Releases

You CAN Stop Stupid

Stopping Losses from Accidental and Malicious Actions

Around the world, users cost organizations billions of dollars due to simple errors and malicious actions. They believe that there is some deficiency in the users. In response, organizations believe that they have to improve their awareness efforts and making more secure users. This is like saying that coalmines should get healthier canaries. The reality is that it takes a multilayered approach that acknowledges that users will inevitably make mistakes or have malicious intent, and the failure is in not planning for that. It takes a holistic approach to assessing risk combined with technical defenses and countermeasures layered with a security culture and continuous improvement. Only with this kind of defense in depth can organizations hope to prevent the worst of the cybersecurity breaches and other user-initiated losses.

Using lessons from tested and proven disciplines like military kill-chain analysis, counterterrorism analysis, industrial safety programs, and more, Ira Winkler and Dr. Tracy Celaya’s You CAN Stop Stupid provides a methodology to analyze potential losses and determine appropriate countermeasures to implement.

Business technology and security professionals will benefit from the information provided by these two well-known and influential cybersecurity speakers and experts.

  • Minimize business losses associated with user failings
  • Optimize your security spending
  • Improve your organization’s culture
  • Proactively plan to prevent and mitigate data breaches
  • Cost justify your security and loss reduction efforts

Advanced Persistent Security

A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies

Advanced Persistent Security covers secure network design and implementation, including authentication, authorization, data and access integrity, network monitoring, and risk assessment. Using such recent high profile cases as Target, Sony, and Home Depot, the book explores information security risks, identifies the common threats organizations face, and presents tactics on how to prioritize the right countermeasures.

The book discusses concepts such as malignant versus malicious threats, adversary mentality, motivation, the economics of cybercrime, the criminal infrastructure, dark webs, and the criminals organizations currently face.

Security Awareness for Dummies

Security Awareness For Dummies addresses the subject from that of a practitioner attempting to design and implement their own security awareness program. The book is extremely pragmatic and practical to allow for readers of any skill level to pick up the book and apply the material immediately, to either create or improve their own awareness programs.

It book will cover some of the fundamental scientific principles involved with creating awareness program, but only from the perspectives of providing guidance to ensuring the resulting programs are effective and providing a scientific foundation to the program target audience or to the authorities over the awareness manager.

This will not be a book about scientific theories, but a practical book that goes straight to “how” to implement the program. There is, however, some “why” and “what” type of information because it is important for the reader to understand why they are going through the efforts that they are, and being able to justify them to management.

Classic Books

Spies Among Us

How to Stop the Spies, Terrorists, Hackers, and Criminals You Don’t Even Know You Encounter Every Day

Ira Winkler has been dubbed “A Modern Day James Bond” by CNN and other media outlets for his ability to simulate espionage attacks against many of the top companies in the world, showing how billions of dollars can disappear. This unique book is packed with the riveting, true stories and case studies of how he did it-and how people and companies can avoid falling victim to the spies among us.

American corporations now lose as much as $300 billion a year to hacking, cracking, physical security breaches, and other criminal activity. Millions of people a year have their identities stolen or fall victim to other scams.

In Spies Among Us, Ira Winkler reveals his security secrets, disclosing how companies and individuals can protect themselves from even the most diabolical criminals. He goes into the mindset of everyone from small-time hackers to foreign intelligence agencies to disclose cost-effective countermeasures for all types of attacks.

Why James Bond and Sydney Bristow are terrible spies

How a team was able to infiltrate an airport in a post-9/11 world and plant a bomb

How Ira and his team were able to steal nuclear reactor designs in three hours

The real risks that individuals face from the spies that they unknowingly meet on a daily basis

Recommendations for how companies and individuals can secure themselves against the spies, criminals, and terrorists who regularly cross their path

Corporate Espionage

What It Is, Why It’s Happening in Your Company and What You Must Do About It

There is widespread misconception in America that industrial espionage is a high-tech crime perpetrated by slick James Bond types or genius computer hackers — not true! Every year millions of companies lose billions of dollars because their valuable information leaks out through ordinary people and simple, preventable methods.In his new book, Corporate Espionage, information security expert Ira Winkler reveals how he stole billions of dollars in sensitive information from a large corporation in a day and a half while they didn’t even know he was inside.

Of course he then gave back the information because the target was his client and its executives were paying him to execute a penetration test. But what might really alarm companies is the fact that Winkler steals most of his information by simply asking for it, looking on desk tops, digging through trash, walking into unlocked offices at night or reading internal newsletters that reveal too much. Corporate Espionage instructs companies how to break bad habits and protect themselves from espionage.

Readers catch an inside look at: Step-by-step details of foreign and domestic case studies involving KGB agents, the Japanese, German, China, Cuban and Israeli government, and losses from Intel, Boeing, and other major corporations and banksAn interview with the former director of the CIAWhy companies must consider their own employees as the most deadly of all spiesWhy and which apparently friendly countries are the most actively engaged in espionage against the United StatesWhere and how Russia, Germany, Chinese and other major intelligence agencies recruit their agents

Through the Eyes of the Enemy:

Russia’s Highest Ranking Military Defector Reveals why Russia is More Dangerous Than Ever

The Cold War — is it really over? Col. Stanislav Lunev suggests that it may not be. In his compelling autobiography Through the Eyes of the Enemy, Col. Lunev reveals how Russian President Boris Yeltsin ordered the KGB to double its corporate, government, and military espionage against the U.S.

Col. Lunev’s story is significant. He knows some of the highest-ranking members of the Russian government, and served them well for over 30 years. At one time, Stanislav Lunev could have easily been described as the villain in a James Bond film. But then he defected from Russia and did something he would have eagerly killed other people for: He told the U.S. government everything he knows.

Now in his autobiography, Col. Lunev offers startling revelations about:

— Soviet assassination squads

— Soviet medical experiments on American prisoners-of-war from Korea and Vietnam — and questions if some of them might still be in captivity

— Recruiting spies in Congress, in the military, and from the editorial,offices of a leading American newspaper

What shocked intelligence experts will shock American readers even more — and unlike most spy stories, Through the Eyes of the Enemy is true.

Zen and the Art of Information Security

While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves. Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler’s experiences making security understandable to the business world. Mr. Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year. Zen and the Art of Information Security is based on one of his most well received international presentations.