Framing Internet Safety: The Governance of Youth Online (The John D. and Catherine T. MacArthur Foundation Series on Digital Media and Learning)
Since the beginning of the Internet era, it has become almost impossible to discuss youth and technology without mentioning online danger — pornography that is just a click away, lurking sexual predators, and inescapable cyberbullies. In this book, Nathan Fisk takes an innovative approach to the subject, examining youth Internet safety as a technology of governance — for information technologies and, by extension, for the forms of sociality and society they make possible. He argues that it is through the mobilization of various discourses of online risk that the everyday lives of youth are increasingly monitored and policed and the governing potentials of information technologies are explored. Fisk relates particular panics over youth Internet safety to patterns of technological adoption by young people, focusing on the policy response at the federal level aimed at producing future cybercitizens. He describes pedagogies of surveillance, which position parents as agents of surveillance; the evolution of the youth Internet safety curricula, as seen through materials on cyberbullying and online reputation management; and, drawing on survey results and focus groups, parent and child everyday practice. Finally, Fisk offers recommendations for a “cybersafety of everyday life,” connecting youth Internet safety to trends in national infrastructure protection and corporate information assurance.
About the Author
Nathan W. Fisk is Assistant Professor of Cybersecurity Education Education at the University of South Florida and and faculty affiliate of the Florida Center for Cybersecurity. He is among the first cohort of Fulbright Cybersecurity Scholars.
Out of stock
Uses standards such as NIST 800-53, ISO 27001, and COBIT, and regulations such as HIPAA and PCI DSS as the foundation for the content
Reviews industry standards and presents representative procedures
Provides examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards
Covers terminology, methods, concepts, and document structures
Discusses the key elements that make up each kind of document
Information Security Policies, Procedures, and Standards: A Practitioner’s Reference gives you a blueprint on how to develop effective information security policies and procedures. It uses standards such as NIST 800-53, ISO 27001, and COBIT, and regulations such as HIPAA and PCI DSS as the foundation for the content. Highlighting key terminology, policy development concepts and methods, and suggested document structures, it includes examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards.
The author explains how and why procedures are developed and implemented rather than simply provide information and examples. This is an important distinction because no two organizations are exactly alike; therefore, no two sets of policies and procedures are going to be exactly alike. This approach provides the foundation and understanding you need to write effective policies, procedures, and standards clearly and concisely.
Developing policies and procedures may seem to be an overwhelming task. However, by relying on the material presented in this book, adopting the policy development techniques, and examining the examples, the task will not seem so daunting. You can use the discussion material to help sell the concepts, which may be the most difficult aspect of the process. Once you have completed a policy or two, you will have the courage to take on even more tasks. Additionally, the skills you acquire will assist you in other areas of your professional and private life, such as expressing an idea clearly and concisely or creating a project plan.
Memory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. As a follow-up to the best seller Malware Analyst’s Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics-now the most sought after skill in the digital forensics and incident response fields. Beginning with introductory concepts and moving toward the advanced, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory is based on a five day training course that the authors have presented to hundreds of students. It is the only book on the market that focuses exclusively on memory forensics and how to deploy such techniques properly. Discover memory forensics techniques: How volatile memory analysis improves digital investigations Proper investigative steps for detecting stealth malware and advanced threats How to use free, open source tools for conducting thorough memory forensics Ways to acquire memory from suspect systems in a forensically sound manner The next era of malware and security breaches are more sophisticated and targeted, and the volatile memory of a computer is often overlooked or destroyed as part of the incident response process. The Art of Memory Forensics explains the latest technological innovations in digital forensics to help bridge this gap. It covers the most popular and recently released versions of Windows, Linux, and Mac, including both the 32 and 64-bit editions. Bonus materials include more than 20 real-world exercises, sample memory and code files, and even a formal presentation, syllabus, and test bank.
About the Author
Michael Hale-Ligh is author of Malware Analysts Cookbook, Secretary/Treasurer of Volatility Foundation, and a world-class reverse engineer. Andrew Case is a Digital Forensics Researcher specializing in memory, disk, and network forensics. Jamie Levy is a Senior Researcher and Developer targeting memory, network. AAron Walters is founder and lead developer of the Volatility Project, President of the Volatility Foundation, and Chair of Open Memory Forensics Workshop.
