Professional Documents
Culture Documents
ebook download (eBook PDF) Management of Information Security 6th Edition all chapter
ebook download (eBook PDF) Management of Information Security 6th Edition all chapter
ebook download (eBook PDF) Management of Information Security 6th Edition all chapter
https://ebooksecure.com/download/management-of-information-
security-ebook-pdf/
http://ebooksecure.com/product/ebook-pdf-management-of-
information-security-5th-edition/
https://ebooksecure.com/download/principles-of-information-
security-ebook-pdf/
http://ebooksecure.com/product/original-pdf-principles-of-
information-security-6th-by-michael-e-whitman/
(eBook PDF) Principles of Information Security 5th
Edition
http://ebooksecure.com/product/ebook-pdf-principles-of-
information-security-5th-edition/
http://ebooksecure.com/product/elementary-information-
security-3rd-edition-ebook-pdf/
https://ebooksecure.com/download/principles-of-information-
security-ebook-pdf-2/
https://ebooksecure.com/download/computer-and-information-
security-handbook-ebook-pdf/
http://ebooksecure.com/product/ebook-pdf-information-security-
principles-and-practices-2nd-edition/
INFORMATION SECURITY
MANAGEMENT OF
INFORMATION SECURITY
Sixth Edition
Michael E. Whitman
Herbert J. Mofford
www.7yec.com
Table of Contents
CHAPTER3
Governance and Strategic Planning for Security ............. 123
The Role of Planning....................................................................................... 125
Precursors to Planning................................................................................... 127
Strategic Planning ........................................................................................... 129
Creating a Strategic Plan .................................................................................131
Planning Levels .............................................................................................. 132
Planning and the CISO ................................................................................... 133
Information Security Governance ................................................................ 135
The ITGI Approach to Information Security Governance ............................. 136
NCSP Industry Framework for Information Security Governance ............... 138
www.7yec.com
Table of Contents vii
CHAPTER4
Information Security Policy ................................................ 169
Why Policy? ...................................................................................................... 170
Policy, Standards, and Practices .................................................................... 175
Enterprise Information Security Policy ........................................................ 177
Integrating an Organization's Mission and Objectives into the EISP ........... 178
EISP Elements ................................................................................................ 178
Example EISP Elements ................................................................................ 180
Issue-Specific Security Policy ......................................................................... 183
Elements of the ISSP ...................................................................................... 185
Implementing the ISSP .................................................................................. 188
System-Specific Security Policy ..................................................................... 190
Managerial Guidance SysSPs ......................................................................... 191
Technical Specification SysSPs ...................................................................... 192
Guidelines for Effective Policy Development and Implement ation ......... 197
Developing Information Security Policy ....................................................... 197
Policy Distribution .........................................................................................198
Policy Reading ................................................................................................199
Policy Comprehension ...................................................................................199
Policy Compliance ........................................................................................ 200
Policy Enforcement ........................................................................................ 201
Policy Development and Implementation Using the SDLC .......................... 201
Software Support for Policy Administration ................................................ 206
Other Approaches to Information Security Policy Development ................ 207
SP 800-18, Rev. 1: Guide for Developing Security Plans
for Federal Information Systems .................................................................. 209
www.7yec.com
viii Table of Contents
CHAPTER 5
Developing the Security Program ...................................... 219
Organizing fo r Security .................................................................................. 220
Security in Large Organizations .................................................................... 225
Security in Medium-Sized Organizations ..................................................... 228
Security in Small Organizations .................................................................... 229
Placing Information Security Within an Organization ............................... 230
Components of the Security Program .......................................................... 241
Staffing the Security Function ...................................................................... 244
Informatio n Security Professional Credentials ............................................. 254
Entering the Information Security Profession .............................................. 265
Implementing Security Education, Train ing, and Awareness
(SETA) Programs .............................................................................................. 267
Security Education ........................................................................................ 269
Security Training ........................................................................................... 271
Security Awareness ....................................................................................... 278
Proj ect Management in Information Security ............................................ 286
Projects Versus Processes ............................................................................. 286
Organizatio nal Support for Project Management ........................................ 288
PMBOK Knowledge Areas ............................................................................. 289
Project Management Tools ............................................................................ 292
Additional Reading ......................................................................................... 296
Chapter Summary........................................................................................... 297
Review Questions ........................................................................................... 298
Exercises .......................................................................................................... 299
Closing Case ..................................................................................................... 299
Discussion Questions ................................................................................... 299
Ethical Decisio n Making ............................................................................... 300
Endnotes .......................................................................................................... 300
www.7yec.com
Table of Contents
CHAPTER 6
Risk Management: Assessing Risk ..................................... 303
Introduction to the Management of Risk
in Information Security .................................................................................. 304
Knowing Yourself and Knowing the Enemy ................................................ 305
The Information Security Risk Management Framework ........................... 305
Roles of Communities of Interest in Managing Risk ................................... 308
Executive Governance and Support ............................................................. 308
Framework Design ......................................................................................... 312
Framework Implementation ......................................................................... 315
Framework Monitoring and Review ............................................................. 315
Continuous Improvement ............................................................................. 316
The Risk Management Process ..................................................................... 316
RM Process Preparation-Establishing the Context ...................................... 317
Risk Assessment: Risk Identification ............................................................ 319
Risk Assessment: Risk Analysis .................................................................... 343
Risk Evaluation .............................................................................................. 355
Risk Treatment/Risk Control .........................................................................359
Process Communications, Monitoring. and Review .....................................359
