Physical Sciences and Mathematics Commons^™

Cybersecurity Continuity Risks: Lessons Learned From The Covid-19 Pandemic, Tyler Fezzey, John H. Batchelor, Gerald F. Burch, Randall Reid

Journal of Cybersecurity Education, Research and Practice

The scope and breadth of the COVID-19 pandemic were unprecedented. This is especially true for business continuity and the related area of cybersecurity. Historically, business continuity and cybersecurity are viewed and researched as separate fields. This paper synthesizes the two disciplines as one, thus pointing out the need to address both topics simultaneously. This study identifies blind spots experienced by businesses as they navigated through the difficult time of the pandemic by using data collected during the height of the COVID-19 pandemic. One major shortcoming was that most continuity and cybersecurity plans focused on single-axis threats. The COVID-19 pandemic resulted …

Principles Of Information Security, Alison Hedrick

KSU Distinguished Course Repository

An introduction to the various technical and administrative aspects of Information Security and Assurance. This course provides the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features.

A Toolkit Approach To Information Security Awareness And Education, Peter Korovessis, Steven Furnell, Maria Papadaki, Paul Haskell-Dowland

Journal of Cybersecurity Education, Research and Practice

In today’s business environment where all operations are enabled by technology, information security has become an established discipline as more and more businesses realize its value. The human component has been recognized to have an important role in information security since the only way to reduce security risks is through making employees more information security aware. Towards this goal the research will appreciate the importance of information security awareness by illustrating the need for more effective user training. Further to that it proposes and develops an information security toolkit as a prototype awareness raising initiative. Apart from the elements of …

Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord

Journal of Cybersecurity Education, Research and Practice

Threats to information assets have always been a concern to those responsible for making information useful and defending its value. The concepts of threat, threat agent, threat events and threat sources have evolved in recent years have very precise definitions. A summary of threat classification models used in academic research is provided along with a summary of recent industry threat assessment reports. Finally, the results from a recent study, 2015 SEC/CISE Threats to Information Protection Report Including a Current Snapshot of the State of the Industry, are given.

A Framework To Manage Sensitive Information During Its Migration Between Software Platforms, Olusegun Ademolu Ajigini, John Andrew Van Der Poll, Jan H. Kroeze Phd

The African Journal of Information Systems

Software migrations are mostly performed by organisations using migration teams. Such migration teams need to be aware of how sensitive information ought to be handled and protected during the implementation of the migration projects. There is a need to ensure that sensitive information is identified, classified and protected during the migration process.

This paper suggests how sensitive information in organisations can be handled and protected during migrations, by using the migration from proprietary software to open source software to develop a management framework that can be used to manage such a migration process. The research employed a sequential explanatory mixed …

A Call To Is Educators To Respond To The Voices Of Women In Information Security, Amy B. Woszczynski, Sherri Shade

Faculty and Research Publications

Much prior research has examined the dearth of women in the IT industry. The purpose of this study is to examine the perceptions of women in IT within the context of information security and assurance. This paper describes results from a study of a relatively new career path to see if there are female-friendly opportunities that have not existed in previous IT career paths. Research methodology focuses on a qualitative analysis of in-depth interviews with women who are self-described information security professionals. A primary goal of the study is to understand the perceptions of women in information security and determine …

Enemy At The Gate: Threats To Information Security, Michael E. Whitman

Faculty and Research Publications

A firm can build more effective security strategies by identifying and ranking the severity of potential threats to its IS efforts.