What Every Engineer Should Know About Cyber Security and Digital Forensics

Joanna DeFranco is an assistant professor of software engineering and a member of the graduate faculty at Penn State University. She has also held academic positions at New Jersey Institute of Technology and Cabrini College. Prior to her academic career, she spent many years as a software engineer for government and industry. Notable experiences during this period included traveling the world on naval scientific ships that collected ocean floor map data and worked on the development of cable head-end devices for Motorola. She has written many journal articles and contributed to conference proceedings on effective software and systems engineering problem solving, as well as digital forensics. She has also coauthored a project management book. Dr. DeFranco is a certified computer forensics examiner (CCFE) and teaches computer and cyber forensics at Penn State. She also teaches courses on software engineering, project management, and problem solving, which have all had an influence on her perspective of cyber security and digital forensics. She is on the curriculum advisory board for computer forensics at Middle Bucks Institute of Technology and is a member of the American Society for Engineering Education (ASEE). She earned a BS in electrical engineering from Penn State, an MS in computer engineering from Villanova University, and a PhD in computer and information science from New Jersey Institute of Technology.

Security Threats. Social Engineering. Travel. Mobile Devices. Internet. The Cloud. Cyber Physical Systems. Theft. Cyber Security and Digital Forensics Careers. Career Opportunities. Certifications. Cyber Security. Information Security. Security Architecture. Access Controls. Cryptography. Network and Telecommunications Security. Operating System Security. Software Development Security. Database Security. Business Continuity and Disaster Recovery. Physical Security. Legal, Regulations, Compliance, and Investigations. Operations Security. Information Security Governance and Risk Management. Preparing for an Incident. Risk Identification. Host Preparation. Network Preparation. Establishing Appropriate Policies and Procedures. Establishing an Incident Response Team. Preparing a Response Toolkit. Training. Incident Response and Digital Forensics. Incident Response. Incident Response for Cloud Computing. Digital Forensics. Mobile Phone Forensics. The Law. Compliance. Laws for Acquiring Evidence. Evidence Rules. E-discovery. Case Law. Theory to Practice. Case Study 1: It Is All Fun and Games until Something. Gets Deleted. Case Study 2: How Is This Working for You?. Case Study 3: The Weakest Link.