The ultimate resource for making embedded systems reliable, safe, and secure

Embedded Systems Security provides:

A broad understanding of security principles, concerns, and technologies

Proven techniques for the efficient development of safe and secure embedded software

A study of the system architectures, operating systems and hypervisors, networking, storage, and cryptographic issues that must be considered when designing secure embedded systems

Nuggets of practical advice and numerous case studies throughout

Written by leading authorities in the field with 65 years of embedded security experience: one of the original developers of the world s only Common Criteria EAL 6+ security certified software product and a lead designer of NSA certified cryptographic systems.

This book is indispensable for embedded systems and security professionals, new and experienced.

An important contribution to the understanding of the security of embedded systems. The Kleidermachers are experts in their field. As the Internet of things becomes reality, this book helps business and technology management as well as engineers understand the importance of "security from scratch." This book, with its examples and key points, can help bring more secure, robust systems to the market.

Dr. Joerg Borchert, Vice President, Chip Card & Security, Infineon Technologies North America Corp.; President and Chairman, Trusted Computing Group

Embedded Systems Security provides real-world examples of risk and exploitation; most importantly the book offers clear insight into methods used to counter vulnerabilities to build true, native security into technology.

Adriel Desautels, President and CTO, Netragard, LLC.

Security of embedded systems is more important than ever. The growth in networking is just one reason. However, many embedded systems developers have insufficient knowledge of how to achieve security in their systems. David Kleidermacher, a world-renowned expert in this field, shares in this book his knowledge and long experience with other engineers. A very important book at the right time.

Prof. Dr.-Ing. Matthias Sturm, Leipzig University of Applied Sciences; Chairman, Embedded World Conference steering board
Gainan understanding of the operating systems, microprocessors, and network security critical issues that must be considered when designing secure embedded systemsContains nuggets of practical and simple advice on critical issues highlightedthroughout the textShort and to -the- point real case studies included to demonstrate embedded systems security in practice"

This book explores the strategic decisions made by organizations when implementing cybersecurity controls and leveraging economic models and theories from the economics of information security and risk-management frameworks. Based on unique and distinct research completed within the field of risk-management and information security, this book provides insight into organizational risk-management processes utilized in determining cybersecurity investments. It describes how theoretical models and frameworks rely on either specific scenarios or controlled conditions and how decisions on cybersecurity spending within organizations-specifically, the funding available in comparison to the recommended security measures necessary for compliance-vary depending on stakeholders. As the trade-off between the costs of implementing a security measure and the benefit derived from the implementation of security controls is not easily measured, a business leader's decision to fund security measures may be biased. The author presents an innovative approach to assess cybersecurity initiatives with a risk-management perspective and leverages a data-centric focus on the evolution of cyber-attacks. This book is ideal for business school students and technology professionals with an interest in risk management.

A Sensible Guide to Program Management Professional (PgMP) (R) Success is for program managers preparing to take the PgMP exam based on The Standard for Program Management - 4th Edition (PgM4 Standard). It is designed for busy professionals whose responsibilities have taken them into the realm of coordinating, facilitating, managing, and leading programs. Program managers are leaders who are directly managing large amounts of project resources for their organizations. This study guide addresses three main concerns facing PgMP exam candidates: What are the essential concepts, processes, and tools that form the foundation of today's program management? Since program management is still an emerging profession with professionals often working in different ways, what does this mean for a "standard" exam? More specifically, how does that impact your ability to pass the PgMP exam? What is the best way to prepare for the PgMP exam? To address the first concern, this book highlights the underlying rationale for program management: why it exists in organizations; why it is becoming ever more important; what programs are, especially for the purpose of passing the exam; how to think like a portfolio manager; and what the most important concepts, processes, and tools are for this profession. By simplifying complex ideas and communicating them in plain English with relevant examples, this book aims to help readers not only to pass the PgMP exam but also to serve as an essential guide for program managers. For the second concern, this book differs from other study guides by describing the author's personal experience as a program manager and addressing the most pressing questions for each of the performance domains in The Standard for Program Management. To address the last concern, this book contains 420 practice questions, access to an online exam simulator and an online PgMP community, and a time-tested approach for passing the PgMP exam.

This book covers recent trends in the field of devices, wireless communication and networking. It gathers selected papers presented at the International Conference on Communication, Devices and Networking (ICCDN 2019), which was organized by the Department of Electronics and Communication Engineering, Sikkim Manipal Institute of Technology, Sikkim, India, on 9-10 December 2019. Gathering cutting-edge research papers prepared by researchers, engineers and industry professionals, it will help young and experienced scientists and developers alike to explore new perspectives, and offer them inspirations on how to address real-world problems in the areas of electronics, communication, devices and networking.