Additional Reading ......................................................................................... 359
Chapter Summary........................................................................................... 360
Review Questions ........................................................................................... 361
Exercises .......................................................................................................... 361
Closing Case ..................................................................................................... 362
Discussion Questions .................................................................................... 362
Ethical Decision Making ................................................................................362
Endnotes .......................................................................................................... 363
CHAPTER 7
Risk Management: Treating Risk ....................................... 365
Introduction to Risk Treatment .................................................................... 366
Risk Treatment Strategies ............................................................................. 368
Managing Risk ................................................................................................. 374
Feasibility and Cost -benefit Analysis ............................................................ 379
Other Methods of Establishing Feasibility ....................................................387
Alternatives to Feasibility Analysis .............................................................. 389
Recommended Alternative Risk Treatment Practices ...................................392
Alternative Risk Management Methodologies............................................ 393
The OCTAVE Methods ....................................................................................393
Microsoft Risk Management Approach ........................................................ 394
www.7yec.com
Table of Contents
CHAPTERS
Security Management Models ............................................ 411
Introduction to Blueprints, Frameworks,
and Security Models ....................................................................................... 412
Secur ity Management Models ...................................................................... 414
The ISO 27000 Series ..................................................................................... 414
NIST Security Publications ........................................................................... 420
Control Objectives for Information and Related Technology ...................... 428
Committee of Sponsoring Organizations ..................................................... 430
Information Technology Infrastructure Library ............................................ 431
Information Security Governance Framework ............................................. 431
Secur ity Architecture Models ........................................................................ 434
TCSEC and the Trusted Computing Base ...................................................... 434
Information Technology System Evaluation Criteria ................................... 437
The Common Criteria .................................................................................... 437
Access Control Models ................................................................................... 438
Categories of Access Controls ....................................................................... 440
Other Forms of Access Control ..................................................................... 446
Academic Access Control Models ................................................................. 447
Bell-LaPadula Confidentiality Mode l ........................................................... 447
Biba Integrity Model ..................................................................................... 448
Clark-Wilson In tegrity Model ....................................................................... 449
Graham-Denning Access Control Model. ..................................................... 450
Harrison-Ruzzo-Ullman Mode l ................................................................... 450
Brewer-Nash Model (Chinese Wall) ............................................................. 450
www.7yec.com
Table of Contents
CHAPTER 9
Security Management Practices ........................................ 457
Introduction to Security Practices ................................................................ 458
Security Employment Practices .................................................................... 459
H1nng ............................................................................................................ 459
Contracts and Employment .......................................................................... 462
Security Expectations in the Performance Evaluation ................................ 462
Termination Issues ....................................................................................... 463
Personnel Security Practices ......................................................................... 464
Security of Personnel and Personal Data ..................................................... 466
Security Considerations for Tem porary Employees,
Consultants, and Other Workers .................................................................. 466
Information Security Performance Measurement ..................................... 468
InfoSec Performance Management .............................................................. 469
Building the Performance Measurement Program ....................................... 471
Specifying InfoSec Measurements ................................................................ 473
Collecting lnfoSec Measurements ................................................................. 473
Implementing InfoSec Performance Measurement ..................................... 478
Reporting InfoSec Performance Measurements .......................................... 479
Benchmarking ................................................................................................. 481
Standards of Due Care/Due Diligence .......................................................... 482
Recommended Security Practices ................................................................ 483
Selecting Recommended Practices ............................................................... 484
Limitations to Benchmarking and Recommended Practices ....................... 485
Baselining ..................................................................................................... 486
Support for Benchmarks and Baselines ....................................................... 487
ISO Certification ............................................................................................ 489
Add itional Reading ......................................................................................... 490
Chapter Summary........................................................................................... 491
Review Questions ........................................................................................... 492
www.7yec.com
xii Table of Contents
CHAPTER 10
Planning for Contingencies ................................................. 497
Introduction to Contingency Planning ......................................................... 498
Fundamentals of Contingency Planning ...................................................... 500
Components of Contingency Planning ........................................................ 504
Business Impact Analysis ............................................................................. 506
Contingency Planning Policies ...................................................................... 513
Incident Response .......................................................................................... 513
Getting Started ............................................................................................... 514
Incident Response Policy ............................................................................... 516
Incident Response Planning .......................................................................... 517
Detecting Incidents ........................................................................................ 522
Reacting to Incidents .................................................................................... 526
Recovering from Incidents ........................................................................... 530
Disaster Recovery ........................................................................................... 538
The Disaster Recovery Process ..................................................................... 540
Disaster Recovery Policy ................................................................................ 541
Disaster Classification.................................................................................... 542
Planning to Recover .......................................................................................545
Responding to the Disaster ........................................................................... 546
Simple Disaster Recovery Plan ..................................................................... 546
Business Continuity ........................................................................................ 549
