Organizations face many cybersecurity threats. Among those threats, social engineering attacks such as phishing stand out as a constant and costly struggle. The primary tools for combating social engineering are information security policy (ISP) and security awareness training (SAT), which seek to inform users of the threat of social engineering,…

The past decade has projected much of Africa as a haven for cybercrime perpetration. This view was widely evidenced in Cameroon, a country regarded as a miniature Africa due to its diverse socio-cultural, economic and political characteristics. In spite of efforts by government to curb cybercrime, the perpetration rate has not declined due to a…

The dissertation examines the historical development of surveillance, electronic surveillance, and cyber-surveillance from colonial times in the United States to the present. It presents the surveillance laws, technologies and policies as a balance between national security and privacy. To examine more recent developments, the dissertation…

It is hard to define a single set of ethics that will cover an entire computer users community. In this paper, the issue is addressed in reference to code of ethics implemented by various professionals, institutes and organizations. The paper presents a higher level model using hierarchical approach. The code developed using this approach could be…

Cloud computing is a growing field, addressing the market need for access to computing resources to meet organizational computing requirements. The purpose of this research is to evaluate the factors that influence an organization in their decision whether to adopt cloud computing as a part of their strategic information technology planning.…

This lecture by the Privacy Commissioner of Canada addresses issues related to information technology and privacy, including privacy law, government role, surveillance techniques, and security measures to protect the privacy of electronic communications. The text of the question and answer period following the lecture is included. (MES)

It is difficult to estimate the costs of not writing thorough IT policy. Misuse of IT resources, whether through ignorance or malice, costs money, as do court cases that can result from abuse. Furthermore, a poor university accreditation report caused in part by poor policy documents will likely have an adverse impact on student enrollment. There…

Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…

This paper provides a snapshot of the computer network security industry and addresses specific issues related to network security in public education. The following topics are covered: (1) security policy, including reasons for establishing a policy, risk assessment, areas to consider, audit tools; (2) workstations, including physical security,…