselines Belong to Us 187 Understand the Basics of Nonverbals 196 Comfort vs. Discomfort 198 Summary 220 9 Hacking the Humans 223 An Equal Opportunity Victimizer 224 The Principles of the Pentest 225 Phishing 229 Vishing 233 SMiShing 240 Impersonation 241 Reporting 246 Top Questions for the SE Pentester 250 Summary 254 10 Do You Have a M.A.P.P.? 257 Step 1: Learn to Identify Social Engineering Attacks 259 Step 2: Develop Actionable and Realistic Policies 261 Step 3: Perform Regular Real-World Checkups 264 Step 4: Implement Applicable Security-Awareness Programs 266 Tie It All Together 267 Gotta Keep ’Em Updated 268 Let the Mistakes of Your Peers Be Your Teacher 270 Create a Security Awareness Culture 271 Summary 274 11 Now What? 277 Soft Skills for Becoming an Social Engineer 277 Technical Skills 280 Education 281 Job Prospects 283 The Future of Social Engineering 284 Index 287
£23.20
John Wiley & Sons Inc Data Privacy and GDPR Handbook
Book SynopsisThe definitive guide for ensuring data privacy and GDPR compliance Privacy regulation is increasingly rigorous around the world and has become a serious concern for senior management of companies regardless of industry, size, scope, and geographic area. The Global Data Protection Regulation (GDPR) imposes complex, elaborate, and stringent requirements for any organization or individuals conducting business in the European Union (EU) and the European Economic Area (EEA)while also addressing the export of personal data outside of the EU and EEA. This recently-enacted law allows the imposition of fines of up to 5% of global revenue for privacy and data protection violations. Despite the massive potential for steep fines and regulatory penalties, there is a distressing lack of awareness of the GDPR within the business community. A recent survey conducted in the UK suggests that only 40% of firms are even aware of the new law and their responsibilities to maintain compliance. The Data PrTable of Contents1 Origins and Concepts of Data Privacy 1 1.1 Questions and Challenges of Data Privacy 2 1.1.1 But Cupid Turned Out to Be Not OK 3 1.2 The Conundrum of Voluntary Information 3 1.3 What is Data Privacy? 5 1.3.1 Physical Privacy 5 1.3.2 Social Privacy Norms 5 1.3.3 Privacy in a Technology-Driven Society 5 1.4 Doctrine of Information Privacy 6 1.4.1 Information Sharing Empowers the Recipient 6 1.4.2 Monetary Value of Individual Privacy 7 1.4.3 “Digital Public Spaces” 7 1.4.4 A Model Data Economy 8 1.5 Notice-and-Choice versus Privacy-as-Trust 9 1.6 Notice-and-Choice in the US 9 1.7 Enforcement of Notice-and-Choice Privacy Laws 11 1.7.1 Broken Trust and FTC Enforcement 11 1.7.2 The Notice-and-Choice Model Falls Short 12 1.8 Privacy-as-Trust: An Alternative Model 13 1.9 Applying Privacy-as-Trust in Practice: The US Federal Trade Commission 14 1.9.1 Facebook as an Example 15 1.10 Additional Challenges in the Era of Big Data and Social Robots 16 1.10.1 What is a Social Robot? 16 1.10.2 Trust and Privacy 17 1.10.3 Legal Framework for Governing Social Robots 17 1.11 The General Data Protection Regulation (GDPR) 18 1.12 Chapter Overview 19 Notes 21 2 A Brief History of Data Privacy 23 2.1 Privacy as One’s Castle 23 2.1.1 Individuals’ “Castles” Were Not Enough 24 2.2 Extending Beyond the “Castle” 24 2.3 Formation of Privacy Tort Laws 24 2.3.1 A Privacy Tort Framework 25 2.4 The Roots of Privacy in Europe and the Commonwealth 25 2.5 Privacy Encroachment in the Digital Age 26 2.5.1 Early Digital Privacy Laws Were Organic 27 2.5.2 Growth in Commercial Value of Individual Data 27 2.6 The Gramm-Leach-Bliley Act Tilted the Dynamic against Privacy 28 2.7 Emergence of Economic Value of Individual Data for Digital Businesses 29 2.7.1 The Shock of the 9/11 Attacks Affected Privacy Protection Initiatives 29 2.7.2 Surveillance and Data Collection Was Rapidly Commercialized 30 2.7.3 Easing of Privacy Standards by the NSA Set the Tone at the Top 30 2.8 Legislative Initiatives to Protect Individuals’ Data Privacy 31 2.9 The EU Path 33 2.9.1 The Internet Rights Revolution 34 2.9.2 Social Revolutions 34 2.10 End of the Wild West? 37 2.11 Data as an Extension of Personal Privacy 37 2.12 Cambridge Analytica: A Step Too Far 39 2.13 The Context of Privacy in Law Enforcement 39 Summary 41 Notes 41 3 GDPR’s Scope of Application 45 3.1 When Does GDPR Apply? 45 3.1.1 “Processing” of Data 46 3.1.2 “Personal Data” 47 3.1.3 Exempted Activities under GDPR 51 3.2 The Key Players under GDPR 52 3.3 Territorial Scope of GDPR 54 3.3.1 Physical Presence in the EU 54 3.3.2 Processing Done in the Context of the Activities 55 3.3.3 Users Based in the EU 56 3.3.4 “Time of Stay” Standard 57 3.4 Operation of Public International Law 57 Notes 57 4 Technical and Organizational Requirements under GDPR 61 4.1 Accountability 61 4.2 The Data Controller 62 4.2.1 Responsibilities of the Controller 63 4.2.2 Joint Controllers and Allocating Liability 65 4.2.3 The Duty to Cooperate with the SA 68 4.3 Technical and Organizational Measures 69 4.3.1 Maintain a Data-Protection Level 69 4.3.2 Minimum Requirements for Holding a Data Protection Level 69 4.3.3 Weighing the Risks 70 4.3.4 The Network and Information Systems Directive 71 4.4 Duty to Maintain Records of Processing Activities 72 4.4.1 Content of Controller’s Records 72 4.4.2 Content of Processor’s Records 73 4.4.3 Exceptions to the Duty 73 4.5 Data Protection Impact Assessments 73 4.5.1 Types of Processing That Require DPIA 74 4.5.2 Scope of Assessment 75 4.5.3 Business Plan Oversight 78 4.6 The Data Protection Officer 80 4.6.1 Designation of DPO 80 4.6.2 Qualifications and Hiring a DPO 81 4.6.3 Position of the DPO 81 4.6.4 Tasks of the DPO 82 4.6.5 An Inherent Conflict of Interest? 83 4.6.6 DPO Liability 84 4.7 Data Protection by Design and Default 84 4.7.1 Data Protection at the Outset 84 4.7.2 Balancing the Amount of Protection 85 4.7.3 Applying Data Protection by Design 86 4.7.4 Special Case: Blockchain Technology and GDPR 91 4.8 Data Security during Processing 92 4.8.1 Data Security Measures 93 4.8.2 Determining the Risk Posed 94 4.8.3 Data Protection Management Systems: A “Technical and Organizational Measure” 94 4.9 Personal Data Breaches 94 4.9.1 Overview of Data Breaches 95 4.9.2 The Controller’s Duty to Notify 103 4.9.3 Controller’s Duty to Communicate the Breach to Data Subjects 106 4.10 Codes of Conduct and Certifications 107 4.10.1 Purpose and Relationship under GDPR 107 4.10.2 Codes of Conduct 108 4.10.3 Certification 110 4.11 The Data Processor 112 4.11.1 Relationship between Processor and Controller 112 4.11.2 Responsibilities of Controller in Selecting a Processor 113 4.11.3 Duties of the Processor 114 4.11.4 Subprocessors 116 Notes 116 5 Material Requisites for Processing under GDPR 125 5.1 The Central Principles of Processing 125 5.1.1 Lawful, Fair, and Transparent Processing of Data 126 5.1.2 Processing Limited to a “Purpose” 127 5.1.3 Data Minimization and Accuracy 130 5.1.4 Storage of Data 131 5.1.5 Integrity and Confidentiality of the Operation 131 5.2 Legal Grounds for Data Processing 132 5.2.1 Processing Based on Consent 132 5.2.2 Processing Based on Legal Sanction 144 5.2.3 Changing the Processing “Purpose” 148 5.2.4 Special Categories of Data 149 5.3 International Data Transfers 161 5.3.1 Adequacy Decisions and “Safe” Countries 162 5.3.2 Explicit Consent 166 5.3.3 Standard Contractual Clauses 166 5.3.4 The EU–US Privacy Shield 169 5.3.5 Binding Corporate Rules 172 5.3.6 Transfers Made with or without Authorization 175 5.3.7 Derogations 177 5.3.8 Controllers Outside of the EU 180 5.4 Intragroup Processing Privileges 182 5.5 Cooperation Obligation on EU Bodies 183 5.6 Foreign Law in Conflict with GDPR 184 Notes 185 6 Data Subjects’ Rights 193 6.1 The Controller’s Duty of Transparency 194 6.1.1 Creating the Modalities 194 6.1.2 Facilitating Information Requests 195 6.1.3 Providing Information to Data Subjects 195 6.1.4 The Notification Obligation 196 6.2 The Digital Miranda Rights 197 6.2.1 Accountability Information 197 6.2.2 Transparency Information 198 6.2.3 Timing 200 6.2.4 Defenses for Not Providing Information 200 6.3 The Right of Access 201 6.3.1 Accessing Personal Data 201 6.3.2 Charging a “Reasonable Fee” 202 6.4 Right of Rectification 203 6.4.1 Inaccurate Personal Data 204 6.4.2 Incomplete Personal Data 204 6.4.3 Handling Requests 204 6.5 Right of Erasure 205 6.5.1 Development of the Right 205 6.5.2 The Philosophical Debate 206 6.5.3 Circumstances for Erasure under GDPR 209 6.5.4 Erasure of Personal Data Which Has Been Made Public 211 6.5.5 What is “Erasure” of Personal Data? 212 6.5.6 Exceptions to Erasure 212 6.6 Right to Restriction 214 6.6.1 Granting Restriction 215 6.6.2 Exceptions to Restriction 216 6.7 Right to Data Portability 216 6.7.1 The Format of Data and Requirements for Portability 217 6.7.2 Business Competition Issues 218 6.7.3 Intellectual Property Issues 219 6.7.4 Restrictions on Data Portability 220 6.8 Rights Relating to Automated Decision Making 221 6.8.1 The Right to Object 221 6.8.2 Right to Explanation 223 6.8.3 Profiling 224 6.8.4 Exceptions 225 6.8.5 Special Categories of Data 225 6.9 Restrictions on Data Subject Rights 226 6.9.1 Nature of Restrictions Placed 226 6.9.2 The Basis of Restrictions 227 Notes 228 7 GDPR Enforcement 233 7.1 In-House Mechanisms 233 7.1.1 A Quick Review 234 7.1.2 Implementing an Internal Rights Enforcement Mechanism 235 7.2 Data Subject Representation 240 7.2.1 Standing of NPOs to Represent Data Subjects 240 7.2.2 Digital Rights Activism 241 7.3 The Supervisory Authorities 241 7.3.1 Role of Supervisory Authority 241 7.3.2 The Members of the Supervisory Authority 242 7.3.3 An Independent Body 243 7.3.4 Professional Secrecy 243 7.3.5 Competence of the Supervisory Authority 244 7.3.6 Tasks of the Supervisory Authority 246 7.3.7 Powers of the SA 248 7.3.8 Cooperation and Consistency Mechanism 250 7.3.9 GDPR Enforcement by Supervisory Authorities 252 7.4 Judicial Remedies 253 7.4.1 Judicial Action against the Controller or Processor 253 7.4.2 Courts versus SA; Which is Better for GDPR Enforcement? 254 7.4.3 Judicial Action against the Supervisory Authority 254 7.4.4 Controller Suing the Data Subject? 256 7.4.5 Suspending the Proceedings 257 7.5 Alternate Dispute Resolution 258 7.5.1 Is an ADR Arrangement Allowed under GDPR? 260 7.5.2 ADR Arrangements 260 7.5.3 Key Hurdles of Applying ADR to GDPR 261 7.5.4 Suggestions for Implementing ADR Mechanisms 263 7.6 Forum Selection Clauses 265 7.7 Challenging the Existing Law 266 Notes 267 8 Remedies 271 8.1 Allocating Liability 271 8.1.1 Controller Alone Liable 271 8.1.2 Processor Alone Liable 272 8.1.3 Joint and Several Liabilities 272 8.2 Compensation 273 8.2.1 Quantifying “Full Compensation” 273 8.2.2 Conflict in the Scope of “Standing” in Court 274 8.3 Administrative Fines 275 8.3.1 Fines for Regulatory Infringements 275 8.3.2 Fines for Grave Infringements 276 8.3.3 Determining the Quantum of the Fine 276 8.4 Processing Injunctions 279 8.4.1 Domestic Law 279 8.4.2 The EU Injunction Directive 280 8.4.3 The SA’s Power to Restrain Processing 281 8.5 Specific Performance 283 Notes 284 9 Governmental Use of Data 287 9.1 Member State Legislations 287 9.2 Processing in the “Public Interest” 291 9.2.1 What is Public Interest? 291 9.2.2 Public Interest as a “Legal Basis” for Processing 292 9.2.3 State Use of “Special” Data 292 9.2.4 Processing Relating to Criminal Record Data 294 9.3 Public Interest and the Rights of a Data Subject 294 9.3.1 Erasure and Restriction of Data Processing 294 9.3.2 Data Portability 295 9.3.3 Right to Object 296 9.3.4 Right to Explanation 296 9.4 Organizational Exemptions and Responsibilities 297 9.4.1 Representatives for Controllers Not within the EU 297 9.4.2 General Impact Assessments in Lieu of a Data Protection Impact Assessment (DPIA) 297 9.4.3 Designation of a Data Protection Office (DPO) 298 9.4.4 Monitoring of Approved Codes of Conduct 299 9.4.5 Third-Country Transfers 299 9.5 Public Documents and Data 301 9.5.1 The Network and Information Systems Directive 301 9.5.2 Telemedia Data Protection 302 9.5.3 National Identification Numbers 303 9.6 Archiving 304 9.7 Handling Government Subpoenas 305 9.8 Public Interest Restrictions on GDPR 305 9.9 Processing and Freedom of Information and Expression 306 9.9.1 Journalism and Expression under GDPR 306 9.9.2 Combating “Fake News” in the Modern Age 307 9.10 State Use of Encrypted Data 308 9.11 Employee Data Protection 309 9.11.1 The Opening Clause 310 9.11.2 Employment Agreements 311 9.11.3 The German Betriebsrat 312 9.11.4 The French “Comité d’enterprise” 313 Notes 314 10 Creating a GDPR Compliance Department 319 10.1 Step 1: Establish a “Point Person” 319 10.2 Step 2: Internal Data Audit 321 10.3 Step 3: Budgeting 322 10.4 Step 4: Levels of Compliance Needed 323 10.4.1 Local Legal Standards 323 10.4.2 Enhanced Legal Standards for International Data Transfers 324 10.4.3 International Legal Standards 324 10.4.4 Regulatory Standards 324 10.4.5 Contractual Obligations 324 10.4.6 Groups of Undertakings 325 10.5 Step 5: Sizing Up the Compliance Department 325 10.6 Step 6: Curating the Department to Your Needs 326 10.6.1 “In-House” Employees 326 10.6.2 External Industry Operators 326 10.6.3 Combining the Resources 327 10.7 Step 7: Bring Processor Partners into Compliance 327 10.8 Step 8: Bring Affiliates into Compliance 328 10.9 Step 9: The Security of Processing 328 10.10 Step 10: Revamping Confidentiality Procedures 329 10.11 Step 11: Record Keeping 329 10.12 Step 12: Educate Employees on New Protocols 330 10.13 Step 13: Privacy Policies and User Consent 331 10.14 Step 14: Get Certified 331 10.15 Step 15: Plan for the Worst Case Scenario 331 10.16 Conclusion 332 Notes 332 11 Facebook: A Perennial Abuser of Data Privacy 335 11.1 Social Networking as an Explosive Global Phenomenon 335 11.2 Facebook is Being Disparaged for Its Data Privacy Practices 335 11.3 Facebook Has Consistently Been in Violation of GDPR Standards 336 11.4 The Charges against Facebook 336 11.5 What is Facebook? 337 11.6 A Network within the Social Network 337 11.7 No Shortage of “Code of Conduct” Policies 338 11.8 Indisputable Ownership of Online Human Interaction 339 11.9 Social Networking as a Mission 339 11.10 Underlying Business Model 340 11.11 The Apex of Sharing and Customizability 341 11.12 Bundling of Privacy Policies 341 11.13 Covering All Privacy Policy Bases 342 11.14 Claims of Philanthropy 343 11.15 Mechanisms for Personal Data Collection 344 11.16 Advertising: The Big Revenue Kahuna 346 11.17 And Then There is Direct Marketing 347 11.18 Our Big (Advertiser) Brother 347 11.19 A Method to Snooping on Our Clicks 348 11.20 What Do We Control (or Think We Do)? 349 11.20.1 Ads Based on Data from FB Partners 350 11.20.2 Ads Based on Activity on FB That is Seen Elsewhere 350 11.20.3 Ads That Include Your Social Actions 351 11.20.4 “Hiding” Advertisements 351 11.21 Even Our Notifications Can Produce Revenue 352 11.22 Extent of Data Sharing 353 11.23 Unlike Celebrities, We Endorse without Compensation 354 11.24 Whatever Happened to Trust 355 11.25 And to Security of How We Live 355 11.26 Who is Responsible for Security of Our Life Data? 356 11.27 And Then There Were More 359 11.28 Who is Responsible for Content? 359 11.29 Why Should Content Be Moderated? 360 11.30 There are Community Standards 361 11.31 Process for Content Moderation 369 11.31.1 Identifying and Determining Content Removal Requests 369 11.32 Prospective Content Moderation “Supreme Court” 370 11.33 Working with Governmental Regimes 370 11.34 “Live” Censorship 371 11.35 Disinformation and “Fake” News 372 11.35.1 “Disinformation” 372 11.35.2 False News Policy 374 11.35.3 Fixing the “Fake News” Problem 375 11.36 Conclusion 380 Notes 386 12 Facebook and GDPR 393 12.1 The Lead Supervisory Authority 393 12.2 Facebook nicht spricht Deutsch 393 12.3 Where is the Beef? Fulfilling the Information Obligation 394 12.4 Data Processing Purpose Limitation 395 12.5 Legitimate Interests Commercial “Restraint” Needed 396 12.6 Privacy by Design? 398 12.7 Public Endorsement of Personalized Shopping 398 12.8 Customizing Data Protection 399 12.9 User Rights versus Facebook’s Obligations 400 12.10 A Digital Blueprint and a GDPR Loophole 401 12.11 Investigations Ahead 402 12.12 Future Projects 403 Notes 404 13 The Future of Data Privacy 407 13.1 Our Second Brain 407 13.2 Utopian or Dystopian? 409 13.3 Digital Empowerment: Leveling the Playing Field 410 Notes 412 Appendix: Compendium of Data Breaches 413 About the Authors 467 Index 469
£52.00
John Wiley & Sons Inc We Have Root
Book SynopsisTable of ContentsIntroduction xi 1 Crime, Terrorism, Spying, and War 1 Cyberconflicts and National Security 1 Counterterrorism Mission Creep 4 Syrian Electronic Army Cyberattacks 7 The Limitations of Intelligence 8 Computer Network Exploitation vs Computer Network Attack 11 iPhone Encryption and the Return of the Crypto Wars 13 Attack Attribution and Cyber Conflict 16 Metal Detectors at Sports Stadiums 19 The Future of Ransomware 21 2 Travel and Security 25 Hacking Airplanes 25 Reassessing Airport Security 28 3 Internet of Things 31 Hacking Consumer Devices 31 Security Risks of Embedded Systems 32 Samsung Television Spies on Viewers 36 Volkswagen and Cheating Software 38 DMCA and the Internet of Things 41 Real-World Security and the Internet of Things 43 Lessons from the Dyn DDoS Attack 47 Regulation of the Internet of Things 50 Security and the Internet of Things 53 Botnets 69 IoT Cybersecurity: What’s Plan B? 70 4 Security and Technology 73 The NSA’s Cryptographic Capabilities 73 iPhone Fingerprint Authentication 76 The Future of Incident Response 78 Drone Self-Defense and the Law 81 Replacing Judgment with Algorithms 83 Class Breaks 87 5 Elections and Voting 89 Candidates Won’t Hesitate to Use Manipulative Advertising to Score Votes 89 The Security of Our Election Systems 91 Election Security 93 Hacking and the 2016 Presidential Election 96 6 Privacy and Surveillance 99 Restoring Trust in Government and the Internet 99 The NSA is Commandeering the Internet 102 Conspiracy Theories and the NSA 104 How to Remain Secure against the NSA 106 Air Gaps 110 Why the NSA’s Defense of Mass Data Collection Makes No Sense 114 Defending Against Crypto Backdoors 117 A Fraying of the Public/Private Surveillance Partnership 121 Surveillance as a Business Model 123 Finding People’s Locations Based on Their Activities in Cyberspace 125 Surveillance by Algorithm 128 Metadata = Surveillance 132 Everyone Wants You to Have Security, But Not from Them 133 Why We Encrypt 136 Automatic Face Recognition and Surveillance 137 The Internet of Things that Talk about You behind Your Back 141 Security vs Surveillance 143 The Value of Encryption 145 Congress Removes FCC Privacy Protections on Your Internet Usage 148 Infrastructure Vulnerabilities Make Surveillance Easy 150 7 Business and Economics of Security 155 More on Feudal Security 155 The Public/Private Surveillance Partnership 158 Should Companies Do Most of Their Computing in the Cloud? 160 Security Economics of the Internet of Things 165 8 Human Aspects of Security 169 Human-Machine Trust Failures 169 Government Secrecy and the Generation Gap 171 Choosing Secure Passwords 173 The Human Side of Heartbleed 177 The Security of Data Deletion 179 Living in a Code Yellow World 180 Security Design: Stop Trying to Fix the User 182 Security Orchestration and Incident Response 184 9 Leaking, Hacking, Doxing, and Whistleblowing 189 Government Secrets and the Need for Whistleblowers 189 Protecting Against Leakers 193 Why the Government Should Help Leakers 195 Lessons from the Sony Hack 197 Reacting to the Sony Hack 200 Attack Attribution in Cyberspace 203 Organizational Doxing 205 The Security Risks of Third-Party Data 207 The Rise of Political Doxing 210 Data is a Toxic Asset 211 Credential Stealing as an Attack Vector 215 Someone is Learning How to Take Down the Internet 216 Who is Publishing NSA and CIA Secrets, and Why? 218 Who are the Shadow Brokers? 222 On the Equifax Data Breach 226 10 Security, Policy, Liberty, and Law 229 Our Newfound Fear of Risk 229 Take Back the Internet 232 The Battle for Power on the Internet 234 How the NSA Threatens National Security 241 Who Should Store NSA Surveillance Data? 244 Ephemeral Apps 247 Disclosing vs Hoarding Vulnerabilities 249 The Limits of Police Subterfuge 254 When Thinking Machines Break the Law 256 The Democratization of Cyberattack 258 Using Law against Technology 260 Decrypting an iPhone for the FBI 263 Lawful Hacking and Continuing Vulnerabilities 265 The NSA is Hoarding Vulnerabilities 267 WannaCry and Vulnerabilities 271 NSA Document Outlining Russian Attempts to Hack Voter Rolls 275 Warrant Protections against Police Searches of Our Data 277 References 281
£13.59
John Wiley & Sons Inc Ransomware Protection Playbook
