[Net-Gold] CYBERSECURITY : CYBERCRIME : CYBERTERRORISM : COMPUTER AND DEVICE SECURITY: A Bibliography of Selected Publications About Cybersecurity, Cybercrime and Cyberterrorism

 

.

 

.

 

CYBERSECURITY :

CYBERCRIME :

CYBERTERRORISM :

COMPUTER AND DEVICE SECURITY:

A Bibliography of Selected Publications About Cybersecurity, Cybercrime and Cyberterrorism

 

.

 

.

 

 

 

What is computer security?

Author: Bishop, M. View Author Profile

Journal: IEEE security & privacy

ISSN: 1540-7993

Date: 01/2003

Volume: 1 Issue: 1 Page: 67-69

DOI: 10.1109/MSECP.2003.1176998

 

http://tinyurl.com/hzfnuy5

 

.

 

Gordon, L. A., and Loeb, M. P.

(2006).

Managing cybersecurity resources: a cost-benefit analysis

(Vol. 1).

New York: McGraw-Hill.

 

http://tinyurl.com/gtfk85g

 

.

 

Denning, D. E.

(2001).

Activism, hacktivism, and cyberterrorism:

The Internet as a tool for influencing foreign policy.

Networks and netwars: The future of terror, crime, and militancy,

239, 288.

 

http://tinyurl.com/jcjhsom

 

.

 

Gollmann, D.

(2010).

Computer security.

Wiley Interdisciplinary Reviews:

Computational Statistics, 2(5), 544-554.

 

http://tinyurl.com/j8s3ppy

 

.

 

Studying users’ computer security behavior: A health belief perspective

Author: Ng, Boon-Yuen View Author Profile

Journal: Decision Support Systems

Date: 03/2009

Volume: 46   Issue: 4   Page: 815-825

DOI: 10.1016/j.dss.2008.11.010

 

http://tinyurl.com/z4mbtbe

 

.

 

Cybercrime and Society

Author:       Majid Yar   

Cybercrime and Society

Sage Publications Ltd. ©2006

ISBN:1412907535

 

http://tinyurl.com/zln6b5p

 

.

 

Examining the Applicability of Lifestyle-Routine Activities

Theory for Cybercrime Victimization

Author: Holt, Thomas J. View Author Profile

Journal: Deviant behavior

ISSN: 0163-9625

Date: 11/2008

Volume: 30 Issue: 1 Page: 1-25

DOI: 10.1080/01639620701876577

 

http://tinyurl.com/hdke5jl

 

.

 

Anderson, R., Barton, C., Böhme, R., Clayton, R., Van Eeten, M. J., Levi, M., …

and Savage, S.

(2013).

Measuring the cost of cybercrime.

In The economics of information security and privacy

(pp. 265-300).

Springer Berlin Heidelberg.

 

http://tinyurl.com/ja9umg3

 

.

 

Scene of the Cybercrime

Scene of the Cybercrime: Computer Forensics Handbook Series

Authors      Debra Littlejohn Shinder, Michael Cross

Edition        2

Publisher    Syngress, 2008

ISBN  0080486991, 9780080486994

Length        744 pages

 

http://tinyurl.com/zzaw8vo

 

.

 

Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M. G., …

and Saxena, P.

(2008).

BitBlaze: A new approach to computer security via binary analysis.

In Information systems security

(pp. 1-25).

Springer Berlin Heidelberg.

 

http://tinyurl.com/jqgnmob

 

.

 

Cybersecurity for Critical Infrastructures: Attack and Defense Modeling

Author: Ten, Chee-Wooi View Author Profile

Journal: IEEE Transactions on Systems, Man, and Cybernetics –

Part A: Systems and Humans

ISSN: 1083-4427

Date: 07/2010

Volume: 40 Issue: 4 Page: 853-865

DOI: 10.1109/TSMCA.2010.2048028

 

http://tinyurl.com/gvhzqkd

 

.

 

Principles of Cybercrime

Author        Jonathan Clough

Edition        2

Publisher    Cambridge University Press, 2015

ISBN  1316409295, 9781316409299

 

http://tinyurl.com/jp8tfpk

 

.

 

Wilson, C.

(2008, January).

Botnets, cybercrime, and cyberterrorism:

Vulnerabilities and policy issues for congress.

