Principles of Information Systems Security: Texts and Cases
The real threat to information system security comes from people, not computers. That's why students need to understand both the technical implementation of security controls, as well as the softer human behavioral and managerial factors that contribute to the theft and sabotage proprietary data.
Addressing both the technical and human side of IS security, Dhillon's Princliples of Information Systems Security: Texts and Cases equips managers (and those training to be managers) with an understanding of a broad range issues related to information system security management, and specific tools and techniques to support this managerial orientation. Coverage goes well beyond the technical aspects of information system security to address formal controls (the rules and procedures that need to be established for bringing about success of technical controls), as well as informal controls that deal with the normative structures that exist within organizations.
Table of Contents
Chapter 1. Information System Security: Nature and Scope.
PART I: TECHNICAL ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 2. Security of Technical Systems in Organizations: an introduction.
Chapter 3. Models for Technical Specification of Information System Security.
Chapter 4. Cryptography and Technical Information System Security.
Chapter 5. Network Security.
PART II: FORMAL ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 6. Security of Formal Systems in Organizations: an introduction.
Chapter 7. Planning for Information System Security.
Chapter 8. Designing Information System Security.
Chapter 9. Information System Risk Management.
PART III: INFORMAL ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 10. Security of Informal Systems in Organizations: an introduction.
Chapter 11. Corporate Governance for IS Security.
Chapter 12. Culture and IS Security.
PART IV: REGULATORY ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 13. Information System Security Standards.
Chapter 14. Legal Aspects of IS Security.
Chapter 15. Computer Forensics.
Chapter 16. Summary principles for Information System Security.
Case 1: Case of a Computer Hack.
Case 2: Botnet: Anatomy of a Case.
Case 3: Cases in Computer Crime.
Case 4: IS Security at Southam Council.
Case 5: Security Management at the Tower.
Case 6: Computer crime and the demise of Barings Bank.
Case 7: Technology Enabled Fraud and the Demise of Drexel Burnham Lambert.
Case 8: It won’t part you hair: the INSLAW Affair.
Case 9: Taylor City Police Department Security Breach.
Case 10: Developing a Security Policy at M & M Procurement, Inc.