Book SynopsisAvoid becoming the next ransomware victim by taking practical steps today Colonial Pipeline. CWT Global. Brenntag. Travelex. The list of ransomware victims is long, distinguished, and sophisticated. And it's growing longer every day. In Ransomware Protection Playbook, computer security veteran and expert penetration tester Roger A. Grimes delivers an actionable blueprint for organizations seeking a robust defense against one of the most insidious and destructive IT threats currently in the wild. You'll learn about concrete steps you can take now to protect yourself or your organization from ransomware attacks. In addition to walking you through the necessary technical preventative measures, this critical book will show you how to: Quickly detect an attack, limit the damage, and decide whether to pay the ransomImplement a pre-set game plan in the event of a game-changing security breach to help limit the reputational and financial damageLay down a secure foundation of cybersecuritTable of ContentsAcknowledgments xi Introduction xxi Part I: Introduction 1 Chapter 1: Introduction to Ransomware 3 How Bad is the Problem? 4 Variability of Ransomware Data 5 True Costs of Ransomware 7 Types of Ransomware 9 Fake Ransomware 10 Immediate Action vs. Delayed 14 Automatic or Human-Directed 17 Single Device Impacts or More 18 Ransomware Root Exploit 19 File Encrypting vs. Boot Infecting 21 Good vs. Bad Encryption 22 Encryption vs. More Payloads 23 Ransomware as a Service 30 Typical Ransomware Process and Components 32 Infiltrate 32 After Initial Execution 34 Dial-Home 34 Auto-Update 37 Check for Location 38 Initial Automatic Payloads 39 Waiting 40 Hacker Checks C&C 40 More Tools Used 40 Reconnaissance 41 Readying Encryption 42 Data Exfiltration 43 Encryption 44 Extortion Demand 45 Negotiations 46 Provide Decryption Keys 47 Ransomware Goes Conglomerate 48 Ransomware Industry Components 52 Summary 55 Chapter 2: Preventing Ransomware 57 Nineteen Minutes to Takeover 57 Good General Computer Defense Strategy 59 Understanding How Ransomware Attacks 61 The Nine Exploit Methods All Hackers and Malware Use 62 Top Root-Cause Exploit Methods of All Hackers and Malware 63 Top Root-Cause Exploit Methods of Ransomware 64 Preventing Ransomware 67 Primary Defenses 67 Everything Else 70 Use Application Control 70 Antivirus Prevention 73 Secure Configurations 74 Privileged Account Management 74 Security Boundary Segmentation 75 Data Protection 76 Block USB Keys 76 Implement a Foreign Russian Language 77 Beyond Self-Defense 78 Geopolitical Solutions 79 International Cooperation and Law Enforcement 79 Coordinated Technical Defense 80 Disrupt Money Supply 81 Fix the Internet 81 Summary 84 Chapter 3: Cybersecurity Insurance 85 Cybersecurity Insurance Shakeout 85 Did Cybersecurity Insurance Make Ransomware Worse? 90 Cybersecurity Insurance Policies 92 What’s Covered by Most Cybersecurity Policies 93 Recovery Costs 93 Ransom 94 Root-Cause Analysis 95 Business Interruption Costs 95 Customer/Stakeholder Notifications and Protection 96 Fines and Legal Investigations 96 Example Cyber Insurance Policy Structure 97 Costs Covered and Not Covered by Insurance 98 The Insurance Process 101 Getting Insurance 101 Cybersecurity Risk Determination 102 Underwriting and Approval 103 Incident Claim Process 104 Initial Technical Help 105 What to Watch Out For 106 Social Engineering Outs 107 Make Sure Your Policy Covers Ransomware 107 Employee’s Mistake Involved 107 Work-from-Home Scenarios 108 War Exclusion Clauses 108 Future of Cybersecurity Insurance 109 Summary 111 Chapter 4: Legal Considerations 113 Bitcoin and Cryptocurrencies 114 Can You Be in Legal Jeopardy for Paying a Ransom? 123 Consult with a Lawyer 127 Try to Follow the Money 127 Get Law Enforcement Involved 128 Get an OFAC License to Pay the Ransom 129 Do Your Due Diligence 129 Is It an Official Data Breach? 129 Preserve Evidence 130 Legal Defense Summary 130 Summary 131 Part II: Detection and Recovery 133 Chapter 5: Ransomware Response Plan 135 Why Do Response Planning? 135 When Should a Response Plan Be Made? 136 What Should a Response Plan Include? 136 Small Response vs. Large Response Threshold 137 Key People 137 Communications Plan 138 Public Relations Plan 141 Reliable Backup 142 Ransom Payment Planning 144 Cybersecurity Insurance Plan 146 What It Takes to Declare an Official Data Breach 147 Internal vs. External Consultants 148 Cryptocurrency Wallet 149 Response 151 Checklist 151 Definitions 153 Practice Makes Perfect 153 Summary 154 Chapter 6: Detecting Ransomware 155 Why is Ransomware So Hard to Detect? 155 Detection Methods 158 Security Awareness Training 158 AV/EDR Adjunct Detections 159 Detect New Processes 160 Anomalous Network Connections 164 New, Unexplained Things 166 Unexplained Stoppages 167 Aggressive Monitoring 169 Example Detection Solution 169 Summary 175 Chapter 7: Minimizing Damage 177 Basic Outline for Initial Ransomware Response 177 Stop the Spread 179 Power Down or Isolate Exploited Devices 180 Disconnecting the Network 181 Disconnect at the Network Access Points 182 Suppose You Can’t Disconnect the Network 183 Initial Damage Assessment 184 What is Impacted? 185 Ensure Your Backups Are Still Good 186 Check for Signs of Data and Credential Exfiltration 186 Check for Rogue Email Rules 187 What Do You Know About the Ransomware? 187 First Team Meeting 188 Determine Next Steps 189 Pay the Ransom or Not? 190 Recover or Rebuild? 190 Summary 193 Chapter 8: Early Responses 195 What Do You Know? 195 A Few Things to Remember 197 Encryption is Likely Not Your Only Problem 198 Reputational Harm May Occur 199 Firings May Happen 200 It Could Get Worse 201 Major Decisions 202 Business Impact Analysis 202 Determine Business Interruption Workarounds 203 Did Data Exfiltration Happen? 204 Can You Decrypt the Data Without Paying? 204 Ransomware is Buggy 205 Ransomware Decryption Websites 205 Ransomware Gang Publishes Decryption Keys 206 Sniff a Ransomware Key Off the Network? 206 Recovery Companies Who Lie About Decryption Key Use 207 If You Get the Decryption Keys 207 Save Encrypted Data Just in Case 208 Determine Whether the Ransom Should Be Paid 209 Not Paying the Ransom 209 Paying the Ransom 210 Recover or Rebuild Involved Systems? 212 Determine Dwell Time 212 Determine Root Cause 213 Point Fix or Time to Get Serious? 214 Early Actions 215 Preserve the Evidence 215 Remove the Malware 215 Change All Passwords 217 Summary 217 Chapter 9: Environment Recovery 219 Big Decisions 219 Recover vs. Rebuild 220 In What Order 221 Restoring Network 221 Restore IT Security Services 223 Restore Virtual Machines and/or Cloud Services 223 Restore Backup Systems 224 Restore Clients, Servers, Applications, Services 224 Conduct Unit Testing 225 Rebuild Process Summary 225 Recovery Process Summary 228 Recovering a Windows Computer 229 Recovering/Restoring Microsoft Active Directory 231 Summary 233 Chapter 10: Next Steps 235 Paradigm Shifts 235 Implement a Data-Driven Defense 236 Focus on Root Causes 238 Rank Everything! 239 Get and Use Good Data 240 Heed Growing Threats More 241 Row the Same Direction 241 Focus on Social Engineering Mitigation 242 Track Processes and Network Traffic 243 Improve Overall Cybersecurity Hygiene 243 Use Multifactor Authentication 243 Use a Strong Password Policy 244 Secure Elevated Group Memberships 246 Improve Security Monitoring 247 Secure PowerShell 247 Secure Data 248 Secure Backups 249 Summary 250 Chapter 11: What Not to Do 251 Assume You Can’t Be a Victim 251 Think That One Super-Tool Can Prevent an Attack 252 Assume Too Quickly Your Backup is Good 252 Use Inexperienced Responders 253 Give Inadequate Considerations to Paying Ransom 254 Lie to Attackers 255 Insult the Gang by Suggesting Tiny Ransom 255 Pay the Whole Amount Right Away 256 Argue with the Ransomware Gang 257 Apply Decryption Keys to Your Only Copy 257 Not Care About Root Cause 257 Keep Your Ransomware Response Plan Online Only 258 Allow a Team Member to Go Rogue 258 Accept a Social Engineering Exclusion in Your Cyber-Insurance Policy 259 Summary 259 Chapter 12: Future of Ransomware 261 Future of Ransomware 261 Attacks Beyond Traditional Computers 262 IoT Ransoms 264 Mixed-Purpose Hacking Gangs 265 Future of Ransomware Defense 267 Future Technical Defenses 267 Ransomware Countermeasure Apps and Features 267 AI Defense and Bots 268 Strategic Defenses 269 Focus on Mitigating Root Causes 269 Geopolitical Improvements 269 Systematic Improvements 270 Use Cyber Insurance as a Tool 270 Improve Internet Security Overall 271 Summary 271 Parting Words 272 Index 273
£17.59
John Wiley & Sons Inc Net Zeros and Ones
Book SynopsisDesign, implement, and integrate a complete data sanitization program In Net Zeros and Ones: How Data Erasure Promotes Sustainability, Privacy, and Security, a well-rounded team of accomplished industry veterans delivers a comprehensive guide to managing permanent and sustainable data erasure while complying with regulatory, legal, and industry requirements. In the book, you'll discover the why, how, and when of data sanitization, including why it is a crucial component in achieving circularity within IT operations. You will also learn about future-proofing yourself against security breaches and data leaks involving your most sensitive informationall while being served entertaining industry anecdotes and commentary from leading industry personalities. The authors also discuss: Several new standards on data erasure, including the soon-to-be published standards by the IEEE and ISO How data sanitization strengthens a sustainability or Environmental, Social, anTable of ContentsForeword xv Introduction xix Chapter 1 End of Life for Data 1 1.1 Growth of Data 3 1.2 Managing Data 4 1.2.1 Discovery 4 1.2.2 Classification 5 1.2.3 Risk 6 1.3 Data Loss 6 1.3.1 Accidental 7 1.3.2 Theft 7 1.3.3 Dumpster Diving 9 1.4 Encryption 9 1.5 Data Discovery 9 1.6 Regulations 10 1.7 Security 10 1.8 Legal Discovery 11 1.9 Data Sanitization 12 1.10 Ecological and Economic Considerations 13 1.10.1 Ecological 13 1.10.2 Economic 13 1.11 Summary: Proactive Risk Reduction and Reactive End of Life 14 Chapter 2 Where Are We, and How Did We Get Here? 15 2.1 Digital Data Storage 16 2.2 Erasing Magnetic Media 17 2.3 History of Data Erasure 17 2.3.1 The Beginnings of Commercial Data Erasure 19 2.3.2 Darik’s Boot and Nuke (DBAN) 19 2.4 Summary 21 Chapter 3 Data Sanitization Technology 23 3.1 Shredding 24 3.2 Degaussing 24 3.3 Overwriting 25 3.4 Crypto- Erase 27 3.5 Erasing Solid- State Drives 28 3.6 Bad Blocks 29 3.7 Data Forensics 29 3.8 Summary 31 Chapter 4 Information Lifecycle Management 33 4.1 Information Lifecycle Management vs. Data Lifecycle Management 33 4.2 Information Lifecycle Management 34 4.2.1 Lifecycle Stages 34 4.3 Data Security Lifecycle 35 4.3.1 Stages for Data Security Lifecycle 36 4.4 Data Hygiene 36 4.5 Data Sanitization 37 4.5.1 Physical Destruction 37 4.5.2 Cryptographic Erasure 37 4.5.3 Data Erasure 38 4.6 Summary 39 Chapter 5 Regulatory Requirements 41 5.1 Frameworks 42 5.1.1 NIST Cybersecurity Framework Applied to Data 42 5.2 Regulations 43 5.2.1 GDPR 44 5.2.1.1 The Right to Erasure 45 5.2.1.2 Data Retention 51 5.2.2 HIPAA Security Rule Subpart c 53 5.2.3 PCI DSS V3.2 Payment Card Industry Requirements 56 5.2.4 Sarbanes–Oxley 58 5.2.5 Saudi Arabian Monetary Authority Payment Services Regulations 59 5.2.6 New York State Cybersecurity Requirements of Financial Services Companies 23 NYCRR 500 59 5.2.7 Philippines Data Privacy Act 2012 60 5.2.8 Singapore Personal Data Protection Act 2012 61 5.2.9 Gramm–Leach–Bliley Act 61 5.3 Standards 62 5.3.1 ISO 27000 and Family 62 5.3.2 NIST SP 800- 88 63 5.4 Summary 65 Chapter 6 New Standards 67 6.1 IEEE P2883 Draft Standard for Sanitizing Storage 68 6.1.1 Data Sanitization 68 6.1.2 Storage Sanitization 68 