Business Continuity Policy ........................................................................... 550
Continuity Strategies ..................................................................................... 552
Timing and Sequence of CP Elements .......................................................... 554
Crisis Management ......................................................................................... 556
Business Resumption ..................................................................................... 558
Testing Contingency Plans............................................................................. 558
Final Thoughts on CP.................................................................................... 560
Additional Reading ......................................................................................... 560
Chapter Summary........................................................................................... 561
Review Questions ........................................................................................... 562
www.7yec.com
Table of Contents xiii
CHAPTER 11
Security Maintenance ......................................................... 567
Introduction to Security Maintenance ......................................................... 568
Security Management Maintenance Models............................................... 569
NIST SP 800-100, Information Security Handbook:
A Guide for Managers ................................................................................... 569
The Security Maintenance Model ................................................................. 587
Add it ional Read ing ......................................................................................... 614
Chapter Summary........................................................................................... 614
Review Questions ........................................................................................... 615
Exercises .......................................................................................................... 616
Closing Case ..................................................................................................... 616
Discussion Questions .................................................................................... 617
Ethical Decision Making ................................................................................ 617
Endnotes .......................................................................................................... 617
CHAPTER 12
Protection Mechanisms ...................................................... 619
Introduction to Protection Mechanisms...................................................... 620
Access Controls and Biometrics .................................................................... 622
Managi ng Network Security .......................................................................... 630
Firewalls ......................................................................................................... 631
Intrusion Detection and Prevention Systems .............................................. 643
Wireless Networking Protection ................................................................... 647
Scanning and Analysis Tools ......................................................................... 651
Managing Server-Based Systems with Logging ............................................ 655
Managing Security for Emerging Technologies ........................................... 660
Cryptography................................................................................................... 662
Encryption Operations ................................................................................. 664
Using Cryptographic Controls ....................................................................... 671
Managing Cryptographic Controls ............................................................... 674
www.7yec.com
xiv Table of Contents
www.7yec.com
Preface
As global use of the Internet continues to expand, the demand
for and reliance on Internet-based information creates an
increasing expectation of access. Global commerce is reliant
on the Internet, which creates an increasing threat of attacks
on information assets and a need for greater numbers of
professionals capable of protecting those assets. With billions
of Internet users capable of accessing and attacking online
information from anywhere at any time, the threat of an attack
from individuals, criminals, and government entities grows daily.
To secure commerce and information assets from ever-
increasing threats, organizations demand both breadth and depth
of expertise from the next generation of information security
practitioners. These professionals are expected to have an optimal
mix of skills and experiences to secure diverse information
environments. Students of technology must learn to recognize
the threats and vulnerabilities present in existing systems.
They must also learn how to manage the use of information
assets securely and support the goals and objectives of their
organizations through effective information security governance,
risk management, and regulatory compliance.
www.7yec.com
xvi Preface
Approach
This book provides a managerial approach to information security and a thorough
treatment of the secure administration of information assets. It can be used to support
information security coursework for a variety of technology students, as well as for
technology curricula aimed at business students.
Certified Information Systems Security Professional, Certified Information
Security Manager, and NIST Comm on Bodies of Knowledge- As the authors are
Certified Information Systems Security Professionals {CISSP) and Certified Information
Security Managers {CISM), these knowledge domains have had an influence on the
design of this textbook. With the influence of the extensive library of information
available from the Special Publications collection at the National Institute of Standards
and Technology {NIST, at csrc.nist.gov), the authors have also tapped into additional
government and industry standards for information security management. Although
this textbook is by no means a certification study guide, much of the Common Bodies
of Knowledge for the dominant industry certifications, especially in the area of
management of information security; have been integrated into the text.
Overview
Chapter 1-lntroduction to the Management of Information Security
The opening chapter establishes the foundation for understanding the field of
information security by explaining the importance of information technology and
identifying who is responsible for protecting an organization's information assets.
Students learn the definition and key characteristics of information security, as well as
the differences between information security management and general management.
www.7yec.com
Preface xvii
www.7yec.com
xviii Preface
Features
Chapt er Scenarios- Each chapter opens with a short vignette that follows the same
fictional company as it encounters various information security issues. The final part
of each chapter is a conclusion to the scenario that also offers questions to stimulate
www.7yec.com
Pr eface xix
in-class discussion. These questions give the student and the instructor an opportunity
to explore the issues that underlie the content.
View Points- An essay from an information security practitioner or academic is
included in each chapter. These sections provide a range of commentary that illustrate
interesting topics or share personal opinions, giving the student a wider, applied view
on the topics in the text.
Offline Boxes- These highlight interesting topics and detailed technical issues,
allowing the student to delve more deeply into certain topics.
Hands- On Learning- At the end of each chapter, students will find a Chapter
Summary and Review Questions as well as Exercises and Closing Case exercises,
which give them the opportunity to examine the information security arena from an
experiential perspective. Using the Exercises, students can research, analyze, and write
to reinforce learning objectives and deepen their understanding of the text. The Closing
Case exercises require that students use professional judgment, powers of observation,
and elementary research to create solutions for simple information security scenarios.
Additional Reading- Each chapter includes suggestions for reading outside resources
that might augment or extend understanding of one or more aspects of the chapter.
www.7yec.com
Preface
MindTap
MindTap for Management of Information Security is an online learning solution
designed to help students master the skills they need in today's workforce. Research
shows employers need critical thinkers, troubleshooters, and creative problem-solvers
to stay relevant in our fast-paced, technology-driven world. MindTap helps users
achieve this with assignments and activities that provide hands-on practice, real-life
relevance, and mastery of difficult concepts. Students are guided through assignments
that progress from basic knowledge and understanding to more challenging problems.
All MindTap activities and assignments are tied to learning objectives. The hands-on
exercises provide real-life application and practice. Readings and "Whiteboard Shorts"
support the lecture, while "In the News" assignments encourage students to stay current.
