This textbook offers a technical, architectural, and management approach to solving the problems of protecting national infrastructure and includes practical and empirically-based guidance for students wishing to become security engineers, network operators, software designers, technology managers, application developers, Chief Security Officers, etc.. This approach includes controversial themes such as the deliberate use of deception to trap intruders. In short, it serves as an attractive framework for a new national strategy for cyber security. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows students to understand how any organization, such as a government agency, integrates the principles into their local environment. The STUDENT EDITION features several case studies illustrating actual implementation scenarios of the principals and requirements discussed in the text. It also includes helpful pedagogical elements such as chapter outlines, chapter summaries, learning checklists, and a 2-color interior. And it boasts a new and complete instructor ancillary package including test bank, IM, Ppt slides, case study questions, and more.

Provides case studies focusing on cyber security challenges and solutions to display how theory, research, and methods, apply to real-life challenges

Utilizes, end-of-chapter case problems that take chapter content and relate it to real security situations and issues

Includes instructor slides for each chapter as well as an instructor s manual with sample syllabi and test bank"

No nation - especially the United States - has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology in their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment. This book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction.

* Covers cyber security policy development for massively complex infrastructure using ten principles derived from experiences in U.S. Federal Government settings and a range of global commercial environments. * Provides a unique and provocative philosophy of cyber security that directly contradicts conventional wisdom about info sec for small or enterprise-level systems. * Illustrates the use of practical, trial-and-error findings derived from 25 years of hands-on experience protecting critical infrastructure on a daily basis at AT&T.