Cybersecurity: Ethics, Legal, Risks, and Policies

This book is the first of its kind to introduce the integration of ethics, laws, risks, and policies in cyberspace. The book provides understanding of the ethical and legal aspects of cyberspace along with the risks involved. It also addresses current and proposed cyber policies, serving as a summary of the state of the art cyber laws in the United States. It also, importantly, incorporates various risk management and security strategies from a number of organizations.

Using easy-to-understand language and incorporating case studies, the authors begin with the consideration of ethics and law in cybersecurity and then go on to take into account risks and security policies. The section on risk covers identification, analysis, assessment, management, and remediation. The very important topic of cyber insurance is covered as well-its benefits, types, coverage, etc. The section on cybersecurity policy acquaints readers with the role of policies in cybersecurity and how they are being implemented by means of frameworks. The authors provide a policy overview followed by discussions of several popular cybersecurity frameworks, such as NIST, COBIT, PCI/DSS, ISO series, etc.

Ishaani Priyadarshini has authored several book chapters for reputed publishers and is also an author of several publications for SCIE-indexed journals. As a certified reviewer, she conducts peer review of research papers for IEEE, Elsevier, and Springer journals and is a member of the editorial board of the International Journal of Information Security and Privacy (IJISP). She is a PhD candidate (Department of Electrical and Computer Engineering) at the University of Delaware, USA, from where she also obtained her master's degree in cybersecurity. Prior to that, she completed her bachelor's degree in computer science engineering and a master's degree in information security from Kalinga Institute of Industrial Technology, India. Her areas of research include cybersecurity (authentication systems, cybersecurity ethics, and policies) and artificial intelligence.

Chase Cotton, PhD, CISSP, is a successful researcher, carrier executive, product manager, consultant, and educator for the technologies used in Internet and data services in the carrier environment for over 30 years. Since 2008, Dr. Cotton has been at the University of Delaware in the Department of Electrical and Computer Engineering, initially as a visiting scholar, and later as a Senior Scientist, Professor of Practice, and Director of Delaware's Center for Information and Communications Sciences (CICS). Beginning in the mid-80s, Dr. Cotton's communications research in Bellcore's Applied Research Area involved creating new algorithms and methods in bridging multicast and many forms of packet-based applications, including voice and video, traffic monitoring, transport protocols, custom VLSI for communications (protocol engines and content addressable memories), and gigabit networking. In the mid-90s, as the commercial Internet began to blossom, he transitioned to assist carriers worldwide as they started their Internet businesses, including Internet Service Providers (ISPs), hosting and web services, and the first large-scale commercial deployment of Digital Subscriber Line (DSL) for consumer broadband services. In 2000, Dr. Cotton assumed research, planning, and engineering for Sprint's global Tier 1 Internet provider, SprintLink, expanding and evolving the network significantly during his eight-year tenure. At Sprint his activities include leading a team that enabled infrastructure for the first large-scale collection and analysis of Tier 1 backbone traffic, and he twice set the Internet 2 Land Speed World Record on a commercial production network. His research interests include cybersecurity and high-availability software systems with funding drawn from the NSF, ARL, CERDEC, JPMorgan Chase, and other industrial sponsors. Dr. Cotton currently consults on communications and Internet architectures for many carriers and equipment vendors worldwide.