Pre- and post-course assessments allow you to measure how much students have
learned, using analytics and reporting that makes it easy to see where the class stands in
terms of progress, engagement, and completion rates. Use the content and learning path
as-is, or pick and choose how the material will wrap around your own. You control what
the students see and when they see it. Learn more at www.cengage.com/ mindtap/.
Instructor Resources
Free to all instructors who adopt Management of Information Security, 6e, for their
courses is a complete package of instructor resources. These resources are available
from the Cengage Web site, www.cengagebrain.com. Go to the product page for this
book in the online catalog and choose "Instructor Downloads:•
Resources include:
• Instructor's Manual: This manual includes course objectives and additional
information to help your instruction.
• Cengage Learning Testing Powered by Cognero: A flexible, online system that allows
you to import, edit, and manipulate content from the text's test bank or elsewhere,
including your own favorite test questions; create multiple test versions in an
instant; and deliver tests from your LMS, your classroom, or wherever you want.
• PowerPoint Presentations: A set of Microsoft PowerPoint slides is included for
each chapter. These slides are meant to be used as a teaching aid for classroom
presentations, to be made available to students for chapter review, or to be printed
for classroom distribution. Instructors are also at liberty to add their own slides.
• Figure Files: Figure files allow instructors to create their own presentations using
figures taken from the text.
• Appendix: The appendix has been relocated from the bound textbook and
is available for instructor use. It describes methods for evaluating security,
including (1) NIST SP 800- 26, Security Self-Assessment Guide for Information
Technology Systems, (2) ISO 17799: 2005 Overview, (3) The OCTAVE Method of Risk
Management, and (4) the Microsoft Risk Management Approach .
• Lab Exercises: Each chapter includes hands-on exercises designed to reinforce
the theoretical concepts of the corresponding materials. Additional exercises and
labs are available in the MindTap enhanced edition of the textbook.
www.7yec.com
Preface xxi
• Readings and Cases: Cengage Leaming also produced two texts - Readings and
Cases in the Management of Information Security (!SBN-13: 9780619216276) and
Readings & Cases in Information Security: Law & Ethics (!SBN-13: 9781435441576)-
by the authors, which make excellent companion texts. Contact your Cengage
Learning sales representative for more information.
• Curriculum Model for Programs of Study in Information Security: In addition
to the texts authored by this team, a curriculum model for programs of study
in Information Security and Assurance is available from the Kennesaw State
University Center for Information Security Education (http://infosec.kennesaw
.edu). This document provides details on designing and implementing security
coursework and curricula in academic institutions, as well as guidance and
lessons learned from the auth ors' perspective.
Author Team
Michael Whitman and Herbert Mattord have jointly developed this textbook to merge
knowledge from the world of academic study with practical experience from the
business world.
Michael Whitman, Ph.D., CISM, CISSP is a Professor of Information Security in
the Information Systems Department, Coles College of Business at Kennesaw
State University, Kennesaw, Georgia, where he is also the Executive Director of
the Center for Information Security Education (infosec.kennesaw.edu). He and
Herbert Mattord are th e authors of Principles of Information Security; Principles of
Incident Response and Disaster Recovery; Readings and Cases in the Management of
Information Security; Readings & Cases in Information Security: Law & Ethics; Guide
to Firewall and VPNs; Guide to Network Security; Roadmap to the Management of
Information Security; and Hands- On Information Security Lab Manual, all from
Cengage Learning. Dr. Whitman is an active researcher in Information Security
policy and planning and in Ethical Computing. He currently teaches graduate and
undergraduate courses in Information Security. He has published articles in the top
journals in his field, including Information Systems Research, the Communications
of the ACM, Information and Management, the Journal of International Business
Studies, and th e Journal of Computer Information Systems. He is an active member
of th e Information Systems Security Association, the Association for Computing
Machinery, ISACA, (!SC)', and the Association for Information Systems. Through
his efforts and those of Dr. Mattord, his institution has been recognized by the
Department of Homeland Security and th e National Security Agency as a National
Center of Academic Excellence in Information Assurance Education four times,
most recently in 2015. Dr. Whitman is also th e Editor-in -Chief of th e Journal
of Cybersecurity Education, Research and Practice, and he continually solicits
relevant and well-written articles of interest to faculty teaching and researching
cybersecurity topics for publication. Prior to his employment at Kennesaw State, he
taught at th e University of Nevada, Las Vegas, and served over 13 years as an officer
and soldier in th e U.S. Army.
www.7yec.com
xxii Pre face
Herbert M atto rd, Ph .D., CISM, CISSP completed years of IT industry experience as
24
an application developer, database administrator, project manager, and information
security practitioner in 2002. He is currently an Associate Professor of Information
Security in the Coles College of Business at Kennesaw State University. He and Michael
Whitman are the authors of Principles of Information Security; Principles of Incident
Response and Disaster Recovery; Readings and Cases in the Management of Information
Security; Guide to Network Security; and Hands -On Information Security Lab Manual,
all from Cengage Learning. During his career as an IT practitioner, Mattord has been an
adjunct professor at Kennesaw State University; Southern Polytechnic State University
in Marietta, Georgia; Austin Community College in Austin, Texas; and Texas State
University, San Marcos. He currently teaches undergraduate courses in Information
Security. He is th e Assistant Chair of the Department of Information Systems and
is also an active member of the Information Systems Security Association and
Information Systems Audit and Control Association. He was formerly the Manager
of Corporate Information Technology Security at Georgia-Pacific Corporation, where
much of the practical knowledge found in this and his earlier textbooks was acquired.
