The real threat to information system security comes from people, not computers. That's why students need to understand both the technical implementation of security controls, as well as the softer human behavioral and managerial factors that contribute to the theft and sabotage proprietary data. Addressing both the technical and human side of IS security, Dhillon's Princliples of Information Systems Security: Texts and Cases equips managers (and those training to be managers) with an understanding of a broad range issues related to information system security management, and specific tools and techniques to support this managerial orientation. Coverage goes well beyond the technical aspects of information system security to address formal controls (the rules and procedures that need to be established for bringing about success of technical controls), as well as informal controls that deal with the normative structures that exist within organizations.

PART OF THE JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Revised and updated with the latest information from this fast-paced field, Fundamentals of Information System Security, Second Edition provides a comprehensive overview of the essential concepts readers must know as they pursue careers in information systems security. The text opens with a discussion of the new risks, threats, and vulnerabilities associated with the transformation to a digital world, including a look at how business, government, and individuals operate today. Part 2 is adapted from the Official (ISC)2 SSCP Certified Body of Knowledge and presents a high-level overview of each of the seven domains within the System Security Certified Practitioner certification. The book closes with a resource for readers who desire additional material on information security standards, education, professional certifications, and compliance laws. With its practical, conversational writing style and step-by-step examples, this text is a must-have resource for those entering the world of information systems security. New to the Second Edition: - New material on cloud computing, risk analysis, IP mobility, OMNIBus, and Agile Software Development. - Includes the most recent updates in Information Systems Security laws, certificates, standards, amendments, and the proposed Federal Information Security Amendments Act of 2013 and HITECH Act. - Provides new cases and examples pulled from real-world scenarios. - Updated data, tables, and sidebars provide the most current information in the field.

Discover the latest trends, developments and technology in information security with Whitman/Mattord's market-leading PRINCIPLES OF INFORMATION SECURITY, 7th Edition. Designed specifically to meet the needs of information systems students like you, this edition's balanced focus addresses all aspects of information security, rather than simply offering a technical control perspective. This overview explores important terms and examines what is needed to manage an effective information security program. A new module details incident response and detection strategies. In addition, current, relevant updates highlight the latest practices in security operations as well as legislative issues, information management toolsets, digital forensics and the most recent policies and guidelines that correspond to federal and international standards. MindTap digital resources offer interactive content to further strength your success as a business decision-maker.

Fully updated for today's technologies and best practices, Information Security: Principles and Practices, Second Edition thoroughly covers all 10 domains of today's Information Security Common Body of Knowledge. Written by two of the world's most experienced IT security practitioners, it brings together foundational knowledge that prepares readers for real-world environments, making it ideal for introductory courses in information security, and for anyone interested in entering the field. This edition addresses today's newest trends, from cloud and mobile security to BYOD and the latest compliance requirements. The authors present updated real-life case studies, review questions, and exercises throughout.

Your expert guide to information security As businesses and consumers become more dependent on complexmultinational information systems, the need to understand anddevise sound information security systems has never been greater.This title takes a practical approach to information security byfocusing on real-world examples. While not sidestepping the theory,the emphasis is on developing the skills and knowledge thatsecurity and information technology students and professionals needto face their challenges. The book is organized around four majorthemes: * Cryptography: classic cryptosystems, symmetric key cryptography,public key cryptography, hash functions, random numbers,information hiding, and cryptanalysis * Access control: authentication and authorization, password-basedsecurity, ACLs and capabilities, multilevel and multilateralsecurity, covert channels and inference control, BLP and Biba'smodels, firewalls, and intrusion detection systems * Protocols: simple authentication protocols, session keys, perfectforward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM * Software: flaws and malware, buffer overflows, viruses and worms,software reverse engineering, digital rights management, securesoftware development, and operating systems security Additional features include numerous figures and tables toillustrate and clarify complex topics, as well as problems-rangingfrom basic to challenging-to help readers apply their newlydeveloped skills. A solutions manual and a set of classroom-testedPowerPoint(r) slides will assist instructors in their coursedevelopment. Students and professors in information technology,computer science, and engineering, and professionals working in thefield will find this reference most useful to solve theirinformation security issues. An Instructor's Manual presenting detailed solutions to all theproblems in the book is available from the Wiley editorialdepartment. An Instructor Support FTP site is also available.

The real threat to information system security comes from people, not computers. That's why students need to understand both the technical implementation of security controls, as well as the softer human behavioral and managerial factors that contribute to the theft and sabotage proprietary data. Addressing both the technical and human side of IS security, Dhillon's Princliples of Information Systems Security: Texts and Cases equips managers (and those training to be managers) with an understanding of a broad range issues related to information system security management, and specific tools and techniques to support this managerial orientation. Coverage goes well beyond the technical aspects of information system security to address formal controls (the rules and procedures that need to be established for bringing about success of technical controls), as well as informal controls that deal with the normative structures that exist within organizations.

In todayOCOs technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources."