Information Security and Critical Infrastructure Protection
Publications
-
Information Security: Policy, Processes, and Practices
Detmar W. Straub, Seymour Goodman, Richard L. Baskerville , M. E. Sharpe, Inc., April 2008.
-
Identify and Mitigate the Risks of Global IT Outsourcing
S. E. Goodman, Robert Ramer, Editorial Preface, The Journal of Global Information Technology Management (JGITM), Vol. 10, No. 4, October 2007.
-
Toward a Safer and More Secure Cyberspace
Seymour E. Goodman (Committee Chair), and Herbert S. Lin, Alfred Z. Spector, Peter G. Neuman; The National Academy Press - 26 June 2007.
Description: Today, there is an inadequate understanding of what makes IT systems vulnerable to attack, how best to reduce these vulnerabilities, and how to transfer cybersecurity knowledge to actual practice. For these reasons, and in response to both legislative and executive branch interest, the National Research Council established the Committee on Improving Cybersecurity Research in the United States. The committee was charged with developing a strategy for cybersecurity research in the 21st century.
Preface to Report: A large fraction of the American population now spends a great deal of time in cyberspace. We work and shop there. We are educated and entertained there. We socialize with family, friends, and strangers in cyberspace. We are paid and we pay others through this medium. Millions of commercial enterprises, and local, state, and federal government agencies do their business there. It has become a critical infrastructure in its own right, and it is embedded in all other critical infrastructures. We rely on cyberspace to help keep electricity flowing, public transportation running, and many other basic services working at levels that we have come to regard as essential elements of our society. These functions, expectations, and resulting dependencies are with us now, have been growing rapidly, and are expected to continue to grow well into the future.
-
Globalization and Offshoring of Software (2006)
Description: The Association for Computing Machinery's Job Migration Task Force undertook an in-depth study of software off-shoring: its extent and magnitude, perspectives of key countries and companies, globalization of research activities, risks and exposures involved, and counter-balancing steps underway or contemplated in key countries.
-
Protecting Critical Infrastructures Against Cyber-Attack (2003)
Description: Advances in information technologies and their adoption in all sectors of modern life are not problem-free. This study examines the negative impact of those technologies on the central infrastructure systems on which societies depend for the delivery of essential services such as communication, electric power, transportation, and on the information systems that enable governments to function and economic enterprise to flourish. The underlying technologies of networked computer hardware and software are susceptible to massive failure. But unlike physical networks that can be engineered to be robust against natural events, random failures and even local sabotage, information systems are particularly susceptible to malicious acts. Attacks can exploit the connections that are a major virtue and failures in one part can propagate widely. This global character of information system vulnerabilities constitutes severe challenges to both national governments and the private owners of such critical systems. This Adelphi Paper examines the national strategies designed to cope with the emerging societal vulnerabilities and offers appropriate roles for both public and private sectors.
-
Cyber Security: Turning National Solutions into International Cooperation (2003)
Description: This volume looks at the challenges of cyberspace in an interdependent world and at the need for new, cooperative modes of governance to build cyber security. Making networks and critical infrastructure secure requires competent domestic strategies. But it also requires a willingness among governments to take the lead in supporting one another through effective legal structures and agreements such as the Council of Europe Convention on Cybercrime. The authors explore informal and formal bilateral and multilateral approaches to transnational cooperation on cyber security and examine the elements needed for success.
-
Preventing and Responding to Cyber Crime and Terrorism: Some International Dimensions in High Impact Terrorism (2002)
Description: In June 2001 the National Academies and the Russian Academy of Sciences held a bilateral workshop in Moscow on terrorism in a high-technology society and modern methods to prevent and respond to it. The purpose of the workshop was to begin a dialogue on high-impact terrorism that could lead to further U.S.-Russian collaboration. This volume includes papers presented at the workshop by 31 Russian and American experts on various types of high-impact terrorism, including biological and agricultural terrorism, nuclear and electromagnetic terrorism, explosives, chemical, and technological terrorism, and cyber terrorism. The papers also address legal issues, Russian internal affairs, and the future of international cooperation in this area.
-
The Transnational Dimension of Cyber Crime and Terrorism
Judge Abraham Sofaer and Dr. Sy Goodman co-editors (2001)
Description: In December of 1999, more than forty members of government, industry, and academia assembled at the Hoover Institution to discuss attacks by criminals and terrorists on the worldwide information infrastructure, and to explore possible countermeasures. The Transnational Dimension of Cyber Crime and Terrorism summarizes the conference papers and exchanges, addressing pertinent issues in chapters that include a review of the legal initiatives undertaken around the world to combat cyber crime, an exploration of the threat to civil aviation, analysis of the constitutional, legal, economic, and ethical constraints on the use of technology to control cyber crime, a discussion of the ways we can achieve security objectives through international cooperation, and more.
