This book addresses the important role of communication within the context of performing an audit, project, or review (i.e., planning, detailed testing, and reporting). Intended for audit, information security, enterprise, and operational risk professionals at all levels, including those just starting out, Say What!? Communicate with Tact and Impact: What to Say to Get Results at Any Point in an Audit contains an array of practical and time-tested approaches that foster efficient and effective communication at any point during an engagement. The practical and memorable techniques are culled from author Ann M. Butera's CRP experience as a trusted advisor who has taught thousands of professionals how to develop and hone their interpersonal, communication, and empathic skills. Those familiar with the Five Tier Competency ModelTM she developed will recognize these techniques as a deep dive on the competencies comprising Tier 3: Project Management and Tier 5: Managing Constituent Relations. The author discusses the following behaviors in one's dealings with executives, process owners, control performers, and colleagues: Demonstrating executive presence Becoming the trusted advisor Influencing others Communicating with tact, confidence, and impact Facilitating productive meetings and discussions Overcoming resistance and objections Managing and resolving conflict Knowing when to let a topic go and move on This book is a guide for professionals who want to interact proactively and persuasively with those they work with, audit, or review. It describes techniques that can be used during virtual, in-person, telephone, or video conferences (as opposed to emails, workpapers, and reports). It provides everyone (newer associates in particular) with the interpersonal skills needed to (1) develop and build relationships with their internal constituents and clients, (2) facilitate conversations and discussions before and during meetings, and (3) handle impromptu questions with confidence and executive presence and make positive first impressions. The topics and techniques discussed are accompanied by case studies, examples, and exercises to give the readers the opportunity to develop plans to bridge the gap between theory and practice. The readers can use the book as a reliable resource when subject matter experts or training guides are not readily available.

Managers in organisations must make rational decisions. Rational decision making is the opposite of intuitive decision making. It is a strict procedure utilising objective knowledge and logic. It involves identifying the problem to solve, gathering facts, identifying options and outcomes, analysing them, considering all the relationships and selecting the decision. Rational decision making requires support: methods and software tools. The identification of the problem to solve needs methods that would measure and evaluate the current situation. Identification and evaluation of options and analysis of the available possibilities involves analysis and optimisation methods. Incorporating intuition into rational decision making needs adequate methods that would translate ideas or observed behaviours into hard data. Communication, observation and opinions recording is hardly possible today without adequate software. Information and data that form the input, intermediate variables and the output must be stored, managed and made accessible in a user-friendly manner. Rational Decisions in Organisations: Theoretical and Practical Aspects presents selected recent developments in the support of the widely understood rational decision making in organisations, illustrated through case studies. The book shows not only the variety of perspectives involved in decision making, but also the variety of domains where rational decision support systems are needed. The case studies present decision making by medical doctors, students and managers of various universities, IT project teams, construction companies, banks and small and large manufacturing companies. Covering the richness of relationships in which the decisions should and must be taken, the book illustrates how modern organisations operate in chains and networks; they have multiple responsibilities, including social, legal, business and ethical duties. Nowadays, managers in organisations can make transparent decisions and consider a multitude of stakeholders and their diverse features, incorporating diverse criteria, using multiple types and drivers of information and decision-making patterns, and referring to numerous lessons learned. As the book makes clear, the marriage of theoretical ideas with the possibilities offered by technology can make the decisions in organisations more rational and, at the same time, more human.

Trusted Platform Modules (TPMs) are small, inexpensive chips which provide a limited set of security functions. They are most commonly found as a motherboard component on laptops and desktops aimed at the corporate or government markets, but can also be found on many consumer-grade machines and servers, or purchased as independent components. Their role is to serve as a Root of Trust - a highly trusted component from which we can bootstrap trust in other parts of a system. TPMs are most useful for three kinds of tasks: remotely identifying a machine, or machine authentication; providing hardware protection of secrets, or data protection; and providing verifiable evidence about a machine's state, or attestation. This book describes the primary uses for TPMs, and practical considerations such as when TPMs can and should be used, when they shouldn't be, what advantages they provide, and how to actually make use of them, with use cases and worked examples of how to implement these use cases on a real system. Topics covered include when to use a TPM; TPM concepts and functionality; programming introduction; provisioning: getting the TPM ready to use; first steps: TPM keys; machine authentication; data protection; attestation; other TPM features; software and specifications; and troubleshooting. Appendices contain basic cryptographic concepts; command equivalence and requirements charts; and complete code samples.