6.1.3 Media Sanitization 68 6.1.4 Clear 69 6.1.5 Purge 69 6.1.6 Destruct 69 6.2 Updated ISO/IEC CD 27040 Information Technology Security Techniques— Storage Security 70 6.3 Summary 71 Chapter 7 Asset Lifecycle Management 73 7.1 Data Sanitization Program 73 7.2 Laptops and Desktops 74 7.3 Servers and Network Gear 76 7.3.1 Edge Computing 78 7.4 Mobile Devices 79 7.4.1 Crypto- Erase 80 7.4.2 Mobile Phone Processing 80 7.4.3 Enterprise Data Erasure for Mobile Devices 81 7.4.3.1 Bring Your Own Device 81 7.4.3.2 Corporate- Issued Devices 81 7.5 Internet of Things: Unconventional Computing Devices 82 7.5.1 Printers and Scanners 82 7.5.2 Landline Phones 82 7.5.3 Industrial Control Systems 82 7.5.4 HVAC Controls 83 7.5.5 Medical Devices 83 7.6 Automobiles 83 7.6.1 Off- Lease Vehicles 84 7.6.2 Used Vehicle Market 85 7.6.3 Sanitization of Automobiles 85 7.7 Summary 86 Chapter 8 Asset Disposition 87 8.1 Contracting and Managing Your ITAD 88 8.2 ITAD Operations 89 8.3 Sustainability and Green Tech 91 8.4 Contribution from R2 91 8.4.1 Tracking Throughput 91 8.4.2 Data Security 92 8.5 e- Stewards Standard for Responsible Recycling and Reuse of Electronic Equipment 92 8.6 i- SIGMA 93 8.7 FACTA 93 8.8 Summary 95 Chapter 9 Stories from the Field 97 9.1 3stepIT 98 9.2 TES – IT Lifecycle Solutions 101 9.2.1 Scale of Operations 103 9.2.2 Compliance 104 9.2.3 Conclusion 104 9.3 Ingram Micro 104 9.4 Summary 106 Chapter 10 Data Center Operations 109 10.1 Return Material Allowances 110 10.2 NAS 110 10.3 Logical Drives 110 10.4 Rack- Mounted Hard Drives 111 10.5 Summary 112 Chapter 11 Sanitizing Files 113 11.1 Avoid Confusion with CDR 113 11.2 Erasing Files 114 11.3 When to Sanitize Files 115 11.4 Sanitizing Files 116 11.5 Summary 116 Chapter 12 Cloud Data Sanitization 117 12.1 User Responsibility vs. Cloud Provider Responsibility 117 12.2 Attacks Against Cloud Data 119 12.3 Cloud Encryption 119 12.4 Data Sanitization for the Cloud 120 12.5 Summary 121 Chapter 13 Data Sanitization and Information Lifecycle Management 123 13.1 The Data Sanitization Team 124 13.2 Identifying Data 124 13.3 Data Sanitization Policy 124 13.3.1 Deploy Technology 125 13.3.2 Working with DevOps 125 13.3.3 Working with Data Security 125 13.3.4 Working with the Legal Team 125 13.3.5 Changes 126 13.4 Summary 126 Chapter 14 How Not to Destroy Data 127 14.1 Drilling 127 14.1.1 Nail Gun 128 14.1.2 Gun 128 14.2 Acids and Other Solvents 128 14.3 Heating 128 14.4 Incineration 129 14.5 Street Rollers 129 14.6 Ice Shaving Machines 129 Chapter 15 The Future of Data Sanitization 131 15.1 Advances in Solid- State Drives 132 15.2 Shingled Magnetic Recording 133 15.3 Thermally Assisted Magnetic Recording, Also Known as Heat- Assisted Magnetic Recording 133 15.4 Microwave- Assisted Magnetic Recording 134 15.5 DNA Data Storage 135 15.6 Holographic Storage 135 15.7 Quantum Storage 136 15.8 NVIDMM 137 15.9 Summary 138 Chapter 16 Conclusion 139 Appendix Enterprise Data Sanitization Policy 143 Introduction 143 Intended Audience 143 Purpose of Policy 144 General Data Hygiene and Data Retention 144 Data Spillage 144 Handling Files Classified as Confidential 144 Data Migration 144 End of Life for Classified Virtual Machines 145 On Customer’s Demand 145 Seven Steps to Creating a Data Sanitization Process 145 Step 1: Prioritize and Scope 146 Step 2: Orient 146 Step 3: Create a Current Profile 146 Step 4: Conduct a Risk Assessment 147 Step 5: Create a Target Profile 147 Step 6: Determine, Analyze, and Prioritize Gaps 147 Step 7: Implement Action Plan 147 Data Sanitization Defined 147 Physical Destruction 148 Degaussing 148 Pros and Cons of Physical Destruction 148 Cryptographic Erasure (Crypto- Erase) 148 Pros and Cons of Cryptographic Erasure 149 Data Erasure 149 Pros and Cons of Data Erasure 150 Equipment Details 150 Asset Lifecycle Procedures 151 Suggested Process, In Short 152 Create Contract Language for Third Parties 152 Data Erasure Procedures 152 Responsibility 152 Validation of Data Erasure Software and Equipment 153 Personal Computers 153 Servers and Server Storage Systems 154 Photocopiers, Network Printers, and Fax Machines 154 Mobile Phones, Smartphones, and Tablets 154 Point- of- Sale Equipment 155 Virtual Machines 155 Removable Solid- State Memory Devices (USB Flash Drives, SD Cards) 155 CDs, DVDs, and Optical Discs 155 Backup Tape 155 General Requirements for Full Implementation 155 Procedure for Partners and Suppliers 155 Audit Trail Requirement 156 Policy Ownership 156 Mandatory Revisions 156 Roles and Responsibilities 157CEO 157Board of Directors 157 Index 159
£16.14
John Wiley & Sons Inc Cybersecurity For Dummies
Book SynopsisTable of ContentsIntroduction 1 Part 1: Getting Started with Cybersecurity 5 Chapter 1: What Exactly Is Cybersecurity? 7 Chapter 2: Getting to Know Common Cyberattacks 23 Chapter 3: The Bad Guys You Must Defend Against 49 Part 2: Improving Your Own Personal Security 69 Chapter 4: Evaluating Your Current Cybersecurity Posture 71 Chapter 5: Enhancing Physical Security 93 Chapter 6: Cybersecurity Considerations When Working from Home 105 Part 3: Protecting Yourself from Yourself 115 Chapter 7: Securing Your Accounts 117 Chapter 8: Passwords 135 Chapter 9: Preventing Social Engineering Attacks 151 Part 4: Cybersecurity for Businesses, Organizations, and Government 173 Chapter 10: Securing Your Small Business 175 Chapter 11: Cybersecurity and Big Businesses 201 Part 5: Handling a Security Incident (This Is a When, Not an If) 217 Chapter 12: Identifying a Security Breach 219 Chapter 13: Recovering from a Security Breach 239 Part 6: Backing Up and Recovery 259 Chapter 14: Backing Up 261 Chapter 15: Resetting Your Device 289 Chapter 16: Restoring from Backups 299 Part 7: Looking toward the Future 321 Chapter 17: Pursuing a Cybersecurity Career 323 Chapter 18: Emerging Technologies Bring New Threats 337 Part 8: The Part of Tens 351 Chapter 19: Ten Ways to Improve Your Cybersecurity without Spending a Fortune 353 Chapter 20: Ten (or So) Lessons from Major Cybersecurity Breaches 359 Chapter 21: Ten Ways to Safely Use Public Wi-Fi 367 Index 371 ntroduction 1 Part 1: Getting Started with Cybersecurity 5 Chapter 1: What Exactly Is Cybersecurity? 7 Chapter 2: Getting to Know Common Cyberattacks 23 Chapter 3: The Bad Guys You Must Defend Against 49 Part 2: Improving Your Own Personal Security 69 Chapter 4: Evaluating Your Current Cybersecurity Posture 71 Chapter 5: Enhancing Physical Security 93 Chapter 6: Cybersecurity Considerations When Working from Home 105 Part 3: Protecting Yourself from Yourself 115 Chapter 7: Securing Your Accounts 117 Chapter 8: Passwords 135 Chapter 9: Preventing Social Engineering Attacks 151 Part 4: Cybersecurity for Businesses, Organizations, and Government 173 Chapter 10: Securing Your Small Business 175 Chapter 11: Cybersecurity and Big Businesses 201 Part 5: Handling a Security Incident (This Is a When, Not an If) 217 Chapter 12: Identifying a Security Breach 219 Chapter 13: Recovering from a Security Breach 239 Part 6: Backing Up and Recovery 259 Chapter 14: Backing Up 261 Chapter 15: Resetting Your Device 289 Chapter 16: Restoring from Backups 299 Part 7: Looking toward the Future 321 Chapter 17: Pursuing a Cybersecurity Career 323 Chapter 18: Emerging Technologies Bring New Threats 337 Part 8: The Part of Tens 351 Chapter 19: Ten Ways to Improve Your Cybersecurity without Spending a Fortune 353 Chapter 20: Ten (or So) Lessons from Major Cybersecurity Breaches 359 Chapter 21: Ten Ways to Safely Use Public Wi-Fi 367 Index 371 ntroduction 1 Part 1: Getting Started with Cybersecurity 5 Chapter 1: What Exactly Is Cybersecurity? 7 Chapter 2: Getting to Know Common Cyberattacks 23 Chapter 3: The Bad Guys You Must Defend Against 49 Part 2: Improving Your Own Personal Security 69 Chapter 4: Evaluating Your Current Cybersecurity Posture 71 Chapter 5: Enhancing Physical Security 93 Chapter 6: Cybersecurity Considerations When Working from Home 105 Part 3: Protecting Yourself from Yourself 115 Chapter 7: Securing Your Accounts 117 Chapter 8: Passwords 135 Chapter 9: Preventing Social Engineering Attacks 151 Part 4: Cybersecurity for Businesses, Organizations, and Government 173 Chapter 10: Securing Your Small Business 175 Chapter 11: Cybersecurity and Big Businesses 201 Part 5: Handling a Security Incident (This Is a When, Not an If) 217 Chapter 12: Identifying a Security Breach 219 Chapter 13: Recovering from a Security Breach 239 Part 6: Backing Up and Recovery 259 Chapter 14: Backing Up 261 Chapter 15: Resetting Your Device 289 Chapter 16: Restoring from Backups 299 Part 7: Looking toward the Future 321 Chapter 17: Pursuing a Cybersecurity Career 323 Chapter 18: Emerging Technologies Bring New Threats 337 Part 8: The Part of Tens 351 Chapter 19: Ten Ways to Improve Your Cybersecurity without Spending a Fortune 353 Chapter 20: Ten (or So) Lessons from Major Cybersecurity Breaches 359 Chapter 21: Ten Ways to Safely Use Public Wi-Fi 367 Index 371
£23.74
Taylor & Francis Ltd Human Dimensions of Cybersecurity
Book SynopsisIn Human Dimensions of Cyber Security, Terry Bossomaier, Steven D'Alessandro, and Roger Bradbury have produced a book that shows how it is indeed possible to achieve what we all need; a multidisciplinary, rigorously researched and argued, and above all accessible account of cybersecurity what it is, why it matters, and how to do it.--Professor Paul Cornish, Visiting Professor, LSE IDEAS, London School of EconomicsHuman Dimensions of Cybersecurity explores social science influences on cybersecurity. It demonstrates how social science perspectives can enable the ability to see many hazards in cybersecurity. It emphasizes the need for a multidisciplinary approach, as cybersecurity has become a fundamental issue of risk management for individuals, at work, and with government and nation states. This book explains the issues of cybersecurity with rigor, but also in simple language, so individuals can see how they can address these issuesTable of ContentsForewordPrefaceGlossaryList of Cyber NuggetsAuthors1 Introduction2 Case Studies3 Networks and Norms4 Consumer Choice5 Risk Perspectives in Cybersecurity6 Government Policy and Statecraft in Cybersecurity7 Technical Perspectives8 The FutureReferencesIndex
£56.99
Kogan Page How to Use Customer Data
Book SynopsisSachiko Scheuing is an award-winning privacy professional based in Frankfurt, Germany. She serves on the Europe Middle East and Africa senior leadership team of Acxiom, part of Interpublic Group (IPG), as European Privacy Officer. She also currently serves as the Co-Chairwoman of the Federation of European Data and Marketing (FEDMA). In 2020, she was awarded the DataIQ Professor Derek Holder Lifetime Achievement Award for her contribution to the data protection and advertising industries. In 2024, she was named by Women in Data as one of the 20 most influential women in data and tech.
