Security & Disaster Management

Cybersecurity
Ethics, Legal, Risks, and Policies

Ishaani Priyadarshini
Chase Cotton, PhD, CISSP

Cybersecurity

Published. Available now.
Pub Date: March 2022
Hardback Price: see ordering info
Hard ISBN: 9781774630228
E-Book ISBN: 9781003187127
Pages: 434 w/index
Binding Type: Hardback / ebook
Notes: 70 b/w illustrations

This book is the first of its kind to introduce the integration of ethics, laws, risks, and policies in cyberspace. The book will advance understanding of the ethical and legal aspects of cyberspace followed by the risks involved along with current and proposed cyber policies. This book serves as a summary of the state of the art of cyber laws in the United States and considers more than 50 cyber laws. It also, importantly, incorporates various risk management and security strategies from a number of organizations.

Using easy-to-understand language and incorporating case studies, the authors begin with the consideration of ethics and law in cybersecurity and then go on to take into account risks and security policies. The section on risk covers risk identification, risk analysis, risk assessment, risk management, and risk remediation. The very important and exquisite topic of cyber insurance is covered as well—its benefits, types, coverage, etc. The section on cybersecurity policy acquaints readers with the role of policies in cybersecurity and how they are being implemented by means of frameworks. The authors provide a policy overview followed by discussions of several popular cybersecurity frameworks, such as NIST, COBIT, PCI/DSS, ISO series, etc.

Each chapter is followed by an overall summary and review that highlights the key points as well as questions for readers to evaluate their understanding based on the chapter content.

Cybersecurity: Ethics, Legal, Risks, and Policies is a valuable resource for a large audience that includes instructors, students, professionals in specific fields as well anyone and everyone who is an essential constituent of cyberspace. With increasing cybercriminal activities, it is more important than ever to know the laws and how to secure data and devices.

CONTENTS:
Preface

PART 1: CYBERSECURITY ETHICS AND LEGAL ISSUES
1. Introduction to Cyber Ethics
Ethics in Cyberspace and Cybersecurity
Ethics, Law, and Policy
Privacy and Security
The Need for Cyber Ethics
Principles of Cyber Ethics
Sources of Ethics: What Makes Something Ethical or Unethical in Cyberspace
Ethics in Cybersecurity
Important Ethical Issues in Cybersecurity
Some Ethical Issues Affecting Cybersecurity
The Curious Case of Black Hats, White Hats, and Grey Hats
Ethical Challenges Faced by Cybersecurity Professionals

2. Ethical Issues in Cybersecurity
Ethical Issues in Cybersecurity: Overview
Types of Ethical Issues in Cybersecurity
Specific Ethical Issues in Cybersecurity
Fair Use Doctrine
The Origin of Cybersecurity Ethics

3. Cybersecurity Ethics: Cyberspace and Other Applications
Cybersecurity Ethics: A Detailed Study
Cybersecurity Ethics in Applications

4. Introduction to Cyber Laws
Cyber Laws
The Need for Cyber Laws
Cyber Ethics and Cyber Law
Importance of Cyber Regulations Based on Cyberethics
Cybercrime Categories from the Legal Perspective
Cyber Law and Intellectual Property
Challenges in Cyber Law

5. Cyber Laws in the United States
Types of Cybercrime Laws
Cyber Laws in the United States
Some Important Cyber Laws: History and Their Case Studies

PART 2: CYBERSECURITY RISKS AND POLICIES
6. Risks in Cybersecurity
Introduction to Cyber Risks
Cyber Attacks and Their Business Significance
Key Cyber Risks and Threats
Who Should Own Cybersecurity Risk
Cybersecurity Risk Identification and Management
Risk Identification Using SWOT Analysis
Risk Analysis
Risk Assessment
Risk Assessment Frameworks
Risk Management
Risk Management Framework
Risk Remediation

