Computer Law Commons^™

Workshop | Body Worn Video Recorders: The Socio-Technical Implications Of Gathering Direct Evidence, Katina Michael, Alexander Hayes

Alexander Hayes Mr.

- From in-car video recording to body-worn video recording

- Exploring available technologies: how do they work, pros and cons

- Storing direct evidence in secure storage: factors to consider

- Citizens “shooting” back with POV tech – what are their rights?

- Crowdsourced sousveillance- harnessing public data for forensic profiling

- Police force policies and practices on the application of new media

Book Review: Handbook On Securing Cyber-Physical Critical Infrastructure: Foundations And Challenges (Written By Sajal K. Das, Krishna Kant, Nan Zhang), Katina Michael

Professor Katina Michael

This 800+ page handbook is divided into eight parts and contains thirty chapters, ideal for either an advanced undergraduate or graduate course in security. At the heart of this handbook is how we might go about managing both physical and cyber infrastructures, as they continue to become embedded and enmeshed, through advanced control systems, and new computing and communications paradigms.

Book Review: The Basics Of Information Security: Understanding The Fundamentals Of Infosec In Theory And Practice, Katina Michael

Professor Katina Michael

Dr Jason Andress (ISSAP, CISSP, GPEN, CEH) has written a timely book on Information Security. Andress who is a seasoned security professional with experience in both the academic and business worlds, categorically demonstrates through his book that underlying the operation of any successful business today is how to protect your most valuable asset- “information”. Andress completed his doctorate in computer science in the area of data protection, and presently works for a major software company, providing global information security oversight and performing penetration testing and risks assessment.

Book Review: Security Risk Management: Building An Information Security Risk Management Program From The Ground Up, Katina Michael

Associate Professor Katina Michael

In an age of outsourcing tasks that are not considered to be a core competency of the business, organisations have often relied on external consultants for matters pertaining to security. In actual fact, most companies could have utilized existing skill-sets in-house to produce a security risk management program, if only they knew what steps to take, and how to go about it all. Evan Wheeler in his book on information security risk management does just that- he equips professionals tasked with security, with the thinking required to create a program that is more preoccupied with the complex strategic-level questions than …

Trust Account Fraud And Effective Information Security Management, Sameera Mubarak

Journal of Digital Forensics, Security and Law

The integrity of lawyers’ trust accounts has come under scrutiny in the last few years. There are strong possibilities of information technology security breaches happening within the firms, either accidental or deliberate. The damage caused by these security breaches could be extreme. For example, a trust account fund in an Australian law firm was misused in a security breach in which Telstra charged A$50,000 for phone usage, mainly for ISD calls to Hong Kong. Our study involved interviewing principals of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. …

The Design And Implementation Of An Automated Security Compliance Toolkit: A Pedagogical Exercise, Guillermo Francia, Brian Estes, Rahjima Francia, Vu Nguyen, Alex Scroggins

Journal of Digital Forensics, Security and Law

The demand, through government regulations, for the preservation of the security, integrity, and privacy of corporate and customer information is increasing at an unprecedented pace. Government and private entities struggle to comply with these regulations through various means—both automated and manual controls. This paper presents an automated security compliance toolkit that is designed and developed using mostly open source tools to demonstrate that 1) meeting regulatory compliance does not need to be a very expensive proposition and 2) an undertaking of this magnitude could be served as a pedagogical exercise for students in the areas of collaboration, project management, software …