Gain a thorough understanding of today's sometimes daunting, ever-changing world of technology as you learn how to apply the latest technology to your academic, professional and personal life with TECHNOLOGY FOR SUCCESS: COMPUTER CONCEPTS. Written by a team of best-selling technology authors and based on extensive research and feedback from students like you, this edition breaks each topic into brief, inviting lessons that address the "what, why and how" behind digital advancements to ensure deep understanding and application to today's real world. Optional online MindTap and SAM (Skills Assessment Manager) learning tools offer hands-on and step-by-step training, videos that cover the more difficult concepts and simulations that challenge you to solve problems in the actual world. You leave this course able to read the latest technology news and understand its impact on your daily life, the economy and society.

"Cryptographic Protocol: Security Analysis Based on Trusted Freshness" mainly discusses how to analyze and design cryptographic protocols based on the idea of system engineering and that of the trusted freshness component. A novel freshness principle based on the trusted freshness component is presented; this principle is the basis for an efficient and easy method for analyzing the security of cryptographic protocols. The reasoning results of the new approach, when compared with the security conditions, can either establish the correctness of a cryptographic protocol when the protocol is in fact correct, or identify the absence of the security properties, which leads the structure to construct attacks directly. Furthermore, based on the freshness principle, a belief multiset formalism is presented. This formalism s efficiency, rigorousness, and the possibility of its automation are also presented.
The book is intended for researchers, engineers, and graduate students in the fields of communication, computer science and cryptography, and will be especially useful for engineers who need to analyze cryptographic protocols in the real world.
Dr. Ling Dong is a senior engineer in the network construction and information security field. Dr. Kefei Chen is a Professor at the Department of Computer Science and Engineering, Shanghai Jiao Tong University.

Cloud Data Center Network Architectures and Technologies has been written with the support of Huawei's vast technical knowledge and experience in the data center network (DCN) field, as well as its understanding of customer service requirements. This book describes in detail the architecture design, technical implementation, planning and design, and deployment suggestions for cloud DCNs based on the service challenges DCNs encounter. It starts by describing the overall architecture and technical evolution of DCNs, with the aim of helping readers understand the development of DCNs. It then proceeds to explain the design and implementation of cloud DCNs, including the service model of a single data center (DC), construction of physical and logical networks of DCs, construction of multiple DCNs, and security solutions of DCs. Next, this book dives deep into practices of cloud DCN deployment based on real-world cases to help readers better understand how to build cloud DCNs. Finally, this book introduces DCN openness and some of the hottest forward-looking technologies. In summary, you can use this book as a reference to help you to build secure, reliable, efficient, and open cloud DCNs. It is intended for technical professionals of enterprises, research institutes, information departments, and DCs, as well as teachers and students of computer network-related majors in colleges and universities. Authors Lei Zhang Mr. Zhang is the Chief Architect of Huawei's DCN solution. He has more than 20 years' experience in network product and solution design, as well as a wealth of expertise in product design and development, network planning and design, and network engineering project implementation. He has led the design and deployment of more than 10 large-scale DCNs for Fortune Global 500 companies worldwide. Le Chen Mr. Chen is a Huawei DCN Solution Documentation Engineer with eight years' experience in developing documents related to DCN products and solutions. He has participated in the design and delivery of multiple large-scale enterprise DCNs. Mr. Chen has written many popular technical document series, such as DCN Handbook and BGP Topic.

This book is open access. Media forensics has never been more relevant to societal life. Not only media content represents an ever-increasing share of the data traveling on the net and the preferred communications means for most users, it has also become integral part of most innovative applications in the digital information ecosystem that serves various sectors of society, from the entertainment, to journalism, to politics. Undoubtedly, the advances in deep learning and computational imaging contributed significantly to this outcome. The underlying technologies that drive this trend, however, also pose a profound challenge in establishing trust in what we see, hear, and read, and make media content the preferred target of malicious attacks. In this new threat landscape powered by innovative imaging technologies and sophisticated tools, based on autoencoders and generative adversarial networks, this book fills an important gap. It presents a comprehensive review of state-of-the-art forensics capabilities that relate to media attribution, integrity and authenticity verification, and counter forensics. Its content is developed to provide practitioners, researchers, photo and video enthusiasts, and students a holistic view of the field.

