Principles of Information Systems Security: Texts and Cases
March 2006, ©2007
Addressing both the technical and human side of IS security, Dhillon's Princliples of Information Systems Security: Texts and Cases equips managers (and those training to be managers) with an understanding of a broad range issues related to information system security management, and specific tools and techniques to support this managerial orientation. Coverage goes well beyond the technical aspects of information system security to address formal controls (the rules and procedures that need to be established for bringing about success of technical controls), as well as informal controls that deal with the normative structures that exist within organizations.
Chapter 1. Information System Security: Nature and Scope.
PART I: TECHNICAL ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 2. Security of Technical Systems in Organizations: an introduction.
Chapter 3. Models for Technical Specification of Information System Security.
Chapter 4. Cryptography and Technical Information System Security.
Chapter 5. Network Security.
PART II: FORMAL ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 6. Security of Formal Systems in Organizations: an introduction.
Chapter 7. Planning for Information System Security.
Chapter 8. Designing Information System Security.
Chapter 9. Information System Risk Management.
PART III: INFORMAL ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 10. Security of Informal Systems in Organizations: an introduction.
Chapter 11. Corporate Governance for IS Security.
Chapter 12. Culture and IS Security.
PART IV: REGULATORY ASPECTS OF INFORMATION SYSTEM SECURITY.
Chapter 13. Information System Security Standards.
Chapter 14. Legal Aspects of IS Security.
Chapter 15. Computer Forensics.
Chapter 16. Summary principles for Information System Security.
Case 1: Case of a Computer Hack.
Case 2: Botnet: Anatomy of a Case.
Case 3: Cases in Computer Crime.
Case 4: IS Security at Southam Council.
Case 5: Security Management at the Tower.
Case 6: Computer crime and the demise of Barings Bank.
Case 7: Technology Enabled Fraud and the Demise of Drexel Burnham Lambert.
Case 8: It won’t part you hair: the INSLAW Affair.
Case 9: Taylor City Police Department Security Breach.
Case 10: Developing a Security Policy at M & M Procurement, Inc.
- Presents a balanced view of IS security dealing with the management of technical issues and that related procedures and policies, rather than focusing exclusively on the technical aspects of security.
- Addresses the socio-technical nature of IS security giving students a greater appreciation of the real nature of the subject.
- Well-integrated, real-life cases give context to the theoretical material. Cases include Barings Bank and its demise, hacking, password control, and the case of the INSLAW software.