Around the world, SCADA (supervisory control and data acquisition) systems and other real-time process control networks run mission-critical infrastructure--everything from the power grid to water treatment, chemical manufacturing to transportation. These networks are at increasing risk due to the move from proprietary systems to more standard platforms and protocols and the interconnection to other networks. Because there has been limited attention paid to security, these systems are seen as largely unsecured and very vulnerable to attack.
This book addresses currently undocumented security issues affecting SCADA systems and overall critical infrastructure protection. The respective co-authors are among the leading experts in the world capable of addressing these related-but-independent concerns of SCADA security. Headline-making threats and countermeasures like malware, sidejacking, biometric applications, emergency communications, security awareness llanning, personnel & workplace preparedness and bomb threat planning will be addressed in detail in this one of a kind book-of-books dealing with the threats to critical infrastructure protection. They collectivly have over a century of expertise in their respective fields of infrastructure protection. Included among the contributing authors are Paul Henry, VP of Technology Evangelism, Secure Computing, Chet Hosmer, CEO and Chief Scientist at Wetstone Technologies, Phil Drake, Telecommunications Director, The Charlotte Observer, Patrice Bourgeois, Tenable Network Security, Sean Lowther, President, Stealth Awareness and Jim Windle, Bomb Squad Commander, CMPD.
* Internationally known experts provide a detailed discussion of the complexities of SCADA security and its impact on critical infrastructure
* Highly technical chapters on the latest vulnerabilities to SCADA and critical infrastructure and countermeasures
* Bonus chapters on security awareness training, bomb threat planning, emergency communications, employee safety and much more
* Companion Website featuring video interviews with subject matter experts offer a "sit-down" with the leaders in the field

Network Security Evaluation provides a methodology for conducting technical security evaluations of all the critical components of a target network. The book describes how the methodology evolved and how to define the proper scope of an evaluation, including the consideration of legal issues that may arise during the evaluation. More detailed information is given in later chapters about the core technical processes that need to occur to ensure a comprehensive understanding of the network's security posture.
Ten baseline areas for evaluation are covered in detail. The tools and examples detailed within this book include both Freeware and Commercial tools that provide a detailed analysis of security vulnerabilities on the target network. The book ends with guidance on the creation of customer roadmaps to better security and recommendations on the format and delivery of the final report.
* There is no other book currently on the market that covers the National Security Agency's recommended methodology for conducting technical security evaluations
* The authors are well known in the industry for their work in developing and deploying network security evaluations using the NSA IEM
* The authors also developed the NSA's training class on this methodology