Acknowledgments
The authors would like to thank their families for their support and understanding for
the many hours dedicated to this project- hours taken, in many cases, from family
activities.
Reviewers
We are indebted to the following individuals for their contributions of perceptive
feedback on the initial proposal, the project outline, and the chapter-by-chapter
reviews of the text:
• Paul D. Witman, Ph.D., Associate Professor, Information Technology
Management, California Lutheran University, School of Management, Thousand
Oaks, CA
• Michael Moorman, Ph .D., Professor of Computer Science, Department of
Computer Science and Information Systems, St. Leo University, St. Leo, FL
Special Thanks
The authors wish to thank the Editorial and Production teams at Cengage. Their
diligent and professional efforts greatly enhanced the final product:
Natalie Onderdonk, Learning Designer
Dan Seiter, Developmental Editor
Kristin McNary, Product Team Manager
Amy Savino, Product Manager
Brooke Greenhouse, Senior Content Manager
www.7yec.com
Preface xxiii
Our Commitment
The authors are committed to serving the needs of the adopters and readers. We
would be pleased and honored to receive feedback on the textbook and its supporting
materials. You can contact us at infosec@kennesaw.edu.
Foreword
By David Rowan, retired Senior Vice President and Director
Technology Risk and Compliance, SunTrust Banks, Inc.
If you are reading this, I want to thank you. Your perusal of this text means you are
interested in a career in Information Security or have actually embarked on one. I am
thanking you because we- and by we I mean all of us- need your help.
You and I live in a world completely enabled, supported by, and allowed by
technology. In almost all practical respects, the things you and I take for granted are
created by our technology. There is technology we see and directly interact with, and
technology we don't see or are only peripherally aware of. For example, the temperature
of my home is monitored and maintained based on a smart thermostat's perception
of my daily habits and preferences. I could check it via the app or wait for an alert via
text message, but I don't- I just assume all is well, confident that I will be informed if
something goes amiss. Besides, I am more interested in reading my personal news feed ....
www.7yec.com
Another random document with
no related content on Scribd:
accompanied Mr. Cavendish on his late expedition through
Somaliland to Lake Rudolph. He was a tall, sinewy, well-set-up man
with clean-cut, regular features, extremely intelligent, thoroughly
trustworthy, honourable, polite, and hospitable—a man whom it was
really a pleasure to meet. He was about thirty years of age.
Ismail Robli was a short stout man with a shifty eye, and decidedly
prognathous jaws, very plausible, and, when he had an object in
view, very hospitable; but he hid a craven spirit under a show of
bluster and bullying. Noor Adam was a little slim man, with narrow
eyes and ferret-like features. He was reported to have shot some of
his porters on his journey across West Kenia, for attempted
desertion. He somehow provoked an instinctive feeling of dislike,
and we never got on with him. His two partners, Bhotan and
Abdallah Arahalli, were much of the same kidney. All three were
Ogaden Somalis, a tribe who have not the best of reputations. There
were sundry other lesser lights who are not of sufficient importance
to deserve notice.
When they came into camp we received them with due ceremony,
and asking them to be seated, interchanged greetings in the
Mohammedan manner. For a moment the air resounded with such
remarks as “Sabal Kheir” (God bless you), “Salaam Aliekoum”
(Peace be on you), and “Aliekoum Salaam” (And on you peace),
mingled with the Swahili “Uhali ghani? Habari ghani?” (How are you?
What news?), till etiquette was satisfied. We then got to business,
and discussed the Embe affair in all its bearings. El Hakim cross-
questioned Noor Adam and some of his men very severely, but could
find no discrepancy in their various accounts. We discussed the
matter very fully, and finally, for the good and sufficient reasons I
have already enumerated, we determined to punish the Wa’Embe in
co-operation with the Somalis. We instructed them to provide thirty-
five men carrying Snider rifles, while we undertook to supply twenty-
five men similarly armed, which, with ourselves, made up a strong
force of sixty-three men, a number we considered amply sufficient
for the purpose in hand. We despatched a nephew of N’Dominuki’s
to Embe as a spy, to find out a good road and the position of the
villages, etc., and he started the same evening.
On the following day we held another “shaurie” with the Somalis to
discuss the modus operandi of our projected expedition.
N’Dominuki’s nephew had been instructed to return from Embe
within two days, and we decided to start on the afternoon of the next
day—by which time, bar accidents, he would have returned—and
march immediately on receiving his report. We intended to start just
before dusk, pass through M’thara in the darkness, and be over the
Embe border unperceived at midnight. A short rest and a dash on
the Wa’Embe at dawn would complete the operation. It was a good
plan, and would have answered admirably but for one of those little
accidents that make “the best-laid schemes o’ mice and men gang
aft agley.” As will be seen, it suited the enemy admirably.
Embe on this side (the west) consists of a range of steep
mountains, where it rains nearly all the year round. It has, therefore,
a very moist climate and fertile soil, and its steep slopes and deep
valleys are covered with dense jungle interspersed with banana
plantations, making it a very nasty country to fight in, especially
against natives who know every inch of the ground and every turn of
the paths. We did not tell N’Dominuki of our plans—a very grave
oversight that nearly cost us our lives and those of the whole
expedition.