"... an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. ... Readers are armed with firm solutions for the fight against cyber threats."-Dr. Dena Haritos Tsamitis. Carnegie Mellon University"... a must read for security specialists, software developers and software engineers. ... should be part of every security professional's library." -Dr. Larry Ponemon, Ponemon Institute"... the definitive how-to guide for software security professionals. Dr. Ransome, Anmol Misra, and Brook Schoenfield deftly outline the procedures and policies needed to integrate real security into the software development process. ...A must-have for anyone on the front lines of the Cyber War ..." -Cedric Leighton, Colonel, USAF (Ret.), Cedric Leighton Associates"Dr. Ransome, Anmol Misra, and Brook Schoenfield give you a magic formula in this book - the methodology and process to build security into the entire software development life cycle so that the software is secured at the source! "-Eric S. Yuan, Zoom Video CommunicationsThere is much publicity regarding network security, but the real cyber Achilles' heel is insecure software. Millions of software vulnerabilities create a cyber house of cards, in which we conduct our digital lives. In response, security people build ever more elaborate cyber fortresses to protect this vulnerable software. Despite their efforts, cyber fortifications consistently fail to protect our digital treasures. Why? The security industry has failed to engage fully with the creative, innovative people who write software. Core Software Security expounds developer-centric software security, a holistic process to engage creativity for security. As long as software is developed by humans, it requires the human element to fix it. Developer-centric security is not only feasible but also cost effective and operationally relevant. The methodology builds security into software development, which lies at the heart of our cyber infrastructure. Whatever development method is employed, software must be secured at the source. Book Highlights: Supplies a practitioner's view of the SDL Considers Agile as a security enabler Covers the privacy elements in an SDL Outlines a holistic business-savvy SDL framework that includes people, process, and technology Highlights the key success factors, deliverables, and metrics for each phase of the SDL Examines cost efficiencies, optimized performance, and organizational structure of a developer-centric software security program and PSIRT Includes a chapter by noted security architect Brook Schoenfield who shares his insights and experiences in applying the book's SDL framework View the authors' website at http://www.androidinsecurity.com/

This book gathers key advances in various areas related to using wireless Internet and wireless connectivity to achieve a more connected world. The world is now highly dependent on Internet connectivity. Even though some parts of the globe remain isolated, the smoothly running world all around us relies on Internet services for countless businesses and activities. During the COVID-19 pandemic, we have seen that exclusively relying on wired Internet would leave out a large part of our tech-savvy world. Hence, wireless connectivity is essential to anywhere, anytime connectivity. Further, in the event of a new pandemic or other disaster of global scale, wireless Internet offers a reliable way to keep us all connected. The contributors to this book, hailing from academia, industrial and research laboratories, report on the latest solutions, trends and technologies with the potential to make wireless Internet more reliable and secure for the years to come.

This book explores fundamental principles for securing IT systems and illustrates them with hands-on experiments that may be carried out by the reader using accompanying software. The experiments highlight key information security problems that arise in modern operating systems, networks, and web applications. The authors explain how to identify and exploit such problems and they show different countermeasures and their implementation. The reader thus gains a detailed understanding of how vulnerabilities arise and practical experience tackling them. After presenting the basics of security principles, virtual environments, and network services, the authors explain the core security principles of authentication and access control, logging and log analysis, web application security, certificates and public-key cryptography, and risk management. The book concludes with appendices on the design of related courses, report templates, and the basics of Linux as needed for the assignments. The authors have successfully taught IT security to students and professionals using the content of this book and the laboratory setting it describes. The book can be used in undergraduate or graduate laboratory courses, complementing more theoretically oriented courses, and it can also be used for self-study by IT professionals who want hands-on experience in applied information security. The authors' supporting software is freely available online and the text is supported throughout with exercises.

Cybercafes, which are places where Internet access is provided for free, provide the opportunity for people without access to the Internet, or who are traveling, to access Web mail and instant messages, read newspapers, and explore other resources of the Internet. Due to the important role Internet cafes play in facilitating access to information, there is a need for their systems to have well-installed software in order to ensure smooth service delivery. Security and Software for Cybercafes provides relevant theoretical frameworks and current empirical research findings on the security measures and software necessary for cybercafes, offering information technology professionals, scholars, researchers, and educators detailed knowledge and understanding of this innovative and leading-edge issue, both in industrialized and developing countries.