£33.24
Kogan Page How to Use Customer Data
Book SynopsisSachiko Scheuing is an award-winning privacy professional based in Frankfurt, Germany. She serves on the Europe Middle East and Africa senior leadership team of Acxiom, part of Interpublic Group (IPG), as European Privacy Officer. She also currently serves as the Co-Chairwoman of the Federation of European Data and Marketing (FEDMA). In 2020, she was awarded the DataIQ Professor Derek Holder Lifetime Achievement Award for her contribution to the data protection and advertising industries. In 2024, she was named by Women in Data as one of the 20 most influential women in data and tech.
£105.30
Johns Hopkins University Press Viral BS
Book SynopsisDissecting the biggest medical myths and pseudoscience, Viral BS explores how misinformation can spread faster than microbes. Can your zip code predict when you will die? Should you space out childhood vaccines? Does talcum powder cause cancer? Why do some doctors recommend e-cigarettes while other doctors recommend you stay away from them? Health informationand misinformationis all around us, and it can be hard to separate the two. A long history of unethical medical experiments and medical mistakes, along with a host of celebrities spewing anti-science beliefs, has left many wary of science and the scientists who say they should be trusted. How do we stay sane while unraveling the knots of fact and fiction to find out what we should really be concerned about, and what we can laugh off? In Viral BS, journalist, doctor, professor, and CDC-trained disease detective Seema Yasmin, driven by a need to set the record straight, dissects some of the most widely circulating medical myths andTrade Review[Yasmin] analyzes the pseudoscience that becomes hard to shake and reviews related research that presents the truth. The antidote is easy to swallow, thanks to Yasmin's approach.—Science NewsTable of ContentsIntroduction1. Do the flat tummy detox teas touted by Instagram celebrities actually work?2. Should you eat your baby's placenta?3. Do vaccines cause autism?4. Can autism be cured?5. Are children being paralyzed by the common cold virus?6. Do we inherit trauma from our parents?7. Are genetically modified foods safe?8. How long can you eat leftovers?9. Is MSG addictive?10. Is drinking diet soda linked to Alzheimer's disease and stroke?11. Do mammograms cause more problems than they detect?12. Is it dangerous to be pregnant in America?13. The raging statin debate: Should you take a cholesterol-lowering drug?14. Does aspirin prevent cancer?15. Did the maker of aspirin test medicines in Nazi concentration camps?16. Does the birth control pill cause depression?17. Do vitamin D supplements protect against obesity, cancer, and pneumonia?18. Will fish oil supplements prevent heart disease or give you cancer?19. Are heartburn medicines linked to a serious gut infection?20. Were dietary supplements linked to a deadly outbreak of hepatitis?21. Can gay and bisexual men donate blood?22. Are e-cigarettes helpful or harmful?23. Is marijuana a performance-enhancing drug for athletes?24. Did a morning sickness pill for pregnant women cause birth defects in thousands of babies?25. Is there lead in your lipstick?26. Why do immigrants in America live longer than American-born people?27. Has the US government banned research about gun violence?28. The Frackademia Scandal: Did oil and gas companies pay academics to say fracking was safe?29. Does playing American football give players brain damage?30. Did the US government infect people with syphilis and gonorrhea?31. Does talcum powder cause ovarian cancer?32. Does infection with Ebola cause lifelong symptoms?33. Are older adults at higher risk of contracting sexually transmitted infections?34. Did genetically modified mosquitoes spread Zika, and does the virus cause birth defects?35. Can your cat's poop make you better at business?36. Is suicide contagious?37. Are suicide rates linked to the economy?38. Are there more suicides during the holiday season?39. Are you more likely to die from a medical mistake than from a car crash?40. Is it dangerous to go to the hospital in July?41. Do patients cared for by female doctors live longer?42. Can a pill make racists less racist?43. Are airplane condensation trails, aka chemtrails, bad for your health?44. Do bad teeth cause heart disease?45. Can your zip code predict when you will die?46. Does debunking a myth help it spread?Dr. Yasmin's Bullshit Detection KitAcknowledgmentsAbout the AuthorIndex
£18.45
Rowman & Littlefield Publishers Privacy in the Age of Big Data
Book SynopsisTrade ReviewFormer White House Chief Information Officer Payton and lawyer Claypoole, authors of Protecting Your Internet Identity, team up again to produce this quick and easy overview of data collection and its relevance in our everyday lives. The authors guide readers through the many ways our personal information is collected and used in today’s society. They are quick to point out the beneficial aspects of technological advancements in commercial, private, and government settings. However, any collection of personal data is susceptible to malicious use. The authors go on to elaborate on the everyday possibilities of hacking, wiretapping, and other big data strategies by marketers and cybercriminals. Most alarming are the implications of data mining for everyday citizens: cybercriminals can and will steal any information, through government or commercial enterprises. Payton and Claypoole provide practical tips and tools for protecting personal data throughout making this a perfect beginner’s guide for anyone looking to stay informed. * Publishers Weekly *[Data] tracking can always be used by nefarious individuals or groups, but it is part of the way we live now. It is as though highways were also fraught with piracy. That’s the kind of thing we’re dealing with. This is the discussion of the era, and this book is smack in the middle of it. * Jon Stewart, The Daily Show *Payton and Claypoole intend this book as an overview of the threats facing private citizens in the era of cloud computing and big data. Discussions of privacy in this time take as their departure point the problematic nature of cloud-based computing and of the storage of massive amounts of personal data by businesses, governments, and devices connected to the cloud. The threats reviewed include those associated with mobile access and tracking individuals’ locations, Internet viewing, and the ubiquity of cameras as peripherals on devices. The final section details mitigating risks to individual privacy and reviews legislative efforts that could help. VERDICT Well-researched and well-written, this timely and important addition to the literature on privacy and big data will resonate with researchers of information policy and related legislation. * Library Journal *I think people out there don’t realize there’s this whole underground economy out there, knives and daggers, people out there trying to get any piece of your data at any cost and at the end of the day we’re the ones who will pay the price. . . This is great advice. * The Willis Report, Fox Business *Privacy in the Age of Big Data is a valuable source of information, no matter how much you know about cybersecurity; for those who are just starting to protect their data, however, you won’t want to let this book out of your sight. * datascience@berkeley Blog, Berkeley School of Information *Privacy in the Age of Big Data is a timely publication and one that should find a wide readership in a digital and online landscape that is often only partially understood. As archivists, managing digital data and navigating the cyber world is increasingly important, and this is also true of our social lives. When at work there is a level of protection, or perhaps control, by our employers’ infrastructure: IT services manage and monitor our email and intranet, passwords must be regularly changed or account access will be suspended, security scanning is undertaken as a matter of course, and born-digital material, both published and unpublished, is treated with all the complex care and attention warranted by such vulnerable items. At home the picture might be somewhat different. Reading this book has compelled a change in this reviewer’s digital habits at home and at work, providing the impetus to take charge of my digital and online life. Further, it has opened up my understanding of the digital landscape, providing insights and prompting research into new areas that can only be of service in my role as an archivist. In a cyber world as complex as the one here described, a prompt to attend to the many connected issues both in and out of the archival world is a valuable outcome. This book serves to accentuate the problems and pitfalls of data management in a digital world, whether that data is found in our bodies, homes or in the archive. It provides a thoughtful and readable consideration of the complex interaction of the digital and physical spheres, highlighting the many dangers but always providing practical means to increase understanding, develop useful strategies, and mitigate potential risks. * Archives and Records: The Journal of the Archives and Records Association *Privacy in the Age of Big Data: Recognizing Threats, Defending Your Rights, and Protecting Your Family provides a powerful reference focusing on privacy in the digital world, and is a fine pick for any who would consider the ramifications of how data is collected, stored and used. Current practices have created a level of data collection and surveillance never before used: while some of these methods are justified by protection and new services, others intrude on civil liberties. This book considers the pros and cons of new digital surveillance systems and analyzes the dangers of information tracking, offering readers insights into ways we are tracked, and how to change behaviors and activities to regain more privacy. It's an in-depth discussion that should be a part of any social issues or computer science library, offering much food for thought. * Midwest Book Review *The Pew Internet Research Center noted that 74% of teens use their cell phone for internet access and almost 25% of teens use cell phones almost exclusively to conduct their digital life on the internet. Parents and kids need a guide in the digital age and Payton and Claypoole are your new sherpas to protect your family. Although every chapter of the book has great advice for families, parents and kids should pay special attention to Chapter 6 - The Spy In Your Pocket. This chapter will help parents illustrate to their kids why their words and actions matter. Privacy in the Age of Big Data by Theresa Payton and Ted Claypoole will walk you through the solutions that can help your kids have fun while protecting their privacy and security. A must read for everyone! -- Sue Scheff, Nationally Recognized Author of Wit's End; Family Internet Safety AdvocatePeople of all ages are increasingly confused about who is collecting their data and why the collection itself could lead to a loss of privacy. Privacy in the age of Big Data by Theresa Payton and Ted Claypoole provides a thoughtful and balanced view on how to harness the power of big data to make it work for you while maintaining the security and privacy of your company and your personal life. Unlike other books, they don't just leave you feeling a sense of dread, they walk you through the steps you can take to combat the threats, know your rights, and protect the privacy and security of your loved ones in the age of big data and surveillance. This book is a must read for all of us that live in this digital age. -- Michele Borba, Ed.D., Child Media Expert, Educational Psychologist, and author of The Big Book of Parenting SolutionsIf you value your privacy, this book is an absolute must read. So many of us have no idea how much of our daily lives is captured, stored and in the possession of someone else. Privacy in Age of Big Data will enlighten you as to how much of your private life is being digitally acquired without your permission or knowledge. -- Doris Gardner, FBI Cyber Supervisor (Retired), recipient of FBI Director’s Award (2009)Once again, Theresa Payton and Ted Claypoole have provided a thorough examination of the unforeseen consequences that our plunge into the digital age has had on our traditional notions of privacy. Their latest endeavor, Privacy in the Age of Big Data, clearly articulates the impact that a myriad of seemingly innocuous technological advances have had on our daily lives, many of which have irreparably undermined our ability to control the deluge of personal information that is being collected, archived, analyzed, and ultimately leveraged for everything from marketing and advertizing to law enforcement and criminal activities. Payton and Claypoole look beyond the obvious ramifications of over-sharing online and the spread of surveillance mechanisms in the public domain, further delving into the corrosive nature of a world inundated with privacy depriving technologies that now touch every aspect of our society, as well as providing an analysis of the legal and political consequences that our desire for convenience through ever more connectivity has wrought. Privacy in the Age of Big Data is a timely and captivating study of our brave new digital world. -- Anthony M. Freed, security journalist and community engagement coordinator for Tripwire, Inc.Privacy in the Age of Big Data: Recognizing Threats, Defending Your Rights, and Protecting Your Family, accomplishes this feat in lay person's language and in a clear and concise manner. I recommend it should be read by everyone - from grandparents to teens, from corporate America to the homemaker. Safety and security starts with being aware and educated, and reading this book is a must! -- Christopher Duque, CyberCrimes Investigator, Department of Prosecuting Attorney (Honolulu); CyberSafety-CyberSecuirty advocateTechnology has improved our lives dramatically over the past two decades, yet there are emerging concerns with the ubiquitous digital collection of private information. Privacy in the Age of Big Data is a thorough look into the growing vulnerabilities we face; Payton and Claypoole explore all aspects of these dangers...effectively raising the reader's awareness, and providing solid recommendations to protect yourself and your most sensitive information. -- Shawn Henry, president, CrowdStrike Services; former executive assistant director, FBIEvery informed American needs to know more about today's privacy-invading technologies and what to do about them. This book explains the problems in a readable and lively way. It provides expert and timely insights about the technology, law, and policy for privacy in this age of Big Data. -- Peter Swire, Huang Professor, Georgia Institute of Technology and formerly Chief Counselor for Privacy in the U.S. governmentTable of ContentsIntroduction Chapter 1. The Intersection of Privacy, Law, and Technology Tech Section I. Ground Zero: Your Computer and the Internet Chapter 2. Your Computer is Watching You Chapter 3. How Government Follows Your Electronic Tracks Chapter 4. Chased Online by Criminals and Snoops Chapter 5. Just Hanging Our Online . . . Chapter 6. The Spy in Your Pocket Tech Section II. Risks in the Streets Chapter 7. Cameras Everywhere Chapter 8. When Your Car is Just Another Computer Chapter 9. When Your Own Body Gives You Away Chapter 10. DNA and Your Health Records Tech Section III. Home is Where the Heart (of Surveillance) Is Chapter 11. Home Sweet Home: Spies in Your Living Room Chapter 12. Risks of Computer and Phone Networks Tech Section IV. Where Do We Go From Here? Chapter 13. The Future of Technology and Privacy Chapter 14. Laws and Regulations That Could Help Preserve Privacy