Phishing Detection Using Content-Based Image Classification is an invaluable resource for any deep learning and cybersecurity professional and scholar trying to solve various cybersecurity tasks using new age technologies like Deep Learning and Computer Vision. With various rule-based phishing detection techniques at play which can be bypassed by phishers, this book provides a step-by-step approach to solve this problem using Computer Vision and Deep Learning techniques with significant accuracy. The book offers comprehensive coverage of the most essential topics, including: Programmatically reading and manipulating image data Extracting relevant features from images Building statistical models using image features Using state-of-the-art Deep Learning models for feature extraction Build a robust phishing detection tool even with less data Dimensionality reduction techniques Class imbalance treatment Feature Fusion techniques Building performance metrics for multi-class classification task Another unique aspect of this book is it comes with a completely reproducible code base developed by the author and shared via python notebooks for quick launch and running capabilities. They can be leveraged for further enhancing the provided models using new advancement in the field of computer vision and more advanced algorithms.

* Network traffic is a type of fractal time series, attracting the interests of not only computer scientists but the scientists from various fields, ranging from statistics to engineering * Innovatively presents a traffic bound named by the author * Further proves the existing identity in min-plus convolution system and the computation formula of the identity

Massive multiple-input multiple-output (Massive MIMO) is the latest technology that will improve the speed and throughput of wireless communication systems for years to come. Whilst there may be some debate over the origins of the term Massive MIMO and what it precisely means, this monograph describes in detail how the research conducted in the past decades lead to a scalable multiantenna technology that offers great throughput and energy efficiency under practical conditions. Written for students, practicing engineers and researchers who want to learn the conceptual and analytical foundations of Massive MIMO, in terms of spectral, energy, and/or hardware efficiency, as well as channel estimation and practical considerations, it provides a clear and tutorial like exposition of all the major topics. It also connects the dots of the research literature covering numerous topics not easily found therein. Massive MIMO Networks is the first monograph on the subject to cover the spatial channel correlation and consider rigorous signal processing design essential for the complete understanding by its target audience.

Consolidating recent research in the area, the Handbook on Mobile and Ubiquitous Computing: Status and Perspective illustrates the design, implementation, and deployment of mobile and ubiquitous systems, particularly in mobile and ubiquitous environments, modeling, database components, and wireless infrastructures. Supplying an overarching perspective, the book is ideal for researchers, graduate students, and industry practitioners in computer science and engineering interested in recent developments in mobile and ubiquitous computing. It discusses new trends in intelligent systems, reviews sensory input and multimedia information, and examines embedded real-time systems. With coverage that spans security, privacy, and trust, the book is divided into six parts: Mobile and Ubiquitous Computing-illustrates the concepts, design, implementation, and deployment of mobile and ubiquitous systems Smart Environments and Agent Systems-discusses a new trend toward intelligent systems that are completely connected, proactive, intuitive, and constantly available Human-Computer Interaction and Multimedia Computing-describes guidelines for designing multisensory input and output for mobile devices Security, Privacy, and Trust Management-presents an approach to dynamically establish trust between a system and its mobile client in a flexible manner using a multi-agent negotiation mechanism Embedded Real-Time Systems-introduces novel work on how mobile, ubiquitous, and intelligence computing can be realized Networking Sensing and Communications-covers challenges, designs, and prototype solutions for establishing, managing, and maintaining current sensor networks in mobile and ubiquitous computing environments Containing the contributions of more than 70 researchers, practitioners, and academics from around the world, the book brings together the latest research on the subject to provide an understanding of the issues being addressed in the field. Filled with extensive references in each chapter, it provides you with the tools to participate in the design, implementation, and deployment of systems that are connected, proactive, intuitive, and constantly available.