This book examines the FinTech revolution from a data privacy perspective. It analyzes key players on the FinTech market and the developments in various market segments. Particular attention is paid to an empirical analysis of the privacy statements of 505 German FinTech firms and how they were adapted after the General Data Protection Regulation (GDPR) entered into effect in May 2018. The analysis also includes 38 expert interviews with relevant stakeholders from supervisory and regulatory authorities, the financial and FinTech industry, leading consulting firms and consumer protection agencies. By adopting this approach, the book identifies key regulatory needs, offers a valuable asset for practitioners and academics alike, and shares intriguing insights for lawyers, economists and everyone interested in FinTech and data privacy.

This is the first book to present a multidisciplinary approach to cyberterrorism. It traces the threat posed by cyberterrorism today, with chapters discussing possible technological vulnerabilities, potential motivations to engage in cyberterrorism, and the challenges of distinguishing this from other cyber threats. The book also addresses the range of potential responses to this threat by exploring policy and legislative frameworks as well as a diversity of techniques for deterring or countering terrorism in cyber environments. The case studies throughout the book are global in scope and include the United States, United Kingdom, Australia, New Zealand and Canada. With contributions from distinguished experts with backgrounds including international relations, law, engineering, computer science, public policy and politics, Cyberterrorism: Understanding, Assessment and Response offers a cutting edge analysis of contemporary debate on, and issues surrounding, cyberterrorism. This global scope and diversity of perspectives ensure it is of great interest to academics, students, practitioners, policymakers and other stakeholders with an interest in cyber security.

This book covers the topics on cyber security in IoT systems used in different verticals such as agriculture, health, homes, transportation within the context of smart cities. The authors provide an analysis of the importance of developing smart cities by incorporating technologies such as IoT to achieve the sustainable development goals (SDGs) within the agenda 2030. Furthermore, it includes an analysis of the cyber security challenges generated by IoT systems due to factors such as heterogeneity, lack of security in design and few hardware resources in these systems, and how they should be addressed from a risk analysis approach, evaluating the risk analysis methodologies widely used in traditional IT systems.

Proof techniques in cryptography are very difficult to understand, even for students or researchers who major in cryptography. In addition, in contrast to the excessive emphases on the security proofs of the cryptographic schemes, practical aspects of them have received comparatively less attention. This book addresses these two issues by providing detailed, structured proofs and demonstrating examples, applications and implementations of the schemes, so that students and practitioners may obtain a practical view of the schemes. Seong Oun Hwang is a professor in the Department of Computer Engineering and director of Artificial Intelligence Security Research Center, Gachon University, Korea. He received the Ph.D. degree in computer science from the Korea Advanced Institute of Science and Technology (KAIST), Korea. His research interests include cryptography, cybersecurity, networks, and machine learning. Intae Kim is an associate research fellow at the Institute of Cybersecurity and Cryptology, University of Wollongong, Australia. He received the Ph.D. degree in electronics and computer engineering from Hongik University, Korea. His research interests include cryptography, cybersecurity, and networks. Wai Kong Lee is an assistant professor in UTAR (University Tunku Abdul Rahman), Malaysia. He received the Ph.D. degree in engineering from UTAR, Malaysia. In between 2009 - 2012, he served as an R&D engineer in several multinational companies including Agilent Technologies (now known as Keysight) in Malaysia. His research interests include cryptography engineering, GPU computing, numerical algorithms, Internet of Things (IoT) and energy harvesting.

A Sensible Guide to Program Management Professional (PgMP) (R) Success is for program managers preparing to take the PgMP exam based on The Standard for Program Management - 4th Edition (PgM4 Standard). It is designed for busy professionals whose responsibilities have taken them into the realm of coordinating, facilitating, managing, and leading programs. Program managers are leaders who are directly managing large amounts of project resources for their organizations. This study guide addresses three main concerns facing PgMP exam candidates: What are the essential concepts, processes, and tools that form the foundation of today's program management? Since program management is still an emerging profession with professionals often working in different ways, what does this mean for a "standard" exam? More specifically, how does that impact your ability to pass the PgMP exam? What is the best way to prepare for the PgMP exam? To address the first concern, this book highlights the underlying rationale for program management: why it exists in organizations; why it is becoming ever more important; what programs are, especially for the purpose of passing the exam; how to think like a portfolio manager; and what the most important concepts, processes, and tools are for this profession. By simplifying complex ideas and communicating them in plain English with relevant examples, this book aims to help readers not only to pass the PgMP exam but also to serve as an essential guide for program managers. For the second concern, this book differs from other study guides by describing the author's personal experience as a program manager and addressing the most pressing questions for each of the performance domains in The Standard for Program Management. To address the last concern, this book contains 420 practice questions, access to an online exam simulator and an online PgMP community, and a time-tested approach for passing the PgMP exam.

"The all-new edition of this security bestseller covers the latest techniques, tools, and case scenarios to help incident responders react quickly and efficiently to data breaches."

"Incident Response and Computer Forensics, Third Edition" is a fully updated edition of the bestselling technical guide that arms you with the right know-how to get your organization out of trouble when data breaches occur.

This new edition is chock-full of updates about tools and techniques as well as new real-world scenarios reflecting today's most common types of incidents. Detailed advice covers all aspects of incident investigation and handling, with an emphasis on forensics--knowing where and how to look into computers for evidence of wrongdoing. New chapters on investigation techniques, indicators of compromise, and remediation New advice on architecting networks from the ground-up to fight intrusions and on streamlining intrusion diagnoses for faster recovery Substantial updates on investigating Windows systems, malware analysis, memory analysis, application analysis, data collection, report writing, and incident management The most relevant tips and tricks for a forensics-forward approach to handling and protecting sensitive data without compromising systems further New and updated information for managers and business leaders to prepare for and manage an incident

The book puts forward dynamically enabled cyber defense technology as a solution to the system homogenization problem. Based on the hierarchy of the protected information system entity, the book elaborates on current mainstream dynamic defense technologies from four aspects: the internal hardware platform, software service, information data and external network communication. It also ascertains their possible evolution routes, clarifies their relationship with existing security products, and makes macro analyses and discussions on security gain and overall system efficiency of these technologies.This book can be used as both a textbook for graduate courses related to electronic information as well as a reference for scientific researchers engaged in relevant research. It helps graduate students majoring in electronics and information sciences to gain an understanding in dynamically-enabled cyber defense. Scientists and engineers specialising in network security research should also find this book to be a useful guide on recent developments in network security.

While Computer Security is a broader term which incorporates technologies, protocols, standards and policies to ensure the security of the computing systems including the computer hardware, software and the information stored in it, Cyber Security is a specific, growing field to protect computer networks (offline and online) from unauthorized access, botnets, phishing scams, etc. Machine learning is a branch of Computer Science which enables computing machines to adopt new behaviors on the basis of observable and verifiable data and information. It can be applied to ensure the security of the computers and the information by detecting anomalies using data mining and other such techniques. This book will be an invaluable resource to understand the importance of machine learning and data mining in establishing computer and cyber security. It emphasizes important security aspects associated with computer and cyber security along with the analysis of machine learning and data mining based solutions. The book also highlights the future research domains in which these solutions can be applied. Furthermore, it caters to the needs of IT professionals, researchers, faculty members, scientists, graduate students, research scholars and software developers who seek to carry out research and develop combating solutions in the area of cyber security using machine learning based approaches. It is an extensive source of information for the readers belonging to the field of Computer Science and Engineering, and Cyber Security professionals. Key Features: This book contains examples and illustrations to demonstrate the principles, algorithms, challenges and applications of machine learning and data mining for computer and cyber security. It showcases important security aspects and current trends in the field. It provides an insight of the future research directions in the field. Contents of this book help to prepare the students for exercising better defense in terms of understanding the motivation of the attackers and how to deal with and mitigate the situation using machine learning based approaches in better manner.

The wave of data breaches raises two pressing questions: Why don't we defend our networks better? And, what practical incentives can we create to improve our defenses? Why Don't We Defend Better?: Data Breaches, Risk Management, and Public Policy answers those questions. It distinguishes three technical sources of data breaches corresponding to three types of vulnerabilities: software, human, and network. It discusses two risk management goals: business and consumer. The authors propose mandatory anonymous reporting of information as an essential step toward better defense, as well as a general reporting requirement. They also provide a systematic overview of data breach defense, combining technological and public policy considerations. Features Explains why data breach defense is currently often ineffective Shows how to respond to the increasing frequency of data breaches Combines the issues of technology, business and risk management, and legal liability Discusses the different issues faced by large versus small and medium-sized businesses (SMBs) Provides a practical framework in which public policy issues about data breaches can be effectively addressed

Intrusion Detection and Correlation: Challenges and Solutions presents intrusion detection systems (IDSs) and addresses the problem of managing and correlating the alerts produced. This volume discusses the role of intrusion detection in the realm of network security with comparisons to traditional methods such as firewalls and cryptography.