LIBRARY OF CONGRESS WASHINGTON DC

CONGRESSIONAL RESEARCH SERVICE.

 

http://tinyurl.com/zoh3ehg

 

.

 

Encyclopedia of Cybercrime

Editor         Samuel C. McQuade

Publisher    Greenwood Press, 2009

Original from       the University of California

Digitized    Sep 10, 2009

ISBN  0313339740, 9780313339745

Length        210 pages

 

http://tinyurl.com/jojvrky

 

.

 

 

Cybersecurity: What Everyone Needs to Know

What Everyone Needs To Know

Authors      Peter W. Singer, Allan Friedman

Publisher    OUP USA, 2014

ISBN  0199918112, 9780199918119

Length        306 pages

 

http://tinyurl.com/haobnny

 

.

 

Cybercrime: Investigating High-Technology Computer Crime

Author        Robert Moore

Edition        revised

Publisher    Routledge, 2010

ISBN  1437755836, 9781437755831

Length        312 pages

 

http://tinyurl.com/hozhreo

 

.

 

Cybercrime: Security and Surveillance in the Information Age

Editors        Brian D. Loader, Douglas Thomas

Publisher    Routledge, 2013

ISBN  1135122644, 9781135122645

Length        320 pages

 

http://tinyurl.com/z34ufrc

 

.

 

Cybercrime 2.0 when the cloud turns dark

Author: Provos, Niels

Journal: Communications of the ACM

ISSN: 0001-0782

Date: 04/2009

Volume: 52 Issue: 4 Page: 42

DOI: 10.1145/1498765.1498782

 

http://tinyurl.com/jrg4jj5

 

.

 

Fundamentals of Computer Security

Authors      Josef Pieprzyk, Thomas Hardjono, Jennifer Seberry

Edition        illustrated

Publisher    Springer Science & Business Media, 2013

ISBN  3662073242, 9783662073247

Length        677 pages

 

http://tinyurl.com/j9aasyw

 

.

 

Kshetri, N.

(2010).

The global cybercrime industry:

economic, institutional and strategic perspectives.

Springer Science & Business Media.

 

http://tinyurl.com/gptjflg

 

.

 

Cybercrime victimization:

An examination of individual and situational level factors

Author: Ngo, FT View Author Profile

Journal: International journal of cyber criminology

ISSN: 0974-2891

Date: 2011

Volume: 5 Issue: 1 Page: 773

 

http://tinyurl.com/hh8lre5

 

.

 

Reeder, R. W., Bauer, L., Cranor, L. F., Reiter, M. K., Bacon, K., How, K., and

Strong, H.

(2008, April).

Expandable grids for visualizing and authoring computer security policies.

In Proceedings of the SIGCHI Conference on Human Factors

in Computing Systems

(pp. 1473-1482). ACM.

 

http://tinyurl.com/jmz28w8

 

.

 

Data Mining and Machine Learning in Cybersecurity

Authors      Sumeet Dua, Xian Du

Edition        illustrated

Publisher    CRC Press, 2011

ISBN  1439839433, 9781439839430

Length        256 pages

 

http://tinyurl.com/h9ls8j7

 

.

 

Cybercrime: Criminal Threats from Cyberspace

Crime, media, and popular culture, ISSN 1549-196X

Author        Susan W. Brenner

Publisher    ABC-CLIO, 2010

ISBN  0313365466, 9780313365461

Length        281 pages

 

http://tinyurl.com/hbolpfs

 

.

 

Dumitras, T., & Shou, D.

(2011, April).

Toward a standard benchmark for computer security research:

The Worldwide Intelligence Network Environment (WINE).

In Proceedings of the First Workshop on Building Analysis Datasets

and Gathering Experience Returns for Security (pp. 89-96). ACM.

 

http://tinyurl.com/gmld5bl

 

.

 

Sommer, P., and Brown, I.

(2011).

Reducing systemic cybersecurity risk.

Organisation for Economic Cooperation and Development

Working Paper No. IFP/WKP/FGS (2011), 3.

 

http://tinyurl.com/z6y7lz6

 

.

 

Computer Security

Author        John M. Carroll

Edition        2

Publisher    Butterworth-Heinemann, 2014

ISBN  1483103013, 9781483103013

Length        462 pages

 

https://www.google.com/search?tbm=bks&q=%22Computer+Security%22

 

.

