Drawing upon a wealth of experience from academia, industry, and government service, Cyber Security Policy Guidebook details and dissects, in simple language, current organizational cyber security policy issues on a global scaletaking great care to educate readers on the history and current approaches to the security of cyberspace. It includes thorough descriptionsas well as the pros and consof a plethora of issues, and documents policy alternatives for the sake of clarity with respect to policy alone. The Guidebook also delves into organizational implementation issues, and equips readers with descriptions of the positive and negative impact of specific policy choices.Inside are detailed chapters that:Explain what is meant by cyber security and cyber security policyDiscuss the process by which cyber security policy goals are setEducate the reader on decision-making processes related to cyber securityDescribe a new framework and taxonomy for explaining cyber security policy issuesShow how the U.S. government is dealing with cyber security policy issuesWith a glossary that puts cyber security language in layman's termsand diagrams that help explain complex topicsCyber Security Policy Guidebook gives students, scholars, and technical decision-makers the necessary knowledge to make informed decisions on cyber security policy.
Cited By
- Althonayan A and Andronache A Shifting from Information Security towards a Cybersecurity Paradigm Proceedings of the 2018 10th International Conference on Information Management and Engineering, (68-79)
- LeClair J, Abraham S and Shih L An Interdisciplinary Approach to Educating an Effective Cyber Security Workforce Proceedings of the 2013 on InfoSecCD '13: Information Security Curriculum Development Conference, (71-78)
Index Terms
- Cyber Security Policy Guidebook
Recommendations
Government regulations in cyber security: Framework, standards and recommendations
AbstractCyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
Security policy compliance with violation management
FMSE '07: Proceedings of the 2007 ACM workshop on Formal methods in security engineeringA security policy of an information system is a set of security requirements that correspond to permissions, prohibitions and obligations to execute some actions when some contextual conditions are satisfied. Traditional approaches consider that the ...