On the following morning, as we really could not stand the wind
any longer, we shifted our camp to the inside of the forest, and while
we were about it we fortified it as well as we were able by felling
thorn trees, etc. We were much more sheltered in this new position,
though, to be sure, it was rather damp. This wind had a nasty cold
nip with it night and morning, which was the reverse of agreeable.
When we had our camp satisfactorily settled, we made our simple
preparations for the expedition to Embe. We took one tent with us in
case we were away more than a day or two. A loaf of bread and a
hind quarter of boiled mutton were also included; and, of course, a
plentiful supply of ammunition. The men had thirty rounds of Snider
cartridges each, which was all we could spare. The Somalis’ men
had fifty rounds each, and they, in addition, had a reserve chest of
six hundred rounds for emergencies.
At 5 p.m. we started. The natives in our immediate vicinity had,
with their usual unerring instinct in such matters, smelt a row, and
about fifty of them turned up armed with spears and shields. We did
not want them, but could not very well turn them away, and at the
last moment it occurred to us that they might prove useful as scouts,
and we therefore allowed them to remain. When our force had
assembled, it made quite an imposing array with the sixty men with
rifles and the fifty others with spears. Altogether, we commanded
upwards of a hundred men, and had no doubt but that we should
teach the Wa’Embe a severe lesson.
N’Dominuki’s nephew had not returned, and we concluded that he
had been discovered and killed, and were consequently rather
nonplussed for the lack of a guide. At the last moment a Masai
warrior came forward and volunteered to guide us. On the Somalis
saying that he was known to them, we accepted his services. Soon
after we started, N’Dominuki’s nephew unexpectedly returned and
joined us, and he and the Masai took the head of the column.
Darkness had fallen as we marched through M’thara, the road
continually ascending. The path at last grew extremely difficult, and
on several occasions El Hakim expressed doubt as to whether we
were going right. However, we were now committed to whatever the
Fates had in store for us; it was impossible to withdraw.
Onward we stumbled in the darkness, now up steep hillsides, and
anon down deep and gloomy valleys clothed in thick jungle where
the deep booming note of a mountain torrent growled hoarsely from
somewhere out of the pitchy blackness below. Soon the path
became so narrow that we could advance only in Indian file, which
weakened us considerably, as our fighting line was thereby stretched
out for some two hundred yards, being consequently out of our
immediate control, while the jungle, meeting overhead, blotted out
what little light the stars provided. It was impossible, on account of
the denseness of the vegetation, to place men out on our flanks, and
in addition we were counting on taking the Wa’Embe by surprise,
and so did not wish to make too much noise. At 10 p.m. we were
well within the Embe border, and we then looked for a place to rest
awhile and prepare for our rush at dawn. We could not find a suitable
spot, however, and eventually decided to halt on the path. A drizzling
rain came on, which did not improve matters. One of our men found
a place a little distance from and below the path, that did not slope at
such an acute angle as the rest of the landscape, and we as
noiselessly as possible pitched the tent. El Hakim, George, and I
partook of a frugal meal, but we were without water, and naturally we
felt ever so much thirstier than we would otherwise have done. We
placed sentries, Jamah Mahomet doing the same where he had
halted on the path. We three Wasungu then dropped off to sleep.
Somewhere about midnight we awoke with a start, reaching for
our rifles as the sound of a shot floated down to us from where
Jamah Mahomet’s sentries were posted. It was followed by a
second, and then a third. Then all was silent again, except for the
subdued hum of suddenly wakened men. On sending for
explanations, we found that some Wa’Embe, coming down the path,
had stumbled right on to the sentries, and were instantly fired upon.
All hope of a surprise was thus abolished, but on consultation we
decided that if we started an hour or so earlier, possibly 3 a.m., we
might take the enemy at a disadvantage. Accordingly, at that time we
once more set out.
It was dark as Erebus. As we noiselessly formed up on the path, a
sort of half sense of impending disaster seemed to have fallen on the
men. We did our best to dissipate it, and apparently succeeded. The
Masai guide and N’Dominuki’s nephew led the way; next came four
of the Somalis as advance-guard; then Jamah Mahomet, who was
wearing a waterproof coat over his khaki costume; finally George, El
Hakim, and myself. A few yards farther on we found a spear in the
path, probably dropped by one of the Wa’Embe in their flight, when
fired at by the sentries. If possible, the path grew worse as we
advanced, and presently we reached a deep ravine with a swift
torrent roaring and tumbling at the bottom. It was spanned by a
single tree-trunk, which served as a bridge. Beyond the ravine the
path sloped upwards with many twists and turns. On each side the
jungle prevented anything being seen more than a yard or two away.
We advanced slowly and cautiously in the order described, when a
shot rang out almost under our feet; another followed; and then a
volley from the advance-guard showed that something serious was
toward. A terrific howl and the long repeated U-u-u-i (the A’kikuyu
war-cry) showed us that we were very skilfully ambushed, and the
realization was not pleasant. The firing at once became general all
along the line. It was a very fierce fusillade while it lasted; the reports
of the rifles and the cheers of our men, mingled with the war-cries of
the enemy, sounding weird and ghastly in the dense blackness of the
early morning (it was then 4 a.m.).
For a few moments pandemonium reigned supreme. Neither El
Hakim nor I could see a single native. George, though only a yard or
so away, was hidden from us, both by the darkness and by a turn in
the path. El Hakim clutched my arm and dragged me into a sitting
position on the ground as the whirring, hissing rush and plaintive
whine of bullets in unpleasant proximity to our ears warned us that
we were in considerable danger of being shot by our own men.