The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk
Uncertainty and risk, meet planning and action.
Reinforce your organization’s security posture using the expert information contained in this tactical guide. The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk shows you how to build and manage successful response plans for the cyber incidents that have become inevitable for organizations of any size. Find out why these plans work. Learn the step-by-step process for developing and managing plans built to address the wide range of issues organizations face in times of crisis.
- Contains the essentials for developing both data breach and malware outbreak response plans—and best practices for maintaining those plans
- Features ready-to-implement CIRPs—derived from living incident response plans that have survived the rigors of repeated execution and numerous audits
- Clearly explains how to minimize the risk of post-event litigation, brand impact, fines and penalties—and how to protect shareholder value
- Supports corporate compliance with industry standards and requirements, including PCI, HIPAA, SOX, and CA SB-24
About the Author
N.K. McCarthy previously managed the Information Security Operations / Threat & Vulnerability Management for a Fortune 50 Corporation for several years. His international staff performed round-the-clock security event monitoring and response. His responsibilities included: security patch remediation, vulnerability scans, and remediation, penetration testing, system configuration monitoring and remediation, maintaining the various Computer Incident Response Plans (CIRP), and an active threat portfolio for key business functions, users, application platforms and persistent vulnerabilities.
With a career in over 20 plus years in IT, Mr. McCarthy has held a wide range of roles within IT including systems programming, IT consultant, technical management, and IT sales. He recently retired after 30 plus years as a Marine Corps reservist obtaining the rank of Lieutenant Colonel. His last reserve assignment of five years was with the U.S. Cyber Command. After 9/11, Lt. Col. McCarthy was mobolized and spent almost four years on active duty as an Information Warfare Officer working at the U.S. Strategic Command, the Pentagon, and the National Security Agency (NSA). Mr. McCarthy also has 17 years of experience as a volunteer reserve police officer. In this capacity he was able to attend U.S. DOJ (Law Enforcement Only) training in computer forensics and advanced Internet investigations. He was also certified by FEMA for its Incident Command System (ICS) and the National Incident Management System (NIMS). Mr. McCarthy is currently on the Board of Directors of the San Francisco Bay Area and Silicon Valley chapter of the FBI’s Infragard program.
Mr. McCarthy has a B.S. degree in Computer Science, an M.B.A. and a CISSP. He is also the CEO of an SDVOB S-corporation with established and developing business in California and Nevada.
Dr. Matthew Todd is the Chief Security Officer and Vice President of Risk and Technical Operations for Financial Engines (NASDAQ: FNGN), a financial advisor with more than $47 billion in assets under management. At Financial Engines, he is responsible for security, privacy, business continuity, audit, and risk management for the firm.
In addition to his work at Financial Engines, Dr. Todd is the president of the San Francisco Bay Area InfraGard chapter, representing more than 1000 volunteer InfraGard members. He has been a local mentor for the SANS Institute, is a CISM and CIPP, and holds the GSEC certification. He has more than 20 years of experience in the technology space and has been actively involved in information security for the last 15 years. He obtained his Ph.D. from Northwestern University and was a fellow of both the National Science Foundation (U.S.) and the Danish National Science Foundation.
Jeff Klaben is an Adjunct Professor with Santa Clara University’s College of Engineering, where he currently teaches Information Assurance and Computer Forensics. He is also a principal with Neohapsis, helping Fortune 500 organizations and leading security technology providers overcome global challenges in technology risk management, competitive strategy, product engineering, compliance, and trusted collaboration to achieve break-through innovation. Previously, Jeff served as Group Director of Technology Risk Management at SanDisk, Chief Information Security Officer for Life Technologies, Engineering Group Director with Cadence Design Systems, and Senior Manager of Enterprise Architecture, IT Security, and Compliance at Applied Materials. He also led product management, professional services delivery, and start-up incubation at Accenture.