In Learn Kubernetes in a Month of Lunches you'll go from "what's a Pod?" to automatically scaling clusters of containers and components in just 22 hands-on lessons, each short enough to fit into a lunch break. Every lesson is task-focused and covers an essential skill on the road to Kubernetes mastery. You'll learn how to smooth container management with Kubernetes, including securing your clusters, and upgrades and rollbacks with zero downtime. No development stack, platform, or background is assumed. Author Elton Stoneman describes all patterns generically, so you can easily apply them to your applications and port them to other projects! about the technologyCreate apps that perform identically on your laptop, data center, and cloud! Kubernetes provides a consistent method for deploying applications on any platform, making it easy to grow. By efficiently orchestrating Docker containers, Kubernetes simplifies tasks like rolling upgrades, scaling, and self-healing. about the book Learn Kubernetes in a Month of Lunches is your guide to getting up and running with Kubernetes. You'll progress from Kubernetes basics to essential skills, learning to model, deploy, and manage applications in production. Exercises demonstrate how Kubernetes works with multiple languages and frameworks. You'll also practice with new apps, legacy code, and serverless functions. what's inside Deploying applications on Kubernetes clusters Understanding the Kubernetes app lifecycle, from packaging to rollbacks Self-healing and scalable apps Using Kubernetes as a platform for new technologies about the readerFor readers familiar with Docker and containerization. about the author Elton Stoneman is a Docker Captain, a 11-time Microsoft MVP, and the author of Learn Docker in a Month of Lunches.

This book is the first of its kind to introduce the integration of ethics, laws, risks, and policies in cyberspace. The book provides understanding of the ethical and legal aspects of cyberspace along with the risks involved. It also addresses current and proposed cyber policies, serving as a summary of the state of the art cyber laws in the United States. It also, importantly, incorporates various risk management and security strategies from a number of organizations. Using easy-to-understand language and incorporating case studies, the authors begin with the consideration of ethics and law in cybersecurity and then go on to take into account risks and security policies. The section on risk covers identification, analysis, assessment, management, and remediation. The very important topic of cyber insurance is covered as well-its benefits, types, coverage, etc. The section on cybersecurity policy acquaints readers with the role of policies in cybersecurity and how they are being implemented by means of frameworks. The authors provide a policy overview followed by discussions of several popular cybersecurity frameworks, such as NIST, COBIT, PCI/DSS, ISO series, etc.

This comprehensive book unveils the working relationship of blockchain and the fog/edge computing. The contents of the book have been designed in such a way that the reader will not only understand blockchain and fog/edge computing but will also understand their co-existence and their collaborative power to solve a range of versatile problems. The first part of the book covers fundamental concepts and the applications of blockchain-enabled fog and edge computing. These include: Internet of Things, Tactile Internet, Smart City; and E-challan in the Internet of Vehicles. The second part of the book covers security and privacy related issues of blockchain-enabled fog and edge computing. These include, hardware primitive based Physical Unclonable Functions; Secure Management Systems; security of Edge and Cloud in the presence of blockchain; secure storage in fog using blockchain; and using differential privacy for edge-based Smart Grid over blockchain. This book is written for students, computer scientists, researchers and developers, who wish to work in the domain of blockchain and fog/edge computing. One of the unique features of this book is highlighting the issues, challenges, and future research directions associated with Blockchain-enabled fog and edge computing paradigm. We hope the readers will consider this book a valuable addition in the domain of Blockchain and fog/edge computing.

In this book, Edosa explores common challenges which limit the value that organisations can get from data. What makes his book unique is that he also tackles one of the unspoken barriers to data adoption-fear. Fear of the unknown, fear of the intangible, fear of the investment needed and, yes, fear of losing your job to a machine. With his talent for distilling clarity from complexity, Edosa tackles this and many other challenges. -Tim Carmichael, Chief Data Officer, Chalhoub Group This book offers fresh insight about how to solve the interactional frictions that hamper the flow of data, information and knowledge across organisations. Yet, rather than being stuck with endless polarising debates such as breaking down silos, it shifts focus back towards the ultimate "to what end." -Jacky Wright, Chief Digital Officer (CDO), Microsoft US If you care about AI transformation, empowering people or advancing organisational success in an increasingly digital world, then you should read this book. -Yomi Ibosiola, Chief Data and Analytics Officer, Union Bank A retail giant already struggling due to the Covid-19 pandemic was faced with a disastrous situation when-at the end of a critical investment in an artificial intelligence project that had been meant to save money-it suddenly discovered that its implementation was likely to leave it worse off. An entire critical service stream within an insurer's production system crashed. This critical failure resulted in the detentions of fully insured motorists for allegedly not carrying required insurance. Making Data Work details these two scenarios as well as others illustrating the consequences that arise when organizations do not know how to make data work properly. It is a journey to determine what to do to "make data work" for ourselves and for our organisations. It is a journey to discover how to bring it all together so organisations can enable digital transformation, empower people, and advance organisational success. It is the journey to a world where data and technology finally live up to the hype and deliver better human outcomes, where artificial intelligence can move us from reacting to situations to predicting future occurrences and enabling desirable possibilities.

