Most organizations place a high priority on keeping data secure, but not every organization invests in training its engineers or employees in understanding the security risks involved when using or developing technology. Designed for the non-security professional, What Every Engineer Should Know About Cyber Security and Digital Forensics is an overview of the field of cyber security.
Exploring the cyber security topics that every engineer should understand, the book discusses:
- Network security
- Personal data security
- Cloud computing
- Mobile computing
- Preparing for an incident
- Incident response
- Evidence handling
- Internet usage
- Law and compliance
- Security and forensic certifications
Application of the concepts is demonstrated through short case studies of real-world incidents chronologically delineating related events. The book also discusses certifications and reference manuals in the area of cyber security and digital forensics.
By mastering the principles in this volume, engineering professionals will not only better understand how to mitigate the risk of security incidents and keep their data secure, but also understand how to break into this expanding profession.
Table of Contents
Cyber Physical Systems
Cyber Security and Digital Forensics Careers
Network and Telecommunications Security
Operating System Security
Software Development Security
Business Continuity and Disaster Recovery
Legal, Regulations, Compliance, and Investigations
Information Security Governance and Risk Management
Preparing for an Incident
Establishing Appropriate Policies and Procedures
Establishing an Incident Response Team
Preparing a Response Toolkit
Incident Response and Digital Forensics
Incident Response for Cloud Computing
Mobile Phone Forensics
Laws for Acquiring Evidence
Theory to Practice
Case Study 1: It Is All Fun and Games until Something
Case Study 2: How Is This Working for You?
Case Study 3: The Weakest Link
Joanna DeFranco is an assistant professor of software engineering and a member of the graduate faculty at Penn State University. She has also held academic positions at New Jersey Institute of Technology and Cabrini College. Prior to her academic career, she spent many years as a software engineer for government and industry. Notable experiences during this period included traveling the world on naval scientific ships that collected ocean floor map data and worked on the development of cable head-end devices for Motorola. She has written many journal articles and contributed to conference proceedings on effective software and systems engineering problem solving, as well as digital forensics. She has also coauthored a project management book.
Dr. DeFranco is a certified computer forensics examiner (CCFE) and teaches computer and cyber forensics at Penn State. She also teaches courses on software engineering, project management, and problem solving, which have all had an influence on her perspective of cyber security and digital forensics. She is on the curriculum advisory board for computer forensics at Middle Bucks Institute of Technology and is a member of the American Society for Engineering Education (ASEE). She earned a BS in electrical engineering from Penn State, an MS in computer engineering from Villanova University, and a PhD in computer and information science from New Jersey Institute of Technology.
"Professor DeFranco has taken a very complex subject and distilled the knowledge into a very effective guide … [and] has chosen a series of topics that connect to the real world of cyber security, incident response, and investigation. I think the book will make a valuable resource tool for anyone looking to get involved in the field, as well as those with years of experience."
—Robert L. Maley, Founder, Strategic CISO