Department of Computer Information Systems,
College of Business Administration,
These pages are for use of students taking the above course at the
Note: Accessing some of these resources may only be completed from an on-campus computer or through a VPN connection from off-campus. An on-campus IP address may be required. For more information see "Connecting to the Network from Home (VPN - Virtual Private Network)" at http://www.gsu.edu/help/25697.html
· Ahmad, A., Maynard, S. B., & Shanks, G. (2015). A case analysis of information systems and security incident responses. International Journal of Information Management, 35(6), 717-723. http://www.sciencedirect.com.ezproxy.gsu.edu/science/article/pii/S026840121500078X
· Anderson, R. (2018). Making security sustainable. Communications of the ACM, 61(3), 24-26. https://dl-acm-org.ezproxy.gsu.edu/citation.cfm?doid=3190347.3180485
· Bartnes, M., Moe, N. B., & Heegaard, P. E. (2016). The future of information security incident management training: A case study of electrical power companies. Computers & Security, 61(Supplement C), 32-45. http://www.sciencedirect.com.ezproxy.gsu.edu/science/article/pii/S0167404816300530
· Baskerville, R., Spagnoletti, P., & Kim, J. (2014). Incident-centered information security: Managing a strategic balance between prevention and response. Information & Management, 51(1), 138. http://ezproxy.gsu.edu/login?url=http://search.proquest.com/docview/1476437258?accountid=11226
· Berghel, H. (2005). The two sides of ROI. Association for Computing Machinery. Communications of the ACM, 48(4), 15-20.http://cacm.acm.org/magazines/2005/4/6241-the-two-sides-of-roi/fulltext
·
Caralli, R. A.,
Stevens, J. F., Young, L. R., & Wilson, W. R. (2007). Introducing OCTAVE
Allegro: Improving the Information Security Risk Assessment Process. Carnegie
Mellon University Software Engineering Institute. http://resources.sei.cmu.edu/asset_files/TechnicalReport/2007_005_001_14885.pdf
·
Cook, A.,
Janicke, H., Smith, R., & Maglaras, L. (2017). The industrial control
system cyber defence triage process. Computers
& Security, 70(Supplement C), 467-481. http://www.sciencedirect.com.ezproxy.gsu.edu/science/article/pii/S0167404817301505
·
Genkin, D.,
Pachmanov, L., Pipman, I., Shamir, A., & Tromer, E. (2016). Physical key
extraction attacks on PCs. Communications of the ACM, 59(6), 70-79. https://dl-acm-org.ezproxy.gsu.edu/citation.cfm?doid=2942427.2851486
· Genkin, D., Papadopoulos, D., & Papamanthou, C. (2018). Privacy in decentralized cryptocurrencies. Communications of the ACM, 61(6), 78-88. https://dl-acm-org.ezproxy.gsu.edu/citation.cfm?doid=3229066.3132696
·
Khansa, L., &
Zobel, C. W. (2014). Assessing innovations in cloud security. Journal of Computer Information Systems, 54(3),
45-56. http://search.proquest.com/docview/1526662556?accountid=11226
·
Kugler, L.
(2015). Online Privacy: Regional Differences. Communications of the ACM, 58(2), 18-20. http://cacm.acm.org/magazines/2015/2/182638-online-privacy/fulltext
· Lynton, M., & Ignatius, A. (2015). "They Burned the House Down". Harvard Business Review, 93(7/8), 106-113. http://ezproxy.gsu.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=103330636&site=ehost-live&scope=site
·
NIST. (2012). Guide for Conducting Risk Assessments
(No. SP800-30). Gaithersburg, MD: U.S. Department of Commerce National Institute
of Standards and Technology http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
·
NIST. (2014). Framework for Improving Critical Infrastructure
Cybersecurity: National Institute of Standards and Technology http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf
· McLaughlin, M.-D. J., Cram, W. A., & Gogan, J. L. (2015). A high performance computing cluster under attack: the Titan incident. Journal of Information Technology Teaching Cases, 5(1), 1-7. https://search-proquest-com.ezproxy.gsu.edu/abicomplete/docview/1697924504/fulltext/D30352A3FEA84AA4PQ/1?accountid=11226
· Osborn, E., & Simpson, A. (2017). On small-scale IT users' system architectures and cyber security: A UK case study. Computers & Security, 70(Supplement C), 27-50. http://www.sciencedirect.com.ezproxy.gsu.edu/science/article/pii/S0167404817300925
· Pfleeger, S. L., & Cunningham, R. K. (2010). Why Measuring Security Is Hard. Security & Privacy, IEEE, 8(4), 46-54. http://ieeexplore.ieee.org.ezproxy.gsu.edu/xpl/articleDetails.jsp?arnumber=5432146
·
Preibusch, S.
(2015). Privacy Behaviors After Snowden. Communications
of the ACM, 58(5), 48-55. http://cacm.acm.org/magazines/2015/5/186025-privacy-behaviors-after-snowden/fulltext
· Rees, J., & Allen, J. (2008). The State of Risk Assessment Practices in Information Security: An Exploratory Investigation. Journal of Organizational Computing and Electronic Commerce, 18(4), 255-277.http://ezproxy.gsu.edu:2048/login?url=http://proquest.umi.com/pqdweb?did=1592492731&Fmt=7&clientId=19356&RQT=309&VName=PQD
·
Savage, N.
(2016). The Key to Privacy. Communications
of the ACM, 59(6), 12-14.http://cacm.acm.org/magazines/2016/6/202654-the-key-to-privacy/fulltext
·
Scofield, M.
(2016). Benefiting from the NIST Cybersecurity Framework. Information Management, 50(2), 25. http://search.proquest.com/docview/1779940925?pq-origsite=gscholar
· Trapero, R., Modic, J., Stopar, M., Taha, A., & Suri, N. (2017). A novel approach to manage cloud security SLA incidents. Future Generation Computer Systems, 72(Supplement C), 193-205. http://www.sciencedirect.com.ezproxy.gsu.edu/science/article/pii/S0167739X16301844
· Tsohou, A., Karyda, M., Kokolakis, S., & Kiountouzis, E. (2006). Formulating information systems risk management strategies through cultural theory. Information Management & Computer Security, 14(3), 198-217.http://proquest.umi.com/pqdweb?did=1127246131&Fmt=7&clientId=19356&RQT=309&VName=PQD
· Verizon Risk Group. (2017). 2017 Data Breach Investigations Report [Electronic Version], from http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/
· Wallace, L., Lin, H., & Cefaratti, M. (2011). Information Security and Sarbanes-Oxley Compliance: An Exploratory Study. Journal of Information Systems, 25(1), 185-211. http://proquest.umi.com/pqdweb?index=0&did=2298740021&SrchMode=5&Fmt=3&retrieveGroup=0&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=1312581035&clientId=19356
· Werlinger, R., Muldner, K., Hawkey, K., & Beznosov, K. (2010). Preparation, detection, and analysis: the diagnostic work of IT security incident response. Information Management & Computer Security, 18(1), 26-42. https://search-proquest-com.ezproxy.gsu.edu/docview/212365934/fulltext/4B62302DF91541A8PQ/1?accountid=11226
·
Winnefeld Jr, J.
A., Kirchhoff, C., & Upton, D. M. (2015). Cybersecurity's Human Factor:
Lessons from the Pentagon. Harvard
Business Review, 93(9), 86-95. http://ezproxy.gsu.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=108820482&site=ehost-live&scope=site