Organizations face many cybersecurity threats. Among those threats, social engineering attacks such as phishing stand out as a constant and costly struggle. The primary tools for combating social engineering are information security policy (ISP) and security awareness training (SAT), which seek to inform users of the threat of social engineering,…

The dissertation examines the historical development of surveillance, electronic surveillance, and cyber-surveillance from colonial times in the United States to the present. It presents the surveillance laws, technologies and policies as a balance between national security and privacy. To examine more recent developments, the dissertation…

Explains the concept of global information justice and describes it as an ethical ideal, as an organizing principle for a model for analysis, and as a direction for policy making. Discusses the use of new technologies; access to technology; ownership; privacy; security; community; and the Universal Declaration of Human Rights. (Author/LRW)

This lecture by the Privacy Commissioner of Canada addresses issues related to information technology and privacy, including privacy law, government role, surveillance techniques, and security measures to protect the privacy of electronic communications. The text of the question and answer period following the lecture is included. (MES)

Explores security challenges and practical approaches to safeguarding school networks against invasion. Highlights include security problems; computer viruses; privacy assaults; Internet invasions; building a security policy; authentication; passwords; encryption; firewalls; and acceptable use policies. (Author/LRW)

It is difficult to estimate the costs of not writing thorough IT policy. Misuse of IT resources, whether through ignorance or malice, costs money, as do court cases that can result from abuse. Furthermore, a poor university accreditation report caused in part by poor policy documents will likely have an adverse impact on student enrollment. There…

Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…