We have finalized all elements of the new book – Cybersecurity and Digital Forensics: Policy, Management and Technology. It will be available to present, old and new subscribers from Jan 2, 2018 here on Tekedia. For marketing purposes, it does not make sense to publish a book in December. That is why it will be unveiled next month; we do not want it to be old within few days.

It is a very comprehensive book on cybersecurity policy, cybersecurity management, cybersecurity technology, cybersecurity intelligence, and digital forensics. You will like it.

As always, one Tekedia subscription makes all our wares available to you.

TABLE OF CONTENTS

Beginning

Preamble

About the Author – Ndubuisi Ekekwe, PhD

 

Structure of Information Systems

1.0       Computer Fundamentals

1.1       Fundamentals of Internet

1.2       Number Systems

1.3       Information System and Business

 

Information Security

2.0       Access Control Techniques

2.1       Account Administration

2.2       Account Accessibility

2.3       Authentication Techniques

 

Network Vulnerabilities

3.0       Networking Types, ISO Model

3.1       Networking Devices, Topologies

3.2       IP Address, MAC Address & Ports

3.3       DNS & DHCP Server

3.4       Network Vulnerabilities & Types of Attacks

 

Foundation of Cybersecurity

4.0       Hacking

4.1       Phases of Ethical Hacking

4.2       Testing

4.3       Cyber-Warfare and Cyber-Terrorism

4.4       Security Implementation and Governance

 

BYOD & SMAC Security

5.0       SMAC

5.1       SMAC Security & Forensics

5.2       BYOD

5.3       BYOD Security & Forensics

 

Preventing Cyber Intrusion

6.0       What is Cyber-Attack?

6.1       Cyber-Attack Response Plan

6.2       Compliance Plan Against Cyber-Attack

6.3       Technology for Preventing Cyber-Intrusion

 

Emerging Cybersecurity Tech

7.0       Emerging Cybersecurity Tech

7.1       Changing Trends in Cybersecurity

7.2       Social Media Role

7.3       Cybersecurity Techniques

7.4       Cyber Ethics

 

Ethical Hacking

8.0       Basic

8.1       Purpose of Ethical Hacking

8.2       Hackers -Types, Purposes and Goals

8.3      Phases of Ethical Hacking

8.4     Cyber warfare and Terrorism

 

Malware Analysis

9.0       Malware – Variants, Infections and Effects

9.1       Malware Analysis – Goals, Types

9.2       Method of Malware Analysis

9.3       Setup

9.4       FUD and Avoidance

 

Penetration Testing & Tools

10.0     Basics of Penetration Testing

10.1     PenTest – Types, Models, Methodologies

10.2     Vulnerability Assessment vs. Penetration Testing

10.3     Penetration Testing Tools

10.4     Penetration Testing Distributions

 

Intrusion Detection and Prevention

11.0     Intrusion Detection System (IDS)

11.1    Intrusion Prevention System (IPS)

11.2     IDS vs. IPS vs. Firewall

11.3     Common Detection Methodology

 

Network & OS Security

12.0     Network Security – Basics, Forms, Prevention

12.1     OS Security Threats

12.2     Cryptography-Network and OS Security

 

Ethics in Information Technology

13.0     Morals, Ethics, and Laws

13.1     Ethics in Business

13.2     Ethics in Information Technology

13.3     IT Policy

 

Security Policy Analysis

14.0     Security Policy and Law

14.1     Policy Development – Process & Lifecycle

14.2     Policy Types & Standards

14.3     Policy Troubleshooting

 

Security Policy Implementation

15.0     Identify Needs Issues/Threats

15.1     Identify the Policy Users

15.2     Review & Write Policy

15.3     Train and Enforce Policy

15.4     Review and Modify

 

Global Cybersecurity Policy & Law

16.0     Cyberspace & Cybercrimes

16.1     Information Warfare & Legal Issues

16.2     National Cybersecurity Policy & Law

16.3     International Law & Policy

16.4     Legal Process & Punishment

 

Enterprise Cybersecurity Policy

17.0     Enterprise Cybersecurity Policy

17.1     Vulnerability Assessment & Risk Analysis

17.2     Security Testing Frameworks

17.3     Vulnerability Prevention

17.4     Tools & Techniques

 

Physical & Human Security Management

18.0     Physical Security

18.1     Physical Security Threats

18.2     Planning and Executing

18.3     Physical Security Checklist

18.4     Theft and Locks Picking

 