The book Digital Health Transformation with Blockchain and Artificial Intelligence covers the global digital revolution in the field of healthcare sector. The population has been overcoming the COVID-19 period; therefore, we need to establish intelligent digital healthcare systems using various emerging technologies like Blockchain and Artificial Intelligence. Internet of Medical Things is the technological revolution that has included the element of "smartness" in the healthcare industry and also identifying, monitoring, and informing service providers about the patient's clinical information with faster delivery of care services. This book highlights the important issues i.e. (a) How Internet of things can be integrated with the healthcare ecosystem for better diagnostics, monitoring, and treatment of the patients, (b) Artificial Intelligence for predictive and preventive healthcare systems, (c) Blockchain for managing healthcare data to provide transparency, security, and distributed storage, and (d) Effective remote diagnostics and telemedicine approach for developing smart care. The book encompasses chapters belong to the blockchain, Artificial Intelligence, and Big health data technologies. Features: Blockchain and internet of things in healthcare systems Secure Digital Health Data Management in Internet of Things Public Perception towards AI-Driven Healthcare Security, privacy issues and challenges in adoption of smart digital healthcare Big data analytics and Internet of things in the pandemic era Clinical challenges for digital health revolution Artificial intelligence for advanced healthcare Future Trajectory of Healthcare with Artificial Intelligence 9 Parkinson disease pre-diagnosis using smart technologies Emerging technologies to combat the COVID-19 Machine Learning and Internet of Things in Digital Health Transformation Effective Remote Healthcare and Telemedicine Approaches Legal implication of blockchain technology in public health This Book on "Digital Health Transformation with Blockchain and Artificial Intelligence" aims at promoting and facilitating exchanges of research knowledge and findings across different disciplines on the design and investigation of secured healthcare data analytics. It can also be used as a textbook for a Masters course in security and biomedical engineering. This book will also present new methods for the medical data analytics, blockchain technology, and diagnosis of different diseases to improve the quality of life in general, and better integration into digital healthcare.

Introducing strong foundations to practical Cyber-Physical Systems Leveraging CPS for pandemic affected society Ensuring Secured and Privacy aware CPS for Sensitive Data in a pandemic situation Providing methodologies to deploy CPS in industries affect by a pandemic

Provides overview of security challenges of IoT and mitigation techniques with a focus on authorization and access control mechanisms Discusses behavioural analysis of threats and attacks using UML base modelling Covers use of Oauth2.0 Protocol and UMA for connecting web applications Includes Role Based Access Control (RBAC), Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Permission Based Access Control (PBAC) Explores how to provide access to third party web applications through resource server by use of secured and reliable Oauth2.0 framework