The Internet is omnipresent and companies have increasingly put critical resources online. This has given rise to the activities of cyber criminals. Virtually all organizations face increasing threats to their networks and the services they provide. Intrusion detection systems (IDSs) take increased pounding for failing to meet the expectations researchers and IDS vendors continually raise. Promises that IDSs are capable of reliably identifying malicious activity in large networks were premature and never tuned into reality.

While virus scanners and firewalls have visible benefits and remain virtually unnoticed during normal operations, the situation is different with intrusion detection sensors. State-of-the-art IDSs produce hundreds or even thousands of alerts every day. Unfortunately, almost all of these alerts are false positives, that is, they are not related to security-relevant incidents.

Intrusion Detection and Correlation: Challenges and Solutions analyzes the challenges in interpreting and combining (i.e., correlating) alerts produced by these systems. In addition, existing academic and commercial systems are classified; their advantage and shortcomings are presented, especially in the case of deployment in large, real-world sites.

Machine learning boosts the capabilities of security solutions in the modern cyber environment. However, there are also security concerns associated with machine learning models and approaches: the vulnerability of machine learning models to adversarial attacks is a fatal flaw in the artificial intelligence technologies, and the privacy of the data used in the training and testing periods is also causing increasing concern among users. This book reviews the latest research in the area, including effective applications of machine learning methods in cybersecurity solutions and the urgent security risks related to the machine learning models. The book is divided into three parts: Cyber Security Based on Machine Learning; Security in Machine Learning Methods and Systems; and Security and Privacy in Outsourced Machine Learning. Addressing hot topics in cybersecurity and written by leading researchers in the field, the book features self-contained chapters to allow readers to select topics that are relevant to their needs. It is a valuable resource for all those interested in cybersecurity and robust machine learning, including graduate students and academic and industrial researchers, wanting to gain insights into cutting-edge research topics, as well as related tools and inspiring innovations.

This book covers techniques that can be used to analyze data from IoT sensors and addresses questions regarding the performance of an IoT system. It strikes a balance between practice and theory so one can learn how to apply these tools in practice with a good understanding of their inner workings. This is an introductory book for readers who have no familiarity with these techniques. The techniques presented in An Introduction to IoT Analytics come from the areas of machine learning, statistics, and operations research. Machine learning techniques are described that can be used to analyze IoT data generated from sensors for clustering, classification, and regression. The statistical techniques described can be used to carry out regression and forecasting of IoT sensor data and dimensionality reduction of data sets. Operations research is concerned with the performance of an IoT system by constructing a model of the system under study and then carrying out a what-if analysis. The book also describes simulation techniques. Key Features IoT analytics is not just machine learning but also involves other tools, such as forecasting and simulation techniques. Many diagrams and examples are given throughout the book to fully explain the material presented. Each chapter concludes with a project designed to help readers better understand the techniques described. The material in this book has been class tested over several semesters. Practice exercises are included with solutions provided online at www.routledge.com/9780367686314 Harry G. Perros is a Professor of Computer Science at North Carolina State University, an Alumni Distinguished Graduate Professor, and an IEEE Fellow. He has published extensively in the area of performance modeling of computer and communication systems.

Digital forensics has been a discipline of Information Security for decades now. Its principles, methodologies, and techniques have remained consistent despite the evolution of technology, and, ultimately, it and can be applied to any form of digital data. However, within a corporate environment, digital forensic professionals are particularly challenged. They must maintain the legal admissibility and forensic viability of digital evidence in support of a broad range of different business functions that include incident response, electronic discovery (ediscovery), and ensuring the controls and accountability of such information across networks. Digital Forensics and Investigations: People, Process, and Technologies to Defend the Enterprise provides the methodologies and strategies necessary for these key business functions to seamlessly integrate digital forensic capabilities to guarantee the admissibility and integrity of digital evidence. In many books, the focus on digital evidence is primarily in the technical, software, and investigative elements, of which there are numerous publications. What tends to get overlooked are the people and process elements within the organization. Taking a step back, the book outlines the importance of integrating and accounting for the people, process, and technology components of digital forensics. In essence, to establish a holistic paradigm-and best-practice procedure and policy approach-to defending the enterprise. This book serves as a roadmap for professionals to successfully integrate an organization's people, process, and technology with other key business functions in an enterprise's digital forensic capabilities.