 

Winkler, V. J.

(2011).

Securing the Cloud: Cloud computer Security techniques and tactics.

Elsevier.

 

http://tinyurl.com/jdsrchp

 

.

 

Cybersecurity: Stakeholder incentives, externalities, and policy options

Author: Bauer, Johannes M. View Author Profile

Journal: Telecommunications policy

ISSN: 0308-5961

Date: 11/2009

Volume: 33 Issue: 10-11 Page: 706-719

DOI: 10.1016/j.telpol.2009.09.001

 

http://tinyurl.com/h5tkuzm

 

.

 

Cybersecurity Strategies: The QuERIES Methodology

Author: Carin, Lawrence View Author Profile

Journal: Computer (Long Beach, Calif.)

ISSN: 0018-9162

Date: 08/2008

Volume: 41 Issue: 8 Page: 20-26

DOI: 10.1109/MC.2008.295

 

http://tinyurl.com/gvu6cyd

 

.

 

Against cyberterrorism

Author: Conway, Maura

Journal: Communications of the ACM

ISSN: 0001-0782

Date: 02/2011

Volume: 54 Issue: 2 Page: 26

DOI: 10.1145/1897816.1897829

 

http://tinyurl.com/hw6yklc

 

.

 

Takahashi, T., Kadobayashi, Y., and Fujiwara, H.

(2010, September).

Ontological approach toward cybersecurity in cloud computing.

In Proceedings of the 3rd international conference on

Security of information and networks (pp. 100-109). ACM.

 

http://tinyurl.com/zuqzb7v

 

.

 

Computer Security Fundamentals

Author        William (Chuck) Easttom II

Edition        2

Publisher    Pearson Education, 2011

ISBN  0132828324, 9780132828321

Length        550 pages

 

http://tinyurl.com/gw4v49d

 

.

 

The growing phenomenon of crime and the internet:

A cybercrime execution and analysis model

Author: Hunton, Paul View Author Profile

Journal: Computer law & security review

ISSN: 0267-3649

Date: 11/2009

Volume: 25 Issue: 6 Page: 528-535

DOI: 10.1016/j.clsr.2009.09.005

 

http://tinyurl.com/jd457uv

 

.

 

Whitty, M. T., and Buchanan, T.

(2012).

The online romance scam: A serious cybercrime.

CyberPsychology, Behavior, and Social Networking, 15(3), 181-183.

 

http://tinyurl.com/j9csnd5

 

.

 

Gable, K. A.

(2010).

Cyber-Apocalypse Now: Securing the Internet Against Cyberterrorism

and Using Universal Jurisdiction as a Deterrent.

Vand. J. Transnat’l L., 43, 57.

 

http://tinyurl.com/hjdmsaw

 

.

 

Wash, R.

(2010, July).

Folk models of home computer security.

In Proceedings of the Sixth Symposium on Usable Privacy and Security

(p. 11). ACM.

 

http://tinyurl.com/zptm7go

 

.

 

Higgins, G. E.

(2010).

Cybercrime: An introduction to an emerging phenomenon

(p. 3).

McGraw-Hill Higher Education.

 

http://tinyurl.com/jkvbvch

 

.

 

Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar

EBSCO ebook academic collection

Authors      Lillian Ablon, Martin C. Libicki, Andrea A. Golay

Publisher    Rand Corporation, 2014

ISBN  0833085743, 9780833085740

Length        82 pages

 

http://tinyurl.com/zd6gy8f

 

.

 

Cybercrime and the Culture Of Fear

Social science fiction(s) and the production of knowledge about cybercrime

Author: Wall, David S. View Author Profile

Journal: Information, Communication and Society

Date: 09/2008

  Volume: 11   Issue: 6   Page: 861-884

DOI: 10.1080/13691180802007788

 

http://tinyurl.com/gkprw4h

 

.

 

Kontostathis, A., Edwards, L., and Leatherman, A.

(2010).

Text mining and cybercrime. Text Mining: Applications and Theory.

John Wiley & Sons, Ltd, Chichester, UK.

 

http://tinyurl.com/jmw8f85

 

.

