This book is the first of its kind to introduce the integration of ethics, laws, risks, and policies in cyberspace. The book provides understanding of the ethical and legal aspects of cyberspace along with the risks involved. It also addresses current and proposed cyber policies, serving as a summary of the state of the art cyber laws in the United States. It also, importantly, incorporates various risk management and security strategies from a number of organizations.
Using easy-to-understand language and incorporating case studies, the authors begin with the consideration of ethics and law in cybersecurity and then go on to take into account risks and security policies. The section on risk covers identification, analysis, assessment, management, and remediation. The very important topic of cyber insurance is covered as well—its benefits, types, coverage, etc. The section on cybersecurity policy acquaints readers with the role of policies in cybersecurity and how they are being implemented by means of frameworks. The authors provide a policy overview followed by discussions of several popular cybersecurity frameworks, such as NIST, COBIT, PCI/DSS, ISO series, etc.
Table of Contents
Part 1: Cybersecurity: Ethics and Legal 1. Introduction to Cyberethics 2. Ethical Issues in Cybersecurity 3. Cybersecurity Ethics: Cyberspace and Other Applications 4. Introduction to Cyber laws 5. Cyber laws in the United States Part 2: Cybersecurity: Risks and Policies 6. Risks in Cybersecurity 7. Cyber Risks and Cyber Insurance 8. Introduction to Cybersecurity Policies
Ishaani Priyadarshini, PhD, has authored book chapters and journal articles for SCIE-indexed journals. As a certified reviewer, she conducts peer review of research papers for IEEE, Elsevier, and Springer journals and is a member of the editorial board of the International Journal of Information Security and Privacy. She is a PhD candidate (Department of Electrical and Computer Engineering) at the University of Delaware, USA. Her areas of research include cybersecurity (authentication systems, cybersecurity ethics, and policies) and artificial intelligence.
Chase Cotton, PhD, CISSP, is Professor of Practice and Director of the University of Delaware Center for Intelligent CyberSecurity, USA. He is a successful researcher, telecommunications carrier executive, product manager, consultant, and educator for the technologies used in Internet and data services in the carrier environment. Dr. Cotton’s varied background includes communications research at Bellcore’s Applied Research Area, creating new algorithms and methods in bridging multicast and many forms of packet-based applications, including voice and video, traffic monitoring, transport protocols, custom VLSI for communications (protocol engines and content addressable memories), and gigabit networking. Past work also included assisting carriers worldwide as they started their Internet businesses, including Internet Service Providers (ISPs), hosting and web services, and the first large-scale commercial deployment of Digital Subscriber Line (DSL) for consumer broadband services. In 2000, Dr. Cotton assumed research, planning, and engineering for Sprint’s global Tier 1 Internet provider, SprintLink. His research interests include cybersecurity and high-availability software systems with funding drawn from the NSF, ARL, CERDEC, JPMorgan Chase, and other industrial sponsors. Dr. Cotton currently consults on communications and Internet architectures for many carriers and equipment vendors worldwide.