£13.49
Rowman & Littlefield Cybersecurity and Human Rights in the Age of
Book SynopsisCybersecurity and Human Rights in the Age of Cyberveillance is a collection of articles by distinguished authors from the US and Europe and presents a contemporary perspectives on the limits online of human rights. By considering the latest political events and case law, including the NSA PRISM surveillance program controversy, the planned EU data protection amendments, and the latest European Court of Human Rights jurisprudence, it provides an analysis of the ongoing legal discourse on global cyberveillance.Using examples from contemporary state practice, including content filtering and Internet shutdowns during the Arab Spring as well as the PRISM controversy, the authors identify limits of state and third party interference with individual human rights of Internet users. Analysis is based on existing human rights standards, as enshrined within international law including the Universal Declaration of Human Rights, International Covenant on Civil and Political Rights, European ConventTrade ReviewThis book focuses on privacy and civil liberties that are at risk if governments are not reined in by international law standards enshrined in treaties and national laws. The tension between privacy and security comes to a head in cyberwar, as there is currently an inadequate legal framework for privacy and civil liberties in international cyberlaw. There are pressing issues of internet governance, international trade, human rights, and a multistakeholder political process that encroach on international cyberwarfare. With analysis of cases from the International Court of Justice, this book looks for answers in traditional international warfare laws that could be applied in cyberwarfare scenarios. While cyberwarfare may not reach the ‘armed attack’ threshold of most international warfare laws and treaties, the lessons learned from the international court cases regarding physical war can shape the future of cyberwarfare laws. The chapters are written as scholarly legal journal articles and define the terms used throughout, based on current international laws and actions. The volume's nine readable chapters are heavily cited with endnotes for each chapter, as well as a complete 26-page bibliography at the end of the book. Summing Up: Recommended. Upper-division undergraduates through professionals/practitioners. * CHOICE *Table of ContentsForeword Preface Acknowledgments Chapter 1: Defining Cybersecurity –Critical Infrastructure and Public-Private Partnerships Joanna Kulesza Chapter 2: Cybersecurity and State Responsibility: Identifying a Due Diligence Standard for Prevention of Transboundary Threats Dimitrios Delibasis Chapter 3: In Harm's Way: Harmonizing Security and Human Rights in the Internet Age Roy Balleste Chapter 4: Privacy vs. Security – Identifying the Challenges in a Global Information Society Rolf H. Weber and Dominic N. Staiger Chapter 5: Freedom of Expression, Human Rights Standardsand Private Online Censorship Monica Horten Chapter 6: (Global) Internet Governance and its Discontents M. I. Franklin Chapter 7: Walled Gardens or a Global Network? Tensions, (De-)centralizations and Pluralities of the Internet Model Francesca Musiani Chapter 8: National Security and US Constitutional Rights: The Road to Snowden Richard B. Andres Chapter 9: Attribution Policy in Cyber War Kalliopi Chainoglou Bibliography About the Editors and Contributors
£81.00
Rowman & Littlefield Protecting Your Internet Identity
Book SynopsisPeople research everything online shopping, school, jobs, travel and other people. Your online persona is your new front door. It is likely the first thing that new friends and colleagues learn about you. In the years since this book was first published, the Internet profile and reputation have grown more important in the vital human activities of work, school and relationships. This updated edition explores the various ways that people may use your Internet identity, including the ways bad guys can bully, stalk or steal from you aided by the information they find about you online. The authors look into the Edward Snowden revelations and the government's voracious appetite for personal data. A new chapter on the right to be forgotten explores the origins and current effects of this new legal concept, and shows how the new right could affect us all. Timely information helping to protect your children on the Internet and guarding your business's online reputation has also been added. TTrade ReviewFrom protecting your child’s identity starting on day zero—to learning how to dress for career success online and build your own digital resume, Protecting Your Internet Identity, updated edition is the perfect gift not only for yourself, but for just about anyone on your list this holiday season—from teens to parents to seniors and even those hard to buy for people (since everyone is online today)—they’re lessons for everyone in each chapter for protecting their digital identity and security. It’s a gift of online safety for those you care about. * The Huffington Post *With the ever evolving world of technology, the question, "Are You Naked Online?" has become rhetorical. It's absolutely necessary to take control of our digital lifestyle to reclaim our privacy and security – and thankfully Theresa Payton and Ted Claypoole are back with how the cyber-world shifted and what we can do to protect our virtual lives. From the cyber-hacks to what apps your kids should be downloading, the updated edition of Protecting Your Internet Identity is a must read for every parent and internet user. Don't get caught naked-online. Are You Naked Online? The answer is 'yes' and fortunately, there is a new book that walks you through the internet, step-by-step, and shows you how to reclaim your privacy and security while presenting a positive image. The book explains who is peeking at you online, why they look, and offers practical solutions for internet users and digital device-lovers of any age. A must-have for kids and adults alike, whether you spend an hour or hundreds of hours each month connected to the world through the internet. -- Sue Scheff, Nationally Recognized Author of Wit's End; Family Internet Safety AdvocateDo not spend another minute online until you read Protecting Your Internet Identity: Are You Naked Online? This second edition is even better than the original! The advice is wise, timely and crucial for today's plugged-in world where the lines of privacy are blurred and the wrong click could mean horrific, lifetime consequences. The section, "Don't Forget the Kids" should be required reading for every parent - no excuses - parenting must be both off and ON the net. -- Michele Borba, Ed.D., Child Media Expert, Educational Psychologist, and author of The Big Book of Parenting Solutions
£13.49
Bristol University Press Data in Society
Book SynopsisThis book analyses societal trends and controversies related to developments in data ownership, access, construction, dissemination and interpretation, looking at the ways that society interacts with and uses statistical data.Table of ContentsBook Introduction ~ Humphrey Southall, Jeff Evans and Sally Ruane; 1: How Data are Changing; Introduction ~ Humphrey Southall and Jeff Evans; Statistical work: the changing occupational landscape ~ Kevin McConway; The creation and use of big administrative data ~ Harvey Goldstein and Ruth Gilbert Data Analytics ~ Ifan Shepherd and Gary Hearne; Social Media Data ~ Adrian Tear and Humphrey Southall; 2: Counting in a Globalised world; Introduction ~ Sally Ruane and Jeff Evans; Adult Skills Surveys and Transnational Organisations: Globalising Educational Policy ~ Jeff Evans; Poverty and health care surveys in the Global South: Towards making valid estimates ~ Roy Carr-Hill; Counting the Population in Need of International Protection Globally ~ Brad Blitz, Alessio D’Angelo and Eleonore Kofman; Tax justice and the challenges of measuring illicit financial flows ~ Richard Murphy; 3: The Changing Role of the State; Introduction ~ Sally Ruane and Humphrey Southall; The control and ‘fitness for purpose’ of UK official statistics ~ David Rhind; The Statistics of Devolution ~ David Byrne; Welfare reform: national policies with local impacts ~ Christina Beatty and Steve Fothergill; Social insecurity and the changing role of the (welfare) state: Public perceptions, social attitudes and political action ~ Christopher Deeming and Ron Johnston; Access to data and NHS privatisation: reducing public accountability ~ Sally Ruane; 4: Economic Life; Introduction ~ Humphrey Southall, Sally Ruane and Jeff Evans; The ‘distribution question’: the role of statistical analysis in measuring and evaluating trends in inequality ~ Stewart Lansley; Labour market statistics ~ Paul Bivand; The financial system ~ Rebecca Boden; The difficulty of building comprehensive tax avoidance data ~ Prem Sikka; Tax and spend decisions: did austerity improve financial numeracy and literacy? ~ David Walker; 5: Inequalities in Health and Well-being; Introduction ~ Sally Ruane and Humphrey Southall; Health Divides ~ Anonymous; Measuring Social Wellbeing ~ Roy Carr-Hill; Re-engineering health policy research to measure equity impacts ~ Tim Doran and Richard Cookson; The Generation Game: Ending the phony information war between young and old ~ Jay Ginn and Neil Duncan-Jordan; 6: Advancing social progress through critical statistical literacy; Introduction ~ Jeff Evans, Humphrey Southall and Sally Ruane; The Radical Statistics Group: Using Statistics for Progressive Social Change ~ Jeff Evans and Ludi Simpson; Lyme disease politics and evidence-based policy-making in the UK ~ Kate Bloor; Counting the uncounted: contestations over casualisation data in Australian universities ~ Nour Dados, James Goodman and Keiko Yasukawa; The quantitative crisis in UK Sociology ~ Malcolm Williams, Luke Sloan and Charlotte Brookfield; Critical Statistical Literacy and Interactive Data Visualisations ~ Jim Ridgway, James Nicholson, Sinclair Sutherland and Spencer Hedger; Full Fact ~ Amy Sippitt; What a difference a dataset makes? Data journalism and/as data activism ~ Jonathan Gray and Liliana Bounegru; Book Epilogue .
£81.59
Bristol University Press Data in Society
Book SynopsisThis book analyses societal trends and controversies related to developments in data ownership, access, construction, dissemination and interpretation, looking at the ways that society interacts with and uses statistical data.Table of ContentsBook Introduction ~ Humphrey Southall, Jeff Evans and Sally Ruane; 1: How Data are Changing; Introduction ~ Humphrey Southall and Jeff Evans; Statistical work: the changing occupational landscape ~ Kevin McConway; The creation and use of big administrative data ~ Harvey Goldstein and Ruth Gilbert Data Analytics ~ Ifan Shepherd and Gary Hearne; Social Media Data ~ Adrian Tear and Humphrey Southall; 2: Counting in a Globalised world; Introduction ~ Sally Ruane and Jeff Evans; Adult Skills Surveys and Transnational Organisations: Globalising Educational Policy ~ Jeff Evans; Poverty and health care surveys in the Global South: Towards making valid estimates ~ Roy Carr-Hill; Counting the Population in Need of International Protection Globally ~ Brad Blitz, Alessio D’Angelo and Eleonore Kofman; Tax justice and the challenges of measuring illicit financial flows ~ Richard Murphy; 3: The Changing Role of the State; Introduction ~ Sally Ruane and Humphrey Southall; The control and ‘fitness for purpose’ of UK official statistics ~ David Rhind; The Statistics of Devolution ~ David Byrne; Welfare reform: national policies with local impacts ~ Christina Beatty and Steve Fothergill; Social insecurity and the changing role of the (welfare) state: Public perceptions, social attitudes and political action ~ Christopher Deeming and Ron Johnston; Access to data and NHS privatisation: reducing public accountability ~ Sally Ruane; 4: Economic Life; Introduction ~ Humphrey Southall, Sally Ruane and Jeff Evans; The ‘distribution question’: the role of statistical analysis in measuring and evaluating trends in inequality ~ Stewart Lansley; Labour market statistics ~ Paul Bivand; The financial system ~ Rebecca Boden; The difficulty of building comprehensive tax avoidance data ~ Prem Sikka; Tax and spend decisions: did austerity improve financial numeracy and literacy? ~ David Walker; 5: Inequalities in Health and Well-being; Introduction ~ Sally Ruane and Humphrey Southall; Health Divides ~ Anonymous; Measuring Social Wellbeing ~ Roy Carr-Hill; Re-engineering health policy research to measure equity impacts ~ Tim Doran and Richard Cookson; The Generation Game: Ending the phony information war between young and old ~ Jay Ginn and Neil Duncan-Jordan; 6: Advancing social progress through critical statistical literacy; Introduction ~ Jeff Evans, Humphrey Southall and Sally Ruane; The Radical Statistics Group: Using Statistics for Progressive Social Change ~ Jeff Evans and Ludi Simpson; Lyme disease politics and evidence-based policy-making in the UK ~ Kate Bloor; Counting the uncounted: contestations over casualisation data in Australian universities ~ Nour Dados, James Goodman and Keiko Yasukawa; The quantitative crisis in UK Sociology ~ Malcolm Williams, Luke Sloan and Charlotte Brookfield; Critical Statistical Literacy and Interactive Data Visualisations ~ Jim Ridgway, James Nicholson, Sinclair Sutherland and Spencer Hedger; Full Fact ~ Amy Sippitt; What a difference a dataset makes? Data journalism and/as data activism ~ Jonathan Gray and Liliana Bounegru; Book Epilogue .