7. Cyber Risks and Cyber Insurance
Cyber Insurance and the Need for It
Cyber Risk Insurance as Part of Risk Mitigation
Advantages of Cyber Insurance
Disadvantages of Cyber Insurance
Types of Cyber Insurances
Cyber Insurance Coverage and Its Aspects
Data Protected by Cyber Insurance
Losses That are Not Covered Under Cyber Insurance
Process of Buying Cyber Insurance
Tradeoffs of Self-Insuring with Respect to Buying Cyber Liability Insurance
Implications of Cyber Insurance on Computing Systems and Processes
Institutions’ Knowledge Regarding the Insurance Claim Process
Cyber Liability Insurance
Cyber Liability Coverage

8. Introduction to Cybersecurity Policies
Cybersecurity Policies
Cybersecurity Policy Makers
Updating and Auditing Cybersecurity Procedures
Cybersecurity Policy Audience
Cybersecurity Policy Classification
Cybersecurity Policy Audit
Cybersecurity Policy Enforcement
Cybersecurity Policy Awareness
Writing and Developing Effective Cybersecurity Policies
Types of Cybersecurity Policies
Cybersecurity Frameworks
Some Cybersecurity Frameworks

Index


About the Authors / Editors:
Ishaani Priyadarshini
Department of Electrical and Computer Engineering, University of Delaware, USA

Ishaani Priyadarshini has authored several book chapters for reputed publishers and is also an author of several publications for SCIE-indexed journals. As a certified reviewer, she conducts peer review of research papers for IEEE, Elsevier, and Springer journals and is a member of the editorial board of the International Journal of Information Security and Privacy (IJISP). She is a PhD candidate (Department of Electrical and Computer Engineering) at the University of Delaware, USA, from where she also obtained her master‘s degree in cybersecurity. Prior to that, she completed her bachelor‘s degree in computer science engineering and a master‘s degree in information security from Kalinga Institute of Industrial Technology, India. Her areas of research include cybersecurity (authentication systems, cybersecurity ethics, and policies) and artificial intelligence.

Chase Cotton, PhD, CISSP
Professor of Practice, and Director, University of Delaware Center for Intelligent CyberSecurity, USA

Chase Cotton, PhD, CISSP, is a successful researcher, carrier executive, product manager, consultant, and educator for the technologies used in Internet and data services in the carrier environment for over 30 years. Since 2008, Dr. Cotton has been at the University of Delaware in the Department of Electrical and Computer Engineering, initially as a visiting scholar, and later as a Senior Scientist, Professor of Practice, and Director of Delaware’s Center for Information and Communications Sciences (CICS). Beginning in the mid-80s, Dr. Cotton’s communications research in Bellcore’s Applied Research Area involved creating new algorithms and methods in bridging multicast and many forms of packet-based applications, including voice and video, traffic monitoring, transport protocols, custom VLSI for communications (protocol engines and content addressable memories) , and gigabit networking. In the mid-90s, as the commercial Internet began to blossom, he transitioned to assist carriers worldwide as they started their Internet businesses, including Internet Service Providers (ISPs) , hosting and web services, and the first large-scale commercial deployment of Digital Subscriber Line (DSL) for consumer broadband services. In 2000, Dr. Cotton assumed research, planning, and engineering for Sprint’s global Tier 1 Internet provider, SprintLink, expanding and evolving the network significantly during his eight-year tenure. At Sprint his activities include leading a team that enabled infrastructure for the first large-scale collection and analysis of Tier 1 backbone traffic, and he twice set the Internet 2 Land Speed World Record on a commercial production network. His research interests include cybersecurity and high-availability software systems with funding drawn from the NSF, ARL, CERDEC, JPMorgan Chase, and other industrial sponsors. Dr. Cotton currently consults on communications and Internet architectures for many carriers and equipment vendors worldwide.




Follow us for the latest from Apple Academic Press:
Copyright © 2024 Apple Academic Press Inc. All Rights Reserved.