Human Security Management

19.0     Human Security

19.1     Social Engineering Techniques

19.2     Dumpster Diving & Shoulder Surfing

19.3     Phishing & Countermeasure

19.4     Staff Training

 

Cybersecurity Essentials for Leaders

20.0     Planning & Managing Enterprise Information System

20.1     Planning & Managing Enterprise Network Structure

20.2     Privacy & Human Security Management

20.3     Planning & Managing Security Assessment & Testing

20.4     Disaster Recovery/Contingency Planning

 

Cyber Incident Analysis and Response

21.0     Cybersecurity Incident & Risk

21.1     Planning & preparing for Cyber Incident

21.2     Planning Cybersecurity Incident Response

21.3     Planning Risk Management

21.4     Disaster Recovery & Business Continuity

 

Building Secure Enterprises & Organizations

22.0     Secure Enterprises & Organizations

22.1     Scope and Approach

22.2     Business Goals & Security

22.3     Baseline Analysis & Desired State

22.4     Policy and Procedures

 

Cybersecurity Project Management

23.0     Cybersecurity Project Management

23.1     Key factors for Success

23.2     Frameworks for Cybersecurity Management

23.3     Implementation of Framework

23.4     Basic Tenets

 

Digital Forensics & Evidence

24.0     Digital Forensics

24.1     Digital Forensics Model

24.2     Approach and Process

24.3     Evidence Gathering & Assessment

24.4     Evidence Examination

 

SMAC & BYOD Forensics

25.0     Social Media Forensics

25.1     Mobile Forensics

25.2     Cloud Forensics

25.3     BYOD Forensics

25.4     Digital Forensics Lifecycle

 

Guarding Against Cyber Intrusions

26.0     Attacks, Tools for Defending Against

26.1     Privileges and Access Rights

26.2     Policy for Users and Organizations

26.3     Contingency Plan

26.4     Training

 

Information Systems Security & Assurance

27.0     Information Systems Security & Assurance

27.1     Information Security

27.2     Information Assurance

27.3     Information Security and Assurance

 

Cyber Intelligence & Counter Intelligence

28.0     Cyber Intelligence

28.1     Information for Strategic Decision

28.2     Counter Intelligence

28.3     Governments & Businesses

28.4     Incident handling & Damage control

 

29. Conclusion

 

GE is struggling. It made some big mistakes over the last few years. When GE sold GE Capital, a cash cow, which has a history of generating free cash, and bought new assets like Alstom, I was not comfortable. (I hold GE shares because of the dividend.) GE had premised the acquisition of Alstom Power and Grid businesses on the potential growth of power in the emerging market including Africa. The plan was to sell off non-core businesses and become a premier industrial company. For me, it was not an issue then because GE promised to be paying dividend, the only reason for holding the laggard.

Today, we announced an exciting and promising new chapter for GE, a plan to create a simpler, more valuable industrial company by reducing the size of our financial business. As a first step, we also announced agreements to sell the bulk of GE Capital Real Estate assets for a total value of approximately $26.5 billion.

[…]

GE today is a premier industrial company with businesses in high-growth industries. We are leaders in technology, well positioned in growth markets and delivering higher margins and lower costs. This transformation positions GE for long-term success as we pair our best-in-class industrials with financial businesses focused on growth.

Unfortunately, Africa like most emerging countries may not need power turbines for electricity in the way that GE had modeled its business. They are going all the way to renewables, by-passing the products which GE has positioned itself. When Dangote Group plans to drop $50 billion to develop the renewable energy, it does mean that GE had simply lost the (potential) market. The highly fragmented renewable energy is the reason why GE Power is struggling. Unlike in the past where clients needed 200MW of generating power, today, they can ask for pieces of 2MW generating power systems through renewable.

The dividend crises this year, on the most celebrated element of GE, i.e. the capacity to pay dividend, was largely because the new companies could not generate as much cash as the ones sold to get them. GE Capital provided cash, Alstom and others are not doing well.

GE said “a significant decline in orders” at GE Power prompted the layoffs in Schenectady. Workers will receive severance and help finding new jobs, GE said.

According to Bloomberg, GE has eliminated a total of 14,742 jobs in 2017, reducing its power-business workforce by 12,000 people. That is not what happens when a business is growing. Simply, the GE Power is burning cash and GE is struggling to manage it.

GE stock has fallen 44 percent this year as of 3:45 p.m. Thursday in New York. That’s the worst performance by far of any member of the the Dow Jones Industrial Average. The index is up 22 percent.