Owing to the serpentine winding of the path, they were firing towards
every point of the compass, and we were therefore much safer on
the ground. In a few moments the war-cries of the enemy died away
as suddenly as they came, and the spiteful crackle of the rifles
lessened a little. As soon as we were able to make ourselves heard,
we gave the order “Cease fire,” and endeavoured to find out what
damage had been done. I called to George, and, to my great relief,
he answered me.
El Hakim and I then advanced, and turned the corner. We could
then dimly discern George amid the gloom. He came towards us
saying that Jamah Mahomet was wounded, and was lying on the
path a yard or so away. Hastening to the spot, we saw Jamah
stretched upon the ground, moaning pitifully. He had a great spear
driven right through him. A native had concealed himself in a pit dug
on the side of the path and lain in wait, letting both the guides and
the advance-guard go past him in the hope of bagging one of the
Wasungu. In the darkness he mistook Jamah Mahomet’s tall form,
clad in European clothes, for George, and as Jamah passed he
thrust upwards with all his strength. Jamah instantly fell. George,
who was only a yard behind, saw the thrust, and, raising his rifle, he
shot the native through the stomach, but did not drop him. This was
the shot which gave us the first alarm.
El Hakim made a hasty examination of the stricken man, and
pronounced the wound fatal. The broad spear-blade, over two feet in
length, had entered the right side just below the ribs, and, passing
through the body, emerged just under the left arm, protruding several
inches. Jamah was semi-conscious, and apparently in great pain.
Grouped round him, on the alert, were the four Somalis who formed
the advance-guard. As El Hakim concluded his examination, Ismail
Robli, Noor Adam, and others of the Somalis, came up. When they
learnt what had happened to Jamah, such a wail of grief and dismay
went up as I hope never to hear again. Ismail behaved like one
demented. He wept and cried upon “Allah” in the most frenzied
accents.
As we were crowded together in the path over the dying Jamah,
N’Dominuki’s nephew crept out of the bush, and, with shaking limbs
and horror-stricken countenance, approached El Hakim, attempting
to say something which his trembling lips refused to utter. The other
guide had disappeared. El Hakim seized him, and was trying to
understand what he was saying, when Ismail Robli caught sight of
the palsied wretch. His face changed instantly from an appearance
of pious supplication to one of demoniacal fury, and, crying “This
man is a false guide; he has caused Jamah’s death,” placed his rifle,
a ·577 express, against the other’s side, and, before I could raise a
hand to interfere, pulled both triggers, literally blowing the poor
wretch to pieces.
It was a hideous and revolting exhibition of savage ferocity. Ismail
did not even put the rifle to his shoulder—we were too crowded for
that—he simply pushed the barrels past me and fired from his hip.
The murdered man collapsed in a writhing, moaning heap on the
ground. Ismail turned away and reloaded his rifle.
It was no time for recrimination, as at the report of Ismail’s rifle, a
fresh burst of firing broke from our men in the rear, which we
instantly quelled. It was a dastardly act on Ismail’s part, even though
at the time he was almost frenzied with grief at Jamah’s injury, as we
had no reason to believe that the unfortunate guide had played us
false. As we found out afterwards, the real culprit was the Masai
volunteer, who, it appeared, was a native of Embe, who had been
sent for the purpose of betraying us. At the same time, N’Dominuki’s
nephew had neglected to warn us, or point out that we were going by
a bad road. A great deal remained to be explained, but his untimely
end put further explanation out of his power for ever.
However, there we were in the dark, stuck on a path eighteen
inches wide, with a wounded man and no guides. The question now
was how to get out without further loss. We called a council of war,
first posting the Somali advance-guide a few yards up the path. We
decided to wait till daylight, as we could not move while Jamah was
living, and he was too far gone to be carried. It was a ghastly wait.
After the firing and shouting, the silence could almost be felt; it
seemed absolutely deathlike. We strained our ears to the utmost at
the slightest rustle of a leaf, as, for all we knew, the bush might be
swarming with natives waiting their opportunity for a rush.
A curious sight we should have presented to a spectator. The
Somalis, led by Ismail, were grouped, praying, round the dying
Jamah, who was sinking fast and moaning softly at intervals. El
Hakim, revolver in hand, stood bolt upright, and intensely on the
alert, his face showing faintly white through the gloom. Beside him
stood George, drumming with his fingers on his rifle—a habit of his—
softly humming an air from “Cavalleria Rusticana.” Crouched down
on the path were the men, motionless as bronze statues, conversing
in low whispers now and then, while they strained their eyes in the
endeavour to pierce the surrounding bush. A yard or so away lay the
dead body of N’Dominuki’s nephew; his dirty cotton waist-cloth
smouldering where it had caught fire from the explosion of Ismail’s
rifle, nearly choking us with the smell of singed flesh and the pungent
odour of burning cloth. We tried several times to put out the cloth,
but we had no water, and it was in vain we attempted to smother it;
so it smouldered all night, and uncommonly unpleasant we found it.
We were parched with thirst, having had no water since the
previous afternoon. Once in a while the flash of a sentry’s rifle would
momentarily light up the surrounding jungle, and the sharp report
stabbed the silence. I laid down on the path and slept—fighting
sometimes affects me that way—and woke up at dawn, just as
Jamah died. We were exceedingly sorry, as he was one of the best
of his race we ever had to do with. At the first glimmer of daylight we
dug a grave on the side of the path, and he was buried with all the
ordinances proclaimed by Mohammedan law that were possible
under the circumstances. Prayers and lamentations in Arabic
resounded on all sides from the deceased’s assembled compatriots.