Project or program health checks provide tremendous value to businesses and pay for themselves by multiples of magnitude. No matter how well a project or program is performing, there are always activities that can provide better value, reduce costs, or introduce more innovation. IT project and program health checks can help organizations reach their goals and dramatically improve Return on Investment (ROI). IT Project Health Checks: Driving Successful Implementation and Multiples of Business Value offers a proven approach for evaluating IT projects or programs in order to determine how they are performing and how the eventual outcome for the initiative is currently trending. The project or program health checks provide a set of techniques that produce actionable recommendations that can be applied for any combination of the following outcomes: Drive more business and technical value from a program Set a project or program back on track for successful implementation as defined by executive management Rescue a program that is heading towards failure Act as additional insurance for initiatives that are too important to fail Protect executive careers by creating transparency within the inner workings of complex initiatives. The book shows how a review can quickly identify whether an initiative needs to be rescued even when the project team is not aware that it is hurtling towards failure. It also provides techniques for driving business value even when a project team believes it's been stretched as much as possible. Other outcomes covered in this book include: Objectively develop a project Health-Check Scorecard that establishes how well a project is doing and the direction it is headed Demonstrate how to drive business value from an IT program regardless of how well or badly it is tracking Provide surgical advice to improve a project's outcome How to use the many templates and sample deliverables to get a quick start on your own health check. Designed to provide significant value to any member of a project team, program team, stakeholders, sponsors, business users, system integrators, trainers, and IT professionals, this book can help find opportunities to drive multiples of business value and exceed project success metrics.

Project or program health checks provide tremendous value to businesses and pay for themselves by multiples of magnitude. No matter how well a project or program is performing, there are always activities that can provide better value, reduce costs, or introduce more innovation. IT project and program health checks can help organizations reach their goals and dramatically improve Return on Investment (ROI). IT Project Health Checks: Driving Successful Implementation and Multiples of Business Value offers a proven approach for evaluating IT projects or programs in order to determine how they are performing and how the eventual outcome for the initiative is currently trending. The project or program health checks provide a set of techniques that produce actionable recommendations that can be applied for any combination of the following outcomes: Drive more business and technical value from a program Set a project or program back on track for successful implementation as defined by executive management Rescue a program that is heading towards failure Act as additional insurance for initiatives that are too important to fail Protect executive careers by creating transparency within the inner workings of complex initiatives. The book shows how a review can quickly identify whether an initiative needs to be rescued even when the project team is not aware that it is hurtling towards failure. It also provides techniques for driving business value even when a project team believes it's been stretched as much as possible. Other outcomes covered in this book include: Objectively develop a project Health-Check Scorecard that establishes how well a project is doing and the direction it is headed Demonstrate how to drive business value from an IT program regardless of how well or badly it is tracking Provide surgical advice to improve a project's outcome How to use the many templates and sample deliverables to get a quick start on your own health check. Designed to provide significant value to any member of a project team, program team, stakeholders, sponsors, business users, system integrators, trainers, and IT professionals, this book can help find opportunities to drive multiples of business value and exceed project success metrics.

The Lean Approach to Digital Transformation: From Customer to Code and From Code to Customer is organized into three parts that expose and develop the three capabilities that are essential for a successful digital transformation: 1. Understanding how to co-create digital services with users, whether they are customers or future customers. This ability combines observation, dialogue, and iterative experimentation. The approach proposed in this book is based on the Lean Startup approach, according to an extended vision that combines Design Thinking and Growth Hacking. Companies must become truly "customer-centric", from observation and listening to co-development. The revolution of the digital age of the 21st century is that customer orientation is more imperative -- the era of abundance, usages rate of change, complexity of experiences, and shift of power towards communities -- are easier, using digital tools and digital communities. 2. Developing an information system (IS) that is the backbone of the digital transformation - called "exponential information system" to designate an open IS (in particular on its borders), capable of interfacing and combining with external services, positioned as a player in software ecosystems and built for processing scalable and dynamic data flows. The exponential information system is constantly changing and it continuously absorbs the best of information processing technology, such as Artificial Intelligence and Machine Learning. 3. Building software "micro-factories" that produce service platforms, which are called "Lean software factories." This "software factory" concept covers the integration of agile methods, tooling and continuous integration and deployment practices, a customer-oriented product approach, and a platform approach based on modularity, as well as API-based architecture and openness to external stakeholders. This software micro-factory is the foundation that continuously produces and provides constantly evolving services. These three capabilities are not unique or specific to this book, they are linked to other concepts such as agile methods, product development according to lean principles, software production approaches such as CICD (continuous integration and deployment) or DevOps. This book weaves a common frame of reference for all these approaches to derive more value from the digital transformation and to facilitate its implementation. The title of the book refers to the "lean approach to digital transformation" because the two underlying frameworks, Lean Startup and Lean Software Factory, are directly inspired by Lean, in the sense of the Toyota Way. The Lean approach is present from the beginning to the end of this book -- it provides the framework for customer orientation and the love of a job well done, which are the conditions for the success of a digital transformation.