The Lessons

There are many things to learn from GE as it struggles to find a promising future. Here are two I am interested in:

• Cashflow Stress: GE wanted to streamline its business, cutting off GE Capital which was very important in deal financing and generating good cash flow. The cashflow has been critical in GE’s capacity to sustain its dividend tradition, despite the lack of growth in the stock. Selling GE Capital was also problematic in another angle: the GE Capital was making it easier for GE to sell its wares by providing easier capital to clients. Partly, GE could be struggling because of the absence of GE Capital.
• Industrialized Conglomerate: GE is an industrialized conglomerate and was thinking in the same old way. It felt that it had to consolidate the business to the areas of its core competency. So, sell a financial services firm and load on a power company. That was a poor playbook. If GE has taken note of modern conglomerates like Alphabet, which runs Waymo (a car company) and Google (a search company), the era of core competency is largely over. Building a new business is far easier for these great companies today. GE could have left GE Capital because there will always be finance. Most things GE had promised when it started selling the financial services and the real estate business have not happened.

The Management Process

GE has an enviable management system. It has been celebrated for decades for inventing new ways of running companies. The question right now is whether the GE management system is relevant in a knowledge-driven economy. That you ruled the industrial economy with management systems does not mean that those systems can work in a knowledge economy era. Peter Institute will rank institutions like GE as the best in management, but that does not mean so, in market performances.

The Drucker Institute, set up to advance the thought of management guru Peter F. Drucker, put Amazon at the top of its inaugural list of the U.S.’s most effectively managed companies.  The methodology is based on 37 different rankings including patent registrations and employee reviews on Glassdoor, which explains why companies in the news for chronically falling revenues (IBM) or poor shareholder returns (P&G, GE) fare surprisingly well in the list.

Leading in a time like this will require picking ideas on how modern digital conglomerates are run. Jack Ma, the founder of Alibaba explained in a recent speech in China during the Fortune Global Forum.

According to Fortune, Alibaba’s Jack Ma had three pieces of advice for businesses that want to do business in China. They as follows:

1. […]

2. Send great entrepreneurs to lead your business in China, not professional managers. “Those people make the boss happy, they do not make the customers happy.”

Yes, GE needs to make way for entrepreneurial management that is not focusing on the industrial economy. This is a knowledge economy but GE has not gotten it. The biggest flaw in GE management system is the imagination that power units will compensate for financial services and real estate businesses. GE lost the memo on services which remain critical to any business, bringing good margins when industrials struggle.

All Together

I do think that GE needs to take management internships in Google (yes Alphabet), Alibaba or Amazon to have a better idea on how the world (knowledge) economy works. A “premier industrial company” does not mean that one cannot bring the knowledge business in the same economy. Alphabet runs any type of business today and finds ways it can build synergies across them. GE is simply fixated on making heavy equipment which may not be needed in the ways it has imagined. Everything is changing, including transportation, and GE is right to be thinking of leaving the locomotive business: with Uber, Lyft and others, locomotives may not be a really good business in the near future. Simply, GE lost the world; it has a lot of work to do, to recover. Its problems are severe, because it has sold some of its best assets, when it expected the world to align to its future, instead of adjusting to the emerging and evolving new world. A more agile Board may not be a bad idea: I need the badly beaten stocks to rise.

As an entrepreneur working at the interface of electronics and big data with the analytics, competitive capability is about finding how to create better models. To do that, you work to be at the state of the art. In the electronics world, I do believe that Generative Adversarial Networks (GANs) will take over and extend the capabilities of GPU (graphics processing units) in coming years. Implementing GANs enablers in circuits and boards will be very catalytic for those that process and manipulate data, at scale, within the whole constructs of AI.

Generative adversarial networks (GANs) are a class of artificial intelligence algorithms used in unsupervised machine learning, implemented by a system of two neural networks contesting with each other in a zero-sum game framework. This technique can generate photographs that look at least superficially authentic to human observers, having many realistic characteristics (though in tests people can tell real from generated in many cases). It was invented by Ian Goodfellow.. (Wikipedia)

Generative Adversarial Networks (GANs) has transformed deep learning by accurately modeling real world data better than any model developed before.

In Fasmicro Group, we are working to improve models used in our products, already anchored on neuromorphics which emulate human biology to make better systems. I am learning GANs to see how we can extend our capabilities as we serve clients through our products. GANs is going to be huge, and we want to have deep understanding of the applications as it scales.

Here, we have a history of tearing things apart, but in this specific one, it seems we have to build something. As Intel FPGA partner in Africa, we are exploring how to implement GANs in hardware to examine how it could improve some of the things we are doing.