Cyber Security Essentials: Understanding Risk and Controls

Author(s): Scott H. Belshaw, Ben Allen CISM CRISC

Edition: 1

Copyright: 2022

Pages: 238. LSI page count does not change


Details: Print Product |

Since the 1990's, the internet has transformed business by enabling the collection, analysis, and almost instantaneous transmission of data. It has also transformed crime. The demand for 24-hour online access to databases and information has created unprecedented opportunities for unethical people. A hacker anywhere in the world can sneak into your company's computer network, steal all your sensitive data, and sell it to other criminals on the internet.

Cyber Security Essentials is a resource to help you understand and manage the threat of cybercrime. The first section is an overview of the different types of cyberthreats. The second section provides tools and techniques for assessing risk and identifying the best options to protect your business. The third section concerns cybercrime that targets individuals. 

You do not know where your adversary lives, or what they will do next, but you can stay ahead of them by keeping yourself informed and leveraging the latest technology. There are solutions for almost every threat. Transform yourself from a victim into a proactive digital citizen who makes cyberseurity a priority in every area of life. When your adversary discovers that you are difficult to attack, they will move on to an easier target.

About the Authors

1 ­ The Scope of Cybercrime
 Computer Intrusion, or Hacking
 Spoofing and Phishing
 Business Email Compromise
 Social Engineering
 Third-Party Fraud and Identity Theft
 Intellectual Property Theft
 Insider Threats
 Money Laundering and Money Mules
 Phantom Incident Extortion
 Cryptocurrency Mining
 Legacy Software
 The Internet of Things and Cybersecurity

2 Know Your Cyber-Enemy
 The Internet Is Anonymous
 The Internet Is Ubiquitous
 The Internet Is Self-Regulated
 Who Are the Cybercriminals?
 Threat Actors, Cybercriminals, and Hackers
 Surface Web, Deep Web, and Dark Web

3 Who Is Liable – Can A Victim Be Guilty?
 Health Insurance Portability and Accountability Act (HIPAA)
 Data Breach Notification Laws
 Within the Organization
 Duty of Care
Wire Fraud
 Debit Cards and Credit Card Accounts
 Application Fraud
 Law Enforcement and Cybercrime

4 How to Assess Risk, and Plan and Implement the Best Cybersecurity Strategy for Your Business
 Elements of Cybersecurity
 Understanding Your Risk From Cyberattacks
 Implementing a Cybersecurity Strategy
 Cybersecurity Standards

5 Principles for Managing Cybersecurity
 Cyberattack is a Business Risk
 Cybersecurity Flows from the Top Down
 Treat Cybersecurity as Part of Your Business Model
 Do Not Leave Cybersecurity Up to the IT Department
 Good Cybersecurity Requires Good Leadership
 Compliance with Standards Does Not Guarantee Security
 Any New Business Practice Presents a Cybersecurity Threat
 Monitor Shadow IT

6 Cybersecurity Best Practices
 Asset Management
 Software Management
 Continuous Vulnerability Management
 Control of Permissions and Administrative Privileges
 Secure Configuration of Software and Hardware
 Collect, Maintain, and Analyze Audit Logs
 Protect Email and Web Browsers
 Defend Against Malware
 Control the Use of Network Ports, Protocols, and Services
 Back Up Data and Software
 Organize and Protect Your Data
 Manage Wireless
 User Accounts
 Software Security and Maintenance
 Employee Security Awareness
 Build Cyber Resiliency with an Incident Response Plan

7 Cybersecurity Incident Response
 Cybersecurity Incident Response Plan
 Testing and Maintaining Your CSIRP
 Cybersecurity Insurance—How to Transfer Risk
 How to Report a Cybercrime

8 Creating a Culture of Behavioral Cybersecurity
 Technical Barriers
 Employee Education
 Behavioral Cybersecurity
 Employee Handbook
 Password Policies
 Whistleblower Hotlines

9 Cybersecurity for Small Businesses
 Identify Digital Assets and Assess Risk
 Segment Your Business and Limit Employee Access to Data and Information
 Protect Your WiFi and Your Network
 Back Up Your Data
 Install and Set Up Soft ware and Hardware Firewalls
 Secure Your Power Supply
 Set Up Web and Email Filters
 Keep Your Soft ware Updated
 Get Good Help
 Cybersecurity as a Service
 Train Your Employees: Behavioral Cybersecurity
 Develop and Incident Response Plan

10 Our Data-Driven World
 Advertising and Marketing
 Economics, Research, and Surveillance
 Data Brokers

11 How to Protect Your Private Life
 Your Personally Identifiable Information (PII)
 Your Reputation
 Social Media
 Think Before You Sync
 Protecting Your Home Network
 How Do You Know When You Have Been Hacked?
Be Proactive
 Famliar Fraud

12 Romance Scams
 Legal Consequences for Money Mules
 Fake Online Profiles
 Romance Scams as a Business

13 Protecting Yourself
 Online Dating
 Advance Fee Scams
 Nigerian Letters or “419” Fraud
 Ecommerce Fraud
 Online Shopping

14 Protecting Your Family
 Control Access to Internet Devices in Your Home
 Control Your Public Profile
 Control Your Social Media Presence
 Your Children and the Internet

Further Reading

Scott H. Belshaw

Scott H. Belshaw is currently an Associate Professor of Criminal Justice at the University of North Texas in Denton, Texas. Dr. Belshaw holds a Ph.D. in Juvenile Criminal Justice from Prairie View A&M University. He earned his Bachelor of Science in Social Sciences from the University of Houston-Downtown. He also holds both a Master of Arts in Liberal Arts from Houston Baptist University and a Master of Arts in Criminology from the University of Houston-Clear Lake. Dr. Belshaw’s criminal justice experience includes working many years with the Harris County Texas Community Supervision and Corrections Department serving as a probation officer, gang intelligence officer, and court liaison probation officer. Dr. Belshaw has published books on organized crime and constitutional law. He has published numerous research articles in criminal justice journals. Dr. Belshaw is currently serving as the Director of the Cyber Forensics Lab at the University of North Texas.


Ben is a security guru, author, speaker, and thought leader with over 10 years of experience in security resolution for global crimes agencies, corporate and personal brands. In his role as CEO at Allen Forensics Inc, a US-based Cyber Risk Advisory Firm, he leads security consulting, training in cyber security, online privacy, and financial crimes investigation. Ben has an MBA from Lincoln University in Oakland, CA, and a bachelor's in Accounting. He is also a licensed private investigator in Texas and has spoken at the Cyber Craft Summit US amongst others. He combines technical expertise with cutting-edge knowledge in emerging fields such as insider threat and personal/digital privacy concierge to design custom security programs and solutions.

His experience spans both internal and external consulting services with Chase Bank, Standard Chartered bank, Robinhood Financial, Deutsche Bank, MoneyGram, GuideHouse Inc, Department of State Services in Nigeria, Economic and Financial Crimes Commission (EFCC) in Nigeria amongst others. He also serves on the board of Cyber Security Non-Profit Dallas.

Related ISBN's: 9781792485428, 9781792497247




ISBN 9781792485428

Details Print Product