The Security Hippie is Barak Engel's second book. As the originator of the "Virtual CISO" (fractional security chief) concept, he has served as security leader in dozens of notable organizations, such as Mulesoft, Stubhub, Amplitude Analytics, and many others. The Security Hippie follows his previous book, Why CISOs Fail, which became a sleeper hit, earning a spot in the Cybercannon project as a leading text on the topic of information security management. In this new book, Barak looks at security purely through the lens of story-telling, sharing many and varied experiences from his long and accomplished career as organizational and thought leader, and visionary in the information security field. Instead of instructing, this book teaches by example, sharing many real situations in the field and actual events from real companies, as well as Barak's related takes and thought processes. An out-of-the-mainstream, counterculture thinker - Hippie - in the world of information security, Barak's rich background and unusual approach to the field come forth in this book in vivid color and detail, allowing the reader to sit back and enjoy these experiences, and perhaps gain insights when faced with similar issues themselves or within their organizations. The author works hard to avoid technical terms as much as possible, and instead focus on the human and behavioral side of security, finding the humor inherent in every anecdote and using it to demystify the field and connect with the reader. Importantly, these are not the stories that made the news; yet they are the ones that happen all the time. If you've ever wondered about the field of information security, but have been intimidated by it, or simply wished for more shared experiences, then The Security Hippie is the perfect way to open that window by accompanying Barak on some of his many travels into the land of security.

Discusses various aspects of role of Internet of Things (IoT) and Machine Learning in smart buildings. Explains pertinent system architecture focusing on power generation and distribution. Covers power enabling technologies for smart cities. Includes Photovoltaic System Integrated Smart Buildings.

When a $145 million IT project failure pushes Los Angeles to the edge of financial meltdown, the County CEO asks Max McLellan, a harried IT project manager, aka The Integrator, for help. The County Board gives Max 30 days to identify the problem and find a solution. At first Max finds the usual missteps, but something bigger and darker beckons, an explosive source of project failure. He must do something different, rattling ghosts of previous County IT failures, uncloaking crookedness, and exposing truths that shatter careers. With some people rooting for his failure, Max battles to fit all the pieces together with the County team, applying his proven framework to define the problem, plan a solution and execute it successfully. It's common knowledge that barely 50% of IT projects succeed, per a 2017 Project Management Institute report. Equally well-known, approximately 70% of large-scale change management initiatives fail according to a 2017 McKinsey & Co. report. Given the challenge to overcome these low success rates, The Integrator offers a proven narrative on the organizational change framework for achieving Agile IT project management success based on the author's 45+ year client experiences and published research. The Integrator defines change management as the single overarching methodology integrating Agile IT and project management. It does this because all projects are about change - significant organizational and personal change. The people involved - their participation in and understanding and support of these changes - ultimately determine IT projects success or failure. In fact, while all IT projects are about change, successful projects change human behavior. The methodologies included in the framework, described in The Integrator, include: * Change management as defined by AIM (Accelerating Implementation Methodology). * Project management as defined by the Project Management Institute (PMI) Guide to the Project Management Body of Knowledge (PMBOK Guide) standard. * IT management as derived from the Institute of Electrical Engineers (IEEE) Guide to the Software Engineering Body of Knowledge (SWEBOK) standard. * Agile as defined by the Agile Alliance's Agile Manifesto. Written by a certified Project Management Professional and accredited change management practitioner, The Integrator chronicles the challenges involved in applying this framework in a real-world setting to achieve successful project implementation.