There being now no signs of the enemy, El Hakim, George, and I
were for continuing the advance and pulling the fat out of the fire
somehow, but Ismail and the other Somalis would not hear of it.
They said that the enemy were now fully prepared for us, and
instanced the numerous freshly dug pits that had been found on
each side of the path when digging Jamah’s grave. Another
argument they employed was that our respective camps were almost
entirely unprotected, and it was more than likely that the Wa’M’thara
or the Wa’Chanjai would attack and loot them in our absence, more
especially as they (the Somalis) had a large number of cattle, which
are particularly tempting to a native. In addition, we were now
entirely without guides, while the path ahead seemed worse than
ever.
We saw the force of this reasoning, and common prudence
directed that, for the present at any rate, we must abandon the
attack; which decision, though gall and wormwood to we
Englishmen, we were reluctantly compelled to admit was the wisest
possible under the circumstances. We made up our minds, however,
that we would return under more favourable auspices, and wipe out
the disgrace of our defeat, for defeat it was, and so with that
understanding we acquiesced in the retreat, and gave the necessary
orders to retire.
It was with very mixed feelings that we travelled back over the
difficult path we had trodden a few hours before with such
confidence. We found out afterwards that our sudden retreat
disconcerted the Wa’Embe, who were massed in force further along
the path at a place where they had dug a large number of pits, in
which they had kindly placed sharpened spikes for our reception.
At eight o’clock we were met on the road by an M’thara man
named Koromo, who handed us a jar of honey as a present. When
we got within a mile or two of our camp large numbers of fully armed
natives slunk past us, going towards Chanjai. They were coming
from the direction of our camp. Hurrying on with sinking hearts, we
soon arrived at the camp, and to our great relief found all safe,
though Jumbi was full of some report or other about armed natives
who had been round the camp during the night. We said he could tell
us about it afterwards, as at present we wished to eat. It was then
one o’clock in the afternoon, so we set to and made a hearty meal,
and afterwards retired to our blankets and slept the sleep of the just
until dinner-time.
FOOTNOTES:
[3] “Through Jungle and Desert,” by William Astor Chanler,
A.M. (Harv.), F.R.G.S., pp. 168-177.
[4] “Elephant Hunting in East Equatorial Africa,” by Arthur H.
Neumann, pp. 42, 43.
CHAPTER VI.
OUR MOVEMENTS IN M’THARA AND MUNITHU.
The same day the Somalis left M’thara for Chanjai, where they
desired to purchase food. They promised that on their return in four
days’ time they would accompany us on another expedition into
Embe—a result I should have attributed to my eloquence of the night
before had we not been perfectly aware of the unreliability of their
promises. El Hakim, however, decided to wait on the off-chance of
their returning, and resolved to fill in a day or two by a journey back
to Munithu to collect food, and also to try to get news as to how far
our Embe reverse had affected native feeling towards us in those
districts. He took eight men with rifles with him. I amused myself all
the morning trying to make toffee from native honey and butter. The
resulting compound, though palatable enough, could not be induced
to harden, so we were compelled to devour it with a spoon. George
gave in at midday to a nasty touch of fever. I administered a couple
of phenacetin tabloids, and sweated him well, which towards evening
reduced his temperature. Next morning he was decidedly better, and
together we made a tour of inspection round the camp. We saw a
peculiar striped rat in the boma, which we nicknamed the zebra rat. It
was mouse-coloured with black stripes, but as we had not a trap we
could not secure a specimen. At midday George was down again
with the fever, and I dosed him once more. At 12.30 two men came
back from El Hakim with a note for me. He asked for some fresh
bread and a bottle of milk, also for six more men with rifles. It
seemed that the Wa’G’nainu, the people of a district west of Munithu,
on hearing of our Embe reverse, had come down and looted some of
the trade goods which El Hakim had left in Bei-Munithu’s charge,
and that he intended to try to recover them. He also asked for my
company if I could leave camp. As George was so queer I did not
feel justified in leaving him, but on his assurance that he was quite
able to look after himself while I was away, I decided to go.
I took no baggage or blankets, and with six men and four donkeys,
which were required to bring back the balance of El Hakim’s goods
still remaining with Bei-Munithu, started at one o’clock, intending to
try to reach Munithu the same evening, though it had taken the safari
two days to reach M’thara from Munithu on the outward journey. At
sundown, after a toilsome and seemingly interminable march, my
party and I arrived at El Hakim’s camp outside Bei-Munithu’s village,
where El Hakim, pleased at our rapid journey, forthwith ministered to
my material wants in the way of towels, soap, and supper. After our
meal he summoned Bei-Munithu, and bade him recapitulate for my
benefit the story of the pillaged goods. Briefly it amounted to this: A
large party of the Wa’G’nainu had come on a friendly visit to Bei-
Munithu. During their sojourn with him a report came to hand that the
Wasungu had been driven out of Embe with great loss, and one of
them had been killed. The news caused some excitement, and, as
was only natural, the assembled natives discussed in what way the
Wasungu’s supposed misfortunes could be turned to profitable
account. It was already well known that Bei-Munithu had one of his
huts filled from floor to roof with the trade goods and equipment of
the chief Wasungu, and it did not require much persuasion to induce