BKCRPESP.RVW 990424 "Corporate Espionage", Ira Winkler, 1997, 0-7615-0840-6, U$26.00/C$34.95 %A Ira Winkler %C 3875 Atherton Road, Rocklin, CA 95765-3716 %D 1997 %G 0-7615-0840-6 %I Prima Publishing %O U$26.00/C$34.95 800-632-8676 916-632-4400 fax: 916-632-1232 %O http://www.amazon.com/exec/obidos/ASIN/0761508406/robsladesinterne %P 365 p. %T "Corporate Espionage" This readable and realistic guide to becoming professionally paranoid has a special emphasis on data security and high tech companies, but can be very useful to pretty much anyone. Part one looks at espionage concepts. Chapter one, and the introduction that precedes it, points out that information is one of the primary sources of value in any business. Chapters two through five look at the basic ideas for any examination of data security, those of risk, value, threat, and vulnerability. Presented in terms, and with examples, that anyone can understand, they nevertheless form the foundation for examining security and protection for computer and communications systems as well as the sales "red book" for next quarter. Part two presents a variety of case studies. Winkler concentrates on the non-technical, relatively simple, and devastatingly effective "social engineering" aspect of break-ins. Chapter six is a compilation of tactics used in various penetration tests. One particular test is outlined in chapter seven. Chapters eight to eleven detail actual espionage cases carried out by foreign companies. A different penetration test is presented in chapter twelve. A third party account of a "crack" is discussed in chapter thirteen. Part three outlines what you can do to protect yourself. Chapter fourteen describes a significant list of countermeasures to take, starting with an effective education program. Finally, chapter fifteen presents a large scale program for overall security. This book is very down to earth, and very real. Unlike any number of "hacker" books, it doesn't attempt to impress the reader with displays of arcane knowledge: it doesn't have to. Technical details are almost non-existent, making the text an excellent choice for use in educating any level or type of employee on the need for security. copyright Robert M. Slade, 1999 BKCRPESP.RVW 990424