According to the FBI, about 4000 ransomware attacks happen every day. In the United States alone, victims lost $209 million to ransomware in the first quarter of 2016. Even worse is the threat to critical infrastructure, as seen by the malware infections at electrical distribution companies in Ukraine that caused outages to 225,000 customers in late 2015. Further, recent reports on the Russian hacks into the Democratic National Committee and subsequent release of emails in a coercive campaign to apparently influence the U.S. Presidential Election have brought national attention to the inadequacy of cyber deterrence. The U.S. government seems incapable of creating an adequate strategy to alter the behavior of the wide variety of malicious actors seeking to inflict harm or damage through cyberspace. This book offers a systematic analysis of the various existing strategic cyber deterrence options and introduces the alternative strategy of active cyber defense. It examines the array of malicious actors operating in the domain, their methods of attack, and their motivations. It also provides answers on what is being done, and what could be done, by the government and industry to convince malicious actors that their attacks will not succeed and that risk of repercussions exists. Traditional deterrence strategies of retaliation, denial and entanglement appear to lack the necessary conditions of capability, credibly, and communications due to these malicious actors' advantages in cyberspace. In response, the book offers the option of adopting a strategy of active cyber defense that combines internal systemic resilience to halt cyber attack progress with external disruption capacities to thwart malicious actors' objectives. It shows how active cyber defense is technically capable and legally viable as an alternative strategy for the deterrence of cyber attacks.

This book examines new and challenging political aspects of cyber security and presents it as an issue defined by socio-technological uncertainty and political fragmentation. Structured along two broad themes and providing empirical examples for how socio-technical changes and political responses interact, the first part of the book looks at the current use of cyber space in conflictual settings, while the second focuses on political responses by state and non-state actors in an environment defined by uncertainties. Within this, it highlights four key debates that encapsulate the complexities and paradoxes of cyber security politics from a Western perspective - how much political influence states can achieve via cyber operations and what context factors condition the (limited) strategic utility of such operations; the role of emerging digital technologies and how the dynamics of the tech innovation process reinforce the fragmentation of the governance space; how states attempt to uphold stability in cyberspace and, more generally, in their strategic relations; and how the shared responsibility of state, economy, and society for cyber security continues to be re-negotiated in an increasingly trans-sectoral and transnational governance space. This book will be of much interest to students of cyber security, global governance, technology studies, and international relations. The Open Access version of this book, available at www.taylorfrancis.com, has been made available under a Creative Commons Attribution-Non Commercial-No Derivatives 4.0 license.

The book provides a broad outlook on the applications of cyber-physical systems along with case studies and examples in healthcare, automotive electronics, industrial automation, environment monitoring, agriculture, and applications in civil and mechanical sectors. Topics include using an energy management system in smart grids, implementing an intelligent traffic management system, warehouse tracking and monitoring, medical cyber-physical systems security, remote healthcare monitoring, and more.

The COVID-19 pandemic has had so many unprecedented consequences. The great global shift from office work to remote work is one such consequence, with which many information security professionals are struggling. Office workers have been hastily given equipment that has not been properly secured or must use personal devices to perform office work. The proliferation of videoconferencing has brought about new types of cyber-attacks. When the pandemic struck, many organizations found they had no, or old and unworkable, business continuity and disaster recovery plans. Business Recovery and Continuity in a Mega Disaster: Cybersecurity Lessons Learned from the COVID-19 Pandemic reviews the COVID-19 pandemic and related information security issues. It then develops a series of lessons learned from this reviews and explains how organizations can prepare for the next global mega disaster. The following presents some of the key lessons learned: The lack of vetting for third party suppliers and vendors The lack of controls surrounding data privacy, especially as it relates to the personal identifiable information (PPI) data sets The intermingling of home and corporate networks The lack of a secure remote workforce The emergence of supply chain attacks (e.g., Solar Winds) To address the issues raised in these lessons learned, CISOs and their security teams must have tools and methodologies in place to address the following: The need for incident response, disaster recovery, and business continuity plans The need for effective penetration testing The importance of threat hunting The need for endpoint security The need to use the SOAR model The importance of a zero-trust framework This book provides practical coverage of these topics to prepare information security professionals for any type of future disaster. The COVID-19 pandemic has changed the entire world to unprecedented and previously unimaginable levels. Many businesses, especially in the United States, were completely caught off guard, and they had no concrete plans put into place, from a cybersecurity standpoint, for how to deal with this mega disaster. This how-to book fully prepares CIOs, CISOs, and their teams for the next disaster, whether natural or manmade, with the various lessons that have been learned thus far from the COVID-19 pandemic.