Cyberspace and Cybersecurity

Dr. George K. Kostopoulos is a faculty member at the University of Maryland University College, where he serves and teaches as a faculty mentor in the master’s degree programs in cybersecurity and information assurance. Dr. Kostopoulos has an extensive international academic career, having taught in seventeen universities around the world, including Boston University, Texas A&M International University, Florida Atlantic University, the University of Heidelberg (Germany), and the American University of Sharjah (UAE). He is the author of numerous scholarly papers and two other books, Digital Engineering and Greece and the European Economic Community. Dr. Kostopoulos received his master’s and PhD degrees in electrical and computer engineering from the Arizona State University, and a master’s in economics from California State Polytechnic University. He is the founder and editor-in-chief of the Journal of Cybersecurity and Information Assurance and a reviewer of numerous scientific conferences.

Vulnerabilities in Information Systems
Introduction
Measuring Vulnerability
Avoiding Vulnerabilities through Secure Coding
Mistakes Can Be Good
Threats Classification
Threat Modeling Process
Security Starts at Home
Security in Applications
International Awareness
Exercises





Vulnerabilities in the Organization
Introduction
Common Organizational Vulnerabilities
Access Authorization and Authentication
Human Factors
Security Services
External Technologies
Wireless Networks
Bluetooth
Passive Vulnerabilities
Active Vulnerabilities
Precautions
Wireless Fidelity
Wi-Fi Precautions at Home
Wi-Fi Precautions at the Hotspot
Wi-Fi Precautions at the Enterprise
Worldwide Interoperability Microwave Access
WiMAX Features
Cloud Computing
Exercises





Risks in Information Systems Infrastructure
Introduction
Risks in Hardware
Risks in Software
Risks in People
Risks in Laptops
Risks in Cyberspace
Risk Insurance in Cyberspace
Exercises





Secure Information Systems
Introduction
Assets Identification
Assets Communication
Assets Storage
Resource Access Control Facility
Securing the Email Communications
Email Server Side
Email Client Side
Information Security Management
Exercises





Cybersecurity and the CIO
Introduction
CIO: Personality
Trust and Ethics
Communication and Intelligence
Leadership and Entrepreneurship
Courage and Limitations
CIO: Education
University Degrees
Certifications
CIO: Experience
Experience
CIO: Responsibilities
Data Backup and Archiving
Culture of Security
Cyber Training
Contingency Plans
Liability
CIO: Information Security
Internal Information Security Components
Access Control—Electronic
Access Control—Physical
Cyber Policies
Cyber Awareness and Training
Training
Business Continuity
CIO: The Changing Role
Exercises





Building a Secure Organization
Introduction
Business Continuity Planning
Business Impact Analysis (BIA)
Business Recovery Strategy (BRS)
Drafting of the BCP
Testing of the BCP
Training in the BCP Implementation
BCP Performance Indicators
System Access Control
System Development and Maintenance
Physical and Environmental Security
Compliance
Personnel Security
Security Organization
Computer and Network Management
Asset Classification and Control
Security Policy
Exercises





Cyberspace Intrusions
Introduction
IDPS Configuration
Sensors
Processor
Consoles
Network
IDPS Capabilities
Information Acquisition
Information Loggings
Detection Techniques
Prevention Actions
IDPS Management
Implementation
Step One: Features
Step Two: Architecture
Step Three: Installation
Step Four: Testing
Step Five: Activation
Operation
Maintenance
IDPS Classification
Host-Based IDPS
Network-Based IDPS
Network Behavior Analysis System
Wireless IDPS
IDPS Comparison
Exercises





Cyberspace Defense
Introduction
File Protection Applications
File Backup
Disaster Recovery
History Deletion
Shredding and Wiping
File Undelete
File Encryption
Loggers
Anti-Loggers
PC Performance Applications
Registry Repair
Anti-Rootkits
Antivirus
Junk Files
Fragmentation
Protection Tools
Security Analyzer
Password Analyzer
Firewalls
Packet-Level Filtering
Circuit-Level Filtering
Application-Level Gateway
Email Protection
Exercises





Cyberspace and the Law
Introduction
International Laws
Europe
United Nations
North Atlantic Treaty Organization
INTERPOL
Impediments to Cyber Law Enforcement
Cyber-Related Laws in the United States
The Commercial Privacy Bill of Rights Act of 2011
The Cybersecurity Act of 2010
The Federal Information Security Management Act of 2002
The USA PATRIOT Act of 2001
The Communications Assistance for Law Enforcement Act of 1994
Computer Security Act of 1987
The Privacy Act of 1974
Cybercrime
Trends in Cyber Abuse
Combating Cybercrime
Exercises





Cyber Warfare and Homeland Security
Introduction
Cyber Warfare
Cyber Weapons Convention
Cyber Terrorism
Cyber Espionage
Homeland Security
National Cyber Security Division
Cybersecurity Preparedness
Challenges
Distributed Defense
Countermeasures
The Cyber Defense Ecosystem
Cybersecurity Training
Cyber Simulation and Exercises
Exercises





References


Index