Jeff is a frequent speaker at industry conferences, and for the past decade, has served on the board of directors of the San Francisco Bay Area InfraGard, a 501(c)(3) nonprofit and public/private partnership dedicated to information sharing for critical infrastructure protection. He assisted the White House as town hall moderator for the rollout of the National Strategy to Secure Cyberspace and was recognized by the U.S. Department of Justice with awards for Dedicated Service and Exceptional Service in the Public Interest. He also received the Belotti Award for Outstanding Business Policy in High Technology Firms from Santa Clara University’s Leavey School of Business. Jeff earned an M.B.A. from Santa Clara University, a B.S. in Information Systems from Wright State University, and the credentials of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA).
Specifically oriented to the needs of information systems students, Principles Of Information Security, 5e delivers the latest technology and developments from the field. Taking a managerial approach, this market-leading introductory book teaches all the aspects of information security – not just the technical control perspective. It provides a broad review of the entire field of information security, background on many related elements, and enough detail to facilitate understanding of the topic. It covers the terminology of the field, the history of the discipline, and an overview of how to manage an information security program. Current and relevant, the fifth edition includes the latest practices, fresh examples, updated material on technical security controls, emerging legislative issues, new coverage of digital forensics, and hands-on application of ethical issues in IS security. It is the ultimate resource for future business decision-makers.
About the Author
Herbert Mattord, Ph.D., CISM, CISSP completed 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the faculty at Kennesaw State University, where he is Assistant Chair of the Department of Information Systems and Associate Professor of Information Security and Assurance program. Dr. Mattord currently teaches graduate and undergraduate courses in Information Security & Assurance as well as Information Systems. He and Michael Whitman are the authors of Principles of Information Security, 5th Ed, Management of Information Security, 5th Ed, Readings and Cases in the Management of Information Security, Principles of Incident Response and Disaster Recovery, 2nd Ed, The Guide to Network Security, and The Hands-On Information Security Lab Manual, 4th Ed all from Cengage Learning. Dr. Mattord is an active researcher and author in Information Security Management and related topics. He has published articles in the Information Resources Management Journal, Journal of Information Security Education, the Journal of Executive Education, and the International Journal of Interdisciplinary Telecommunications and Networking. Dr. Mattord is a member of the Information Systems Security Association, ISACA, and the Association for Information Systems. During his career as an IT practitioner, Dr. Mattord was an adjunct professor at Kennesaw State University, Southern Polytechnic State University in Marietta, Georgia, Austin Community College in Austin, Texas, and Texas State University: San Marcos. He was formerly the Manager of Corporate Information Technology Security at Georgia-Pacific Corporation, where much of the practical knowledge found in this and other textbooks was acquired. Michael Whitman, Ph.D., CISM, CISSP is a Professor of Information Security at Kennesaw State University, Kennesaw, Georgia, where he is also the Executive Director of the KSU/Coles College of Business Center for Information Security Education. In 2004, 2007, 2012 and 2015, under his direction the Center for Information Security Education spearheaded KSU’s successful bid for the prestigious National Center of Academic Excellence recognitions (CAE/IAE and CAE IA/CD) awarded by the Department of Homeland Security and the National Security Agency. Dr. Whitman is also the Editor-in-Chief of the Information Security Education Journal, and Director of the Southeast Collegiate Cyber Defense Competition. Dr. Whitman is an active researcher and author in Information Security Policy, Threats, and Curriculum Development, as well as Ethical Computing. He currently teaches graduate and undergraduate courses in Information Security. Dr. Whitman has several information security textbooks currently in print – Principles of Information Security, 5th Ed., Management of Information Security, 5th Ed., Readings and Cases in the Management of Information Security, Volumes I and II, The Hands-On Information Security Lab Manual, 4th Ed., Principles of Incident Response and Disaster Recovery, 2nd Ed., The Guide to Network Security and The Guide to Firewalls and Network Security, 3rd Ed. all from Cengage Learning. He has published articles in Information Systems Research, the Communications of the ACM, the Journal of International Business Studies, Information and Management, and the Journal of Computer Information Systems. Dr. Whitman is a member of the Association for Computing Machinery, the Information Systems Security Association, ISACA and the Association for Information Systems. Prior to coming to academia, Dr. Whitman was an officer in the U.S. Army, where he had the responsibilities of ADPSSO (Automated Data Processing System Security Officer).