Information Security: Contemporary Cases

Information Security: Contemporary Cases

by Marie A. Wright, John S. Kakalik
Released August 2010
Publisher(s): Jones & Bartlett Learning
ISBN: 9781449612931

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Information Security: Contemporary Cases addresses fundamental information security concepts in realistic scenarios. Through a series of substantive cases, different aspects of information security are addressed by real organizations. The organizations include Kraft Foods, Advo, IBM, SRA, Aetna, the FBI, and the Yale New Haven Center for Emergency Preparedness and Disaster Response. Case topics include data protection, integrating IT and physical security, contingency planning, disaster recovery, network security, hardware design, encryption, standards compliance, tracking intruders, and training and awareness programs. This casebook will enable students to develop the practical understanding needed for today's information security and information assurance profession.

Table of contents

  1. INFORMATION SECURITY: CONTEMPORARY CASES
    1. Copyright
    2. DEDICATION
    3. PREFACE
      1. Summary Description of Case Studies
      2. Case Structure
      3. Intended Audience
      4. Instructor’s Manual
      5. About the Authors
      6. Acknowledgments
    4. CASE 1: KRAFT FOODS INC.: PROTECTING EMPLOYEE DATA
      1. Kraft Foods Inc.
      2. History
      3. Structure
      4. Human Resources Technology and Information
      5. European Union Directive on the Protection of Personal Data
      6. Human Resources Systems and Processes
      7. Data Transfer Agreement
      8. Ensuring the Privacy of Personal Employee Data
      9. Final Comments
      10. Endnotes
      11. CASE STUDY QUESTIONS
      12. KEY TERMS
    5. CASE 2: ADVO, INC.: INTEGRATING IT AND PHYSICAL SECURITY
      1. Advo, Inc.—The Company
      2. Operations
      3. Security Controls Before the Terrorist and Bioterrorist-Related Attack
      4. Terrorist and Bioterrorist-Related Attacks
      5. Advo’s Response to the Anthrax Attacks
      6. Strengthening Security
      7. Integrated Security Management System
      8. System Security
      9. Security Audits
      10. Final Comments
      11. Appendix A: Key Areas and Specific Audit Points (1/3)
      12. Appendix A: Key Areas and Specific Audit Points (2/3)
      13. Appendix A: Key Areas and Specific Audit Points (3/3)
      14. Endnotes
      15. CASE STUDY QUESTIONS
      16. KEY TERMS
    6. CASE 3: YALE NEW HAVEN CENTER FOR EMERGENCY PREPAREDNESS AND DISASTER RESPONSE: CONTINGENCY PLANNING
      1. Yale New Haven Health System
      2. Yale New Haven Center for Emergency Preparedness and Disaster Response
      3. Disaster Planning
      4. Education and Training
      5. Clinical Strategies
      6. Logistical Solutions
      7. Final Comments
      8. Endnotes
      9. CASE STUDY QUESTIONS
      10. KEY TERMS
    7. CASE 4: IBM: THE EMBEDDED SECURITY SUBSYSTEM
      1. IBM—The Company
      2. Abbreviated Organizational Structure
      3. IBM Watson Research—Global Security Analysis Lab
      4. Embedded Security Subsystem Version 1.0
      5. Promoting Open Standards
      6. Embedded Security Subsystem Version 2.0
      7. Controlling the ESS 2.0 Chip
      8. Final Comments
      9. Appendix A
      10. Appendix B
      11. Appendix C
      12. Appendix D
      13. Endnotes
      14. CASE STUDY QUESTIONS
      15. KEY TERMS (1/2)
      16. KEY TERMS (2/2)
    8. CASE 5: SRA INTERNATIONAL, INC.: AUTOMATING COMPLIANCE WITH FEDERAL INFORMATION SECURITY REQUIREMENTS
      1. SRA International, Inc.—The Company (1/2)
      2. SRA International, Inc.—The Company (2/2)
      3. Federal Government Information Security Requirements
      4. Facilitating Information Security Compliance (1/5)
      5. Facilitating Information Security Compliance (2/5)
      6. Facilitating Information Security Compliance (3/5)
      7. Facilitating Information Security Compliance (4/5)
      8. Facilitating Information Security Compliance (5/5)
      9. Final Comments
      10. Acknowledgments
      11. Endnotes
      12. CASE STUDY QUESTIONS
      13. KEY TERMS
    9. CASE 6: FBI NEW HAVEN FIELD OFFICE—COMPUTER ANALYSIS AND RESPONSE TEAM: TRACKING A COMPUTER INTRUDER
      1. Federal Bureau of Investigation—Overview
      2. FBI Laboratory and CART
      3. FBI New Haven Field Office
      4. Computer Intrusion at BoatingCT.com
      5. FBI Analysis (1/2)
      6. FBI Analysis (2/2)
      7. Seizing the Evidence and Performing Forensic Analysis
      8. Arrest and Sentencing
      9. Appendix A
      10. Endnotes
      11. CASE STUDY QUESTIONS
      12. KEY TERMS
    10. CASE 7: AETNA: DEVELOPING AND IMPLEMENTING A SUCCESSFUL INFORMATION SECURITY AWARENESS PROGRAM
      1. Aetna—The Company
      2. History
      3. Information Security
      4. Information Security Program Organization
      5. Information Security Awareness Program
      6. InfoSec Exam—Overview
      7. InfoSec Exam—Design and Development
      8. Implementation
      9. Compliance
      10. Endnotes
      11. CASE STUDY QUESTIONS
      12. KEY TERMS
    11. INDEX (1/2)
    12. INDEX (2/2)

Product information

  • Title: Information Security: Contemporary Cases
  • Author(s): Marie A. Wright, John S. Kakalik
  • Release date: August 2010
  • Publisher(s): Jones & Bartlett Learning
  • ISBN: 9781449612931