£28.79
O'Reilly Media Anonymizing Health Data
Book SynopsisWith this practical book, you will learn proven methods for anonymizing health data to help your organization share meaningful datasets, without exposing patient identity. Leading experts Khaled El Emam and Luk Arbuckle walk you through a risk-based methodology, using case studies from their efforts to de-identify hundreds of datasets.
£20.99
Rowman & Littlefield Student Data Privacy
Book SynopsisProtecting the privacy of student data when bringing technology into the classroom is one of the toughest organizational challenges facing schools and districts today. Parent and legislator concerns about how school systems protect the privacy of student data are at an all-time high. School systems must navigate complex federal and state regulations, understand how technology providers collect and protect student data, explain those complexities to parents, and provide the reassurance the community needs that the student information will remain safe. Student Data Privacy: Building a School Compliance Program provides solutions for all of these challenges and more. It is a step-by-step journey through the process of building the policies and practices to protect student data, and shifting the organizational culture to prioritize privacy while still taking advantage of the tremendous benefits that technology has to offer in the modern classroom.Trade ReviewLinnette has created nothing short of a field manual for privacy in the education realm. She has succeeded so well because she: understands how schools operate; intuitively grasps the key elements of applicable privacy laws; and has, herself, implemented successful compliance programs in the education and ed-tech sectors. In this book, she takes all of her years of experience, and creates a user-friendly guide that is destined to be the definitive work on the topic. -- Chris Cwalina, co-chair of Holland & Knight’s Cybersecurity & Privacy TeamAs one of the foremost experts on student data privacy, Linnette provides invaluable insights into the thoughtful design and management of a best-practices data governance program. This common-sense, easy-to-follow guide will serve the broader educational community for years to come, scaling with changes in learning, technology, and the legal landscape. -- Doug Casey, Executive Director, Connecticut Commission for Educational TechnologyPrivacy concerns around student data are the ‘new normal’ in education. As Linnette Attai comprehensively lays out, mere compliance is insufficient to build trust. This is a foundational, must-read book that helps educators understand how to get started with concrete actions that build trust with parents and policymakers. -- Keith Krueger, CEO, Consortium for School Networking (CoSN)Student Data Privacy: Building a School Compliance Program defines data privacy and clearly explains how to embrace it. This comprehensive playbook that will enable administrators to better understand their current environment as it pertains to data protection and provide a roadmap to ensure compliance. -- Jim Pulliam, Chief Information Officer, Orange County Public SchoolsLinnette Attai makes the complications of FERPA and COPPA easy to understand for anyone who needs to understand how to keep student data private and safe. -- Jules Polonetsky, CEO, Future of Privacy ForumTable of ContentsEpigraph Dedication Introduction Chapter 1: What is Data Privacy Compliance? Chapter 2: How Did We Get Here? Chapter 3: Why Build a Data Privacy Compliance Program? Chapter 4: What Does it Take? Chapter 5: The Role of Leadership Chapter 6: Start Where You Are Chapter 7: Preparing for a Data Privacy Impact Assessment Chapter 8: Privacy Impact Assessment Chapter 9: Security Chapter 10: Disclosure, Deletion and Deidentification Chapter 11: Inventories and Making Maps Chapter 12: Gaps and Mitigation Chapter 13: Policy Development Chapter 14: Working with Technology Providers Chapter 15: Training Chapter 16: Audit Chapter 17: Parent Rights Chapter 18: Communications Chapter 19: Building Your External Support Team Conclusion About the Author Endnotes
£47.70
Rowman & Littlefield Student Data Privacy
Book SynopsisProtecting the privacy of student data when bringing technology into the classroom is one of the toughest organizational challenges facing schools and districts today. Parent and legislator concerns about how school systems protect the privacy of student data are at an all-time high. School systems must navigate complex federal and state regulations, understand how technology providers collect and protect student data, explain those complexities to parents, and provide the reassurance the community needs that the student information will remain safe. Student Data Privacy: Building a School Compliance Program provides solutions for all of these challenges and more. It is a step-by-step journey through the process of building the policies and practices to protect student data, and shifting the organizational culture to prioritize privacy while still taking advantage of the tremendous benefits that technology has to offer in the modern classroom.Trade ReviewLinnette has created nothing short of a field manual for privacy in the education realm. She has succeeded so well because she: understands how schools operate; intuitively grasps the key elements of applicable privacy laws; and has, herself, implemented successful compliance programs in the education and ed-tech sectors. In this book, she takes all of her years of experience, and creates a user-friendly guide that is destined to be the definitive work on the topic. -- Chris Cwalina, co-chair of Holland & Knight’s Cybersecurity & Privacy TeamAs one of the foremost experts on student data privacy, Linnette provides invaluable insights into the thoughtful design and management of a best-practices data governance program. This common-sense, easy-to-follow guide will serve the broader educational community for years to come, scaling with changes in learning, technology, and the legal landscape. -- Doug Casey, Executive Director, Connecticut Commission for Educational TechnologyPrivacy concerns around student data are the ‘new normal’ in education. As Linnette Attai comprehensively lays out, mere compliance is insufficient to build trust. This is a foundational, must-read book that helps educators understand how to get started with concrete actions that build trust with parents and policymakers. -- Keith Krueger, CEO, Consortium for School Networking (CoSN)Student Data Privacy: Building a School Compliance Program defines data privacy and clearly explains how to embrace it. This comprehensive playbook that will enable administrators to better understand their current environment as it pertains to data protection and provide a roadmap to ensure compliance. -- Jim Pulliam, Chief Information Officer, Orange County Public SchoolsLinnette Attai makes the complications of FERPA and COPPA easy to understand for anyone who needs to understand how to keep student data private and safe. -- Jules Polonetsky, CEO, Future of Privacy ForumTable of ContentsEpigraph Dedication Introduction Chapter 1: What is Data Privacy Compliance? Chapter 2: How Did We Get Here? Chapter 3: Why Build a Data Privacy Compliance Program? Chapter 4: What Does it Take? Chapter 5: The Role of Leadership Chapter 6: Start Where You Are Chapter 7: Preparing for a Data Privacy Impact Assessment Chapter 8: Privacy Impact Assessment Chapter 9: Security Chapter 10: Disclosure, Deletion and Deidentification Chapter 11: Inventories and Making Maps Chapter 12: Gaps and Mitigation Chapter 13: Policy Development Chapter 14: Working with Technology Providers Chapter 15: Training Chapter 16: Audit Chapter 17: Parent Rights Chapter 18: Communications Chapter 19: Building Your External Support Team Conclusion About the Author Endnotes
£27.00
Rowman & Littlefield Online Predators an Internet Insurgency
Book SynopsisIn Online Predators, An Internet Insurgency: A Field Manual for Teaching and Parenting in the Digital Arena Jeffrey A. Lee brings his ten plus years' experience in the fight against online child exploitation to bear in an easy to follow guide for all with a stake in the life of a child. This book equips parents, guardians, extended family, and educational professionals with practical strategies to help keep kids safe in a technology connected world. Instead of focusing on ever changing technology, Lee proposes a key fundamental change in the fight against online predationto develop an insatiable curiosity about their child's online life, then get in the front lines and stay there.Table of ContentsTable of ContentsForeword by Eric DevlinPrefaceIntroduction: Technology and the Role of the Stakeholder in a Child’s LifeChapter 1. Information as a Weaponized CommodityChapter 2. Freedoms of the InternetChapter 3. The Home is Not a Democracy, and School Safety SearchesChapter 4. Truth and Efficiency on the InternetChapter 5. Nothing is Better Than the TruthChapter 6. Hamsters are Rats, and Devices Are Hamsters but Still RatsChapter 7. Methodology of the Child PredatorChapter 8. Pictures Are PricelessChapter 9. Basic Types of Child Abuse Images and Other Usages of Sexual ImagesChapter 10. Instant PhotographyChapter 11. Is There a Plan?Chapter 12. Which Device Should I Buy?Chapter 13. What to Expect From Law EnforcementChapter 14. The Backspace/Delete Key and Self EditingChapter 15. Educate the ChildChapter 16. Human Trafficking and Social Media: A Case StudyChapter 17. A Month in the Life of an Exploitation InvestigatorChapter 18. It’s Not All BadAbout the Author
£27.00
Rowman & Littlefield Publishers Online Predators an Internet Insurgency
Book SynopsisThe key to preventing online child predation is Stakeholder Involvement. Parents and guardians need to place themselves in the forefront of their kids’ minds when it comes to their devices. Educational professionals need to use their unique positions to educate their students and detect online predation and problems in their schools.Trade ReviewOnline Predators: an Internet Insurgency is a must read--as a parent, educator, or caregiver. As a former Commander for the Task Force responsible for investigating these crimes, I relied on Jeff Lee tremendously and can assure you that he is one of the best at what he does. -- Luis Menendez, former task force commanderMany kids are exposed to cyberbullying, identity theft, sexting, and threats, making them vulnerable to child predators pretending to be friends. In Online Predators, an Internet Insurgency, Jeffrey A. Lee teaches steps that don’t require advanced (or even any) technical knowledge. -- Abraham Valle, former task force investigatorAuthor Jeff Lee communicates his vast knowledge and experience to help you better protect your children from the tragedies of online sexual predators. Read this accessible book, implement the common-sense steps, and know that you've done what you should be doing as a parent, grandparent, or mentor of youth. Don't waste a minute. -- Sarah Cortez, author, “Tired, Hungry, Standing in One Spot for Twelve Hours: Essential Cop Essays”Table of ContentsTable of ContentsForeword by Eric DevlinPrefaceIntroduction: Technology and the Role of the Stakeholder in a Child’s LifeChapter 1. Information as a Weaponized CommodityChapter 2. Freedoms of the InternetChapter 3. The Home is Not a Democracy, and School Safety SearchesChapter 4. Truth and Efficiency on the InternetChapter 5. Nothing is Better Than the TruthChapter 6. Hamsters are Rats, and Devices Are Hamsters but Still RatsChapter 7. Methodology of the Child PredatorChapter 8. Pictures Are PricelessChapter 9. Basic Types of Child Abuse Images and Other Usages of Sexual ImagesChapter 10. Instant PhotographyChapter 11. Is There a Plan?Chapter 12. Which Device Should I Buy?Chapter 13. What to Expect From Law EnforcementChapter 14. The Backspace/Delete Key and Self EditingChapter 15. Educate the ChildChapter 16. Human Trafficking and Social Media: A Case StudyChapter 17. A Month in the Life of an Exploitation InvestigatorChapter 18. It’s Not All BadAbout the Author
£18.04
Rowman & Littlefield Parenting for the Digital Generation
Book SynopsisParenting for the Digital Generationprovides a practical handbook for parents, grandparents, teachers, and counselors who want to understand both the opportunities and the threats that exist for the generation of digital natives who are more familiar with a smartphone than they are with a paper book. This book provides straightforward, jargon-free information regarding the online environment and the experience in which children and young adults engage both inside and outside the classroom.The digital environment creates many challenges, some of which are largely the same as parents faced before the Internet, but others which are entirely new. Many children struggle to connect, and they underperform in the absence of the social and emotional support of a healthy learning environment. Parents must also help their children navigate a complex and occasionally dangerous online world. This book provides a step-by-step guide for parents seeking to raiseTable of ContentsPrefaceIntroduction1. Creating a Healthy Digital Family2. Managing Online Engagement3. Information and Digital Literacy4. Online Education Fundamentals5. How to be an Engaged Parent in Online and Blended Education6. Equity and Equality for Online and Blended Education7. Beyond High School – the Professional Online Presence8. Copyright, Creativity, and the Teen Artist9. Mature and Explicit Content10. Cyberstalking and Online Harassment11. Radicalization12. The Dark Web13. My Child the Hacker14. Everyday Safety Online: Safe Shopping, Consumer Privacy, and Government’s Rights to Search15. Protecting against Identity Theft and Fraud: A Nontechnical Introduction to Cybersecurity for the FamilyConclusion: Building Balance Online and OfflineAppendicesList of AcronymsBibliographyAbout the Author
£27.00
Rowman & Littlefield Online Predators An Internet Insurgency
