Cyberheists: Biggest Threat Facing American Businesses

Tuesday, August 28, 2012

Ben Rothke


While often quoted in the context of cybercrime, Willie Sutton is famously — but apocryphally - supposed to have answered reporter, Mitch Ohnstad, who asked why he robbed banks, by saying, "because that's where the money is.”

It is no myth that there is plenty of money and other digital assets on networks worldwide.  Those that want to ensure the security of those assets need to safeguard them.

In Cyberheist: The biggest financial threat facing American businesses since the meltdown of 2008, author Stu Sjouwerman details the current state of cybercrime, and presents numerous ways firms can ensure the safety of digital assets in their possession.

The book is written specifically for smaller to medium size businesses that often lack the staff and budget necessary to ensure effective information security.

At the end-user level, the book spends some time dealing with the threat of social engineering, specifically around phishing and spear-phishing.

In chapter 5, the author writes of vishing, which is a method of social engineering using telephone systems to obtain access to confidential personal and business information.  He notes several factors that contribute to the success of vishing, including the inherent trust places in telephone systems, a reachable phone-using population, general acceptance of automated phone message and more.

Chapter 8 is especially interesting which details credit card and epayment scams. The book notes that online merchant fraud is a multi-billion dollar business and provides an overview of the problem, and ways to avoid such scams.

The best part of the book comes in part 3 which are 5 chapters on countering cybercrime.  Topics such as the fundamentals of safe computing, policies, technologies, architecture and secure banking are dealt with.

At under 200 pages, Cyberheist: The biggest financial threat facing American businesses since the meltdown of 2008 is not the definitive text or the most comprehensive one on the topic. 

But for those looking for a brief and easy to read overview of the topic, with a lot of real-world advice, Cyberheist: The biggest financial threat facing American businesses since the meltdown of 2008 makes for a good read.

Cross-posted from RSA

Possibly Related Articles:
Enterprise Security
Information Security
scams Enterprise Security Vishing Social Engineering Small Business Cyber Crime Network Security spear-phishing Book Review
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.