Book SynopsisIn Online Predators: An Internet Insurgency, Jeffrey A. Lee brings his ten plus years' experience in the fight against online child exploitation to bear in an easy to follow guide for all with a stake in the life of a child. This book equips parents, guardians, extended family, educational professionals with practical strategies to help keep kids safe in a technology connected world. Instead of focusing on ever changing technology, Lee proposes a key fundamental change in the fight against online predationdevelop an insatiable curiosity about their child's online life, then get in the front lines and stay there.Table of ContentsDedicationForeword by Eric Devlin, expert in digital forensics and child exploitation PrefaceIntroduction: Technology and the Role of the Stakeholder In a Child’s Life, To Share or Not to Share Isn’t the QuestionChapter 1: Information as a Weaponized CommodityChapter 2: Freedoms of the InternetChapter 3: The Home is Not a Democracy, and School Safety SearchesChapter 4: Truth and Efficiency on the InternetChapter 5: Nothing is Better Than the TruthChapter 6: Hamsters are Rats, and Devices Are Hamsters But Still RatsChapter 7: Pickup that DeviceChapter 8: Methodology of the Child PredatorChapter 9: Gifts as a Means to an EndChapter 10: Pictures are PricelessChapter 11: Basic Types of Child Abuse Images and Other Usages of Sexual ImagesChapter 12: Romance and Hookup ScamsChapter 13: Instant PhotographyChapter 14: Is There a Plan?Chapter 15: Which Device Should I Buy?Chapter 16: What to Expect From Law EnforcementChapter 17: Post Victimization RecoveryChapter 18: The Backspace/Delete Key and Self EditingChapter 19: Educate the ChildChapter 20: Human Trafficking and Social Media: A Case StudyChapter 21: A Month in the Life of a Child Exploitation InvestigatorChapter 22: Do Not Suffer AloneChapter 23: It’s Not All BadAbout the Author
£27.00
New York University Press The Identity Trade
Book SynopsisThe successes and failures of an industry that claims to protect and promote our online identitiesWhat does privacy mean in the digital era? As technology increasingly blurs the boundary between public and private, questions about who controls our data become harder and harder to answer. Our every web view, click, and online purchase can be sold to anyone to store and use as they wish. At the same time, our online reputation has become an important part of our identitya form of cultural currency.The Identity Trade examines the relationship between online visibility and privacy, and the politics of identity and self-presentation in the digital age. In doing so, Nora Draper looks at the revealing two-decade history of efforts by the consumer privacy industry to give individuals control over their digital image through the sale of privacy protection and reputation management as a service.Through in-depth interviews with industry experts, as well as analyTrade ReviewFeaturing interviews with such industry figures as Fred Davis, founder of the identity management company Lumeria, and Josh Galper, general counsel for the online data vault provider Personal, the book brings to light the cultural and economic ramifications of the publics desire for online privacy. . . . Throughout, Draper examines the rights, expectations, and economics of digital privacy with expert fascination. * Publishers Weekly *How did 'protect your privacy online' become 'cultivate your personal brand'? Draper shines a light on the entrepreneurs in the privacy game, many overlooked or long gone, who had an outsized influence on how we think about privacy today. The Identity Trade provides a rich and important history, but also an astute meditation on how industry can shape cultural logics in profound ways. -- Tarleton Gillespie,author of Custodians of the InternetIn analyzing the burgeoning consumer privacy industry through its failures, Draper traces shifts in the industrial definition of privacy from anonymity to controlled exposure. The Identity Trade demonstrates how the economics of privacy directly shapes our understanding of what privacy is and how we might practice it. Essential reading for anyone concerned about their 'privacy,' their vulnerability to data breaches, and the myriad other 'identity' pitfalls that come along with online life as we know it. -- Alison Hearn,University of Western OntarioWhile we have been obsession over the ways Facebook and Google have blown away our ability to manage information about ourselves, a fascinating and troubling industry devoted to privacy management has emerged. In this lucid book, Draper reveals the assumptions and ideologies that drive the players in that industry, and thus reveals what's really at stake as we lurch toward a future we can't seem to control. -- Siva Vaidhyanathan, author of Antisocial Media: How Facebook Disconnects Us and Undermines Democracy
£17.09
New York University Press The Identity Trade
Book SynopsisThe successes and failures of an industry that claims to protect and promote our online identitiesWhat does privacy mean in the digital era? As technology increasingly blurs the boundary between public and private, questions about who controls our data become harder and harder to answer. Our every web view, click, and online purchase can be sold to anyone to store and use as they wish. At the same time, our online reputation has become an important part of our identitya form of cultural currency.The Identity Trade examines the relationship between online visibility and privacy, and the politics of identity and self-presentation in the digital age. In doing so, Nora Draper looks at the revealing two-decade history of efforts by the consumer privacy industry to give individuals control over their digital image through the sale of privacy protection and reputation management as a service.Through in-depth interviews with industry experts, as well as analyTrade ReviewFeaturing interviews with such industry figures as Fred Davis, founder of the identity management company Lumeria, and Josh Galper, general counsel for the online data vault provider Personal, the book brings to light the cultural and economic ramifications of the publics desire for online privacy. . . . Throughout, Draper examines the rights, expectations, and economics of digital privacy with expert fascination. * Publishers Weekly *How did 'protect your privacy online' become 'cultivate your personal brand'? Draper shines a light on the entrepreneurs in the privacy game, many overlooked or long gone, who had an outsized influence on how we think about privacy today. The Identity Trade provides a rich and important history, but also an astute meditation on how industry can shape cultural logics in profound ways. -- Tarleton Gillespie,author of Custodians of the InternetIn analyzing the burgeoning consumer privacy industry through its failures, Draper traces shifts in the industrial definition of privacy from anonymity to controlled exposure. The Identity Trade demonstrates how the economics of privacy directly shapes our understanding of what privacy is and how we might practice it. Essential reading for anyone concerned about their 'privacy,' their vulnerability to data breaches, and the myriad other 'identity' pitfalls that come along with online life as we know it. -- Alison Hearn,University of Western OntarioWhile we have been obsession over the ways Facebook and Google have blown away our ability to manage information about ourselves, a fascinating and troubling industry devoted to privacy management has emerged. In this lucid book, Draper reveals the assumptions and ideologies that drive the players in that industry, and thus reveals what's really at stake as we lurch toward a future we can't seem to control. -- Siva Vaidhyanathan, author of Antisocial Media: How Facebook Disconnects Us and Undermines Democracy
£66.60
APress Snowflake Access Control
Book SynopsisUnderstand the different access control paradigms available in the Snowflake Data Cloud and learn how to implement access control in support of data privacy and compliance with regulations such as GDPR, APPI, CCPA, and SOX. The information in this book will help you and your organization adhere to privacy requirements that are important to consumers and becoming codified in the law. You will learn to protect your valuable data from those who should not see it while making it accessible to the analysts whom you trust to mine the data and create business value for your organization. Snowflake is increasingly the choice for companies looking to move to a data warehousing solution, and security is an increasing concern due to recent high-profile attacks. This book shows how to use Snowflake's wide range of features that support access control, making it easier to protect data access from the data origination point all the way to the presentation and visualization layer.Reading this book Table of ContentsPart I. Background1. What is Access Control?2. Data Types Requiring Access Control3. Data Privacy Laws and Regulatory Drivers4. Permission typesPart II. Creating Roles5. Functional Roles - What A Person Does6. Team Roles - Who A Person Is7. Assuming A Primary Role8. Secondary RolesPart III. Granting Permissions to Roles9. Role Inheritance10. Account and Database Level Privileges 11. Schema-Level Privileges12. Table and View Level Privileges13. Row-Level Permissioning and Fine-Grained Access Control14. Column-Level Permissioning and Data MaskingPart IV. Operationally Managing Access Control15. Secure Data Sharing16. Separating Production from Development17. Upstream & Downstream Services18. Managing Access Requests
£42.74
APress Firewalls Dont Stop Dragons
Book SynopsisRely on this practical, comprehensive guide to significantly improve your cyber safety and data privacy. Shop and bank online with maximum security and peace of mind. Block online tracking, data mining and malicious online ads.Table of Contents
£31.34
O'Reilly Media Ransomware
Book SynopsisThe biggest online threat to businesses and consumers today is ransomware, a category of malware that can encrypt your computer files until you pay a ransom to unlock them. With this practical book, you'll learn how easily ransomware infects your system and what steps you can take to stop the attack before it sets foot in the network.
£23.99
O'Reilly Media 97 Things About Ethics Everyone in Data Science
Book SynopsisBeing ethical takes constant diligence, and in many situations identifying the right choice can be difficult. In this in-depth book, contributors from top companies in technology, finance, and other industries share experiences and lessons learned from collecting, managing, and analyzing data ethically.
£29.99
O'Reilly Media Zero Trust Networks
Book SynopsisThis practical book provides a detailed explanation of the zero trust security model. The updated edition offers more scenarios, real-world examples, and in-depth explanations of key concepts to help you fully comprehend the zero trust security architecture.
£42.39
Rowman & Littlefield Cyber SelfDefense
Book SynopsisAre you in danger of being cyberstalked? Have you been cyberbullied? Outwit your cyberattacker with these clever strategies from former cyberstalking victim, Alexis Moore. As the founder of Survivors in Action, Moore explains how to identify potential cyberattackers and how to recover from a cybercrime if you’ve been attacked. Her indispensable book can help you remain secure and safe in today’s dangerous digital world and take back control of your life.
£11.69
Open Road Distribution The Rise of the Computer State The Threat to Our Freedoms Our Ethics and our Democratic Process
£11.39
Cornell University Press The United States of Anonymous
Book SynopsisIn The United States of Anonymous, Jeff Kosseff explores how the right to anonymity has shaped American values, politics, business, security, and discourse, particularly as technology has enabled people to separate their identities from their communications. Legal and political debates surrounding online privacy often focus on the Fourth Amendment''s protection against unreasonable searches and seizures, overlooking the history and future of an equally powerful privacy right: the First Amendment''s protection of anonymity. The United States of Anonymous features extensive and engaging interviews with people involved in the highest profile anonymity cases, as well as with those who have benefited from, and been harmed by, anonymous communications. Through these interviews, Kosseff explores how courts have protected anonymity for decades and, likewise, how law and technology have allowed individuals to control how much, if any, identifying infTrade ReviewAmid surging social media and online speech wars, readers concerned about the future of free speech, privacy, and the law will appreciate Kosseff's ability to deftly place the many-sided anonymity debate in the context of constitutional values and social norms. * Library Journal *Table of ContentsIntroduction Part I: Developing the Right to Anonymity 1. America, the Anonymous 2. Empowering Anonymous Association 3. Empowering Anonymous Speech 4. The Scope of Anonymity Empowerment 5. Antimask Part II: The Right to Online Anonymity 6. Cybersmear 7. Setting the Rules for Online Anonymity 8. Online Anonymity and Copyright 9. When the Government Wants to Unmask You 10. Anonymity Worldwide 11. Technological Protections for Anonymity Part III: Living in an Anonymous World 12. Anonymity as a Shield 13. Anonymity as a Sword Part IV: The Future of Anonymity 14. Real-Name Policies 15. Out in the Open 16. Empowering Anonymity through Privacy Law Conclusion
£21.84
Skyhorse Publishing How to Disappear and Never Be Found
Book Synopsis
£12.34
Skyhorse Publishing Surveillance and Surveillance Detection: A CIA
Book SynopsisHave you ever thought you were being followed or watched? Have you ever needed to follow or observe someone and not be seen?In the world of espionage, surveillance and surveillance detection are a way of life. It is the job of every CIA operations officer to make sure he or she is not under surveillance—that is, being followed to the commission of an “operational act.” It is also the job of every CIA operations officer to surveil his own targets, whether they are terrorists or terrorist suspects, foreign intelligence officers, hostile actors, or even sometimes his own agents for vetting purposes. In everyday life, many people from all walks of life need to know how to perform similar operations. Whether avoiding a stalker, checking up on an unfaithful partner, or just securing one’s own privacy, a working knowledge of modern surveillance and surveillance detection techniques is a critical skill to possess. And there is nobody better to teach that skill than someone trained by the CIA.From former CIA counterterrorism officer John C. Kiriakou, Surveillance and Surveillance Detection: A CIA Insider's Guide takes you through the CIA's surveillance and surveillance detection program. It will teach you to apply CIA surveillance techniques to your own everyday life. You’ll learn how to stay safe, to ensure your privacy, and to keep the honest people honest—the CIA way.
£12.34