 

For Immediate ReleaseFebruary 12, 2013

Executive Order — Improving Critical Infrastructure Cybersecurity

 

EXECUTIVE ORDER

 

– – – – – – –

 

IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY

 

https://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity

 

OR

 

http://tinyurl.com/o8yzyxd

 

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:

 

Section 1. Policy. Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the Nation’s critical infrastructure in the face of such threats. It is the policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing and collaboratively develop and implement risk-based standards.

 

Sec. 2. Critical Infrastructure. As used in this order, the term critical infrastructure means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

 

Sec. 3. Policy Coordination. Policy coordination, guidance, dispute resolution, and periodic in-progress reviews for the functions and programs described and assigned herein shall be provided through the interagency process established in Presidential Policy Directive-1 of February 13, 2009 (Organization of the National Security Council System), or any successor.

 

Sec. 4. Cybersecurity Information Sharing. (a) It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats. Within 120 days of the date of this order, the Attorney General, the Secretary of Homeland Security (the “Secretary”), and the Director of National Intelligence shall each issue instructions consistent with their authorities and with the requirements of section 12(c) of this order to ensure the timely production of unclassified reports of cyber threats to the U.S. homeland that identify a specific targeted entity. The instructions shall address the need to protect intelligence and law enforcement sources, methods, operations, and investigations.

 

(b) The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a process that rapidly disseminates the reports produced pursuant to section 4(a) of this order to the targeted entity. Such process shall also, consistent with the need to protect national security information, include the dissemination of classified reports to critical infrastructure entities authorized to receive them. The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a system for tracking the production, dissemination, and disposition of these reports.

 

(c) To assist the owners and operators of critical infrastructure in protecting their systems from unauthorized access, exploitation, or harm, the Secretary, consistent with 6 U.S.C. 143 and in collaboration with the Secretary of Defense, shall, within 120 days of the date of this order, establish procedures to expand the Enhanced Cybersecurity Services program to all critical infrastructure sectors. This voluntary information sharing program will provide classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure.

 

(d) The Secretary, as the Executive Agent for the Classified National Security Information Program created under Executive Order 13549 of August 18, 2010 (Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities), shall expedite the processing of security clearances to appropriate personnel employed by critical infrastructure owners and operators, prioritizing the critical infrastructure identified in section 9 of this order.

 

(e) In order to maximize the utility of cyber threat information sharing with the private sector, the Secretary shall expand the use of programs that bring private sector subject-matter experts into Federal service on a temporary basis. These subject matter experts should provide advice regarding the content, structure, and types of information most useful to critical infrastructure owners and operators in reducing and mitigating cyber risks.

 

Sec. 5. Privacy and Civil Liberties Protections. (a) Agencies shall coordinate their activities under this order with their senior agency officials for privacy and civil liberties and ensure that privacy and civil liberties protections are incorporated into such activities. Such protections shall be based upon the Fair Information Practice Principles and other privacy and civil liberties policies, principles, and frameworks as they apply to each agency’s activities.

 

(b) The Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security (DHS) shall assess the privacy and civil liberties risks of the functions and programs undertaken by DHS as called for in this order and shall recommend to the Secretary ways to minimize or mitigate such risks, in a publicly available report, to be released within 1 year of the date of this order. Senior agency privacy and civil liberties officials for other agencies engaged in activities under this order shall conduct assessments of their agency activities and provide those assessments to DHS for consideration and inclusion in the report. The report shall be reviewed on an annual basis and revised as necessary. The report may contain a classified annex if necessary. Assessments shall include evaluation of activities against the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles, and frameworks. Agencies shall consider the assessments and recommendations of the report in implementing privacy and civil liberties protections for agency activities.

 

(c) In producing the report required under subsection (b) of this section, the Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of DHS shall consult with the Privacy and Civil Liberties Oversight Board and coordinate with the Office of Management and Budget (OMB).

 

(d) Information submitted voluntarily in accordance with 6 U.S.C. 133 by private entities under this order shall be protected from disclosure to the fullest extent permitted by law.

 

Sec. 6. Consultative Process. The Secretary shall establish a consultative process to coordinate improvements to the cybersecurity of critical infrastructure. As part of the consultative process, the Secretary shall engage and consider the advice, on matters set forth in this order, of the Critical Infrastructure Partnership Advisory Council; Sector Coordinating Councils; critical infrastructure owners and operators; Sector-Specific Agencies; other relevant agencies; independent regulatory agencies; State, local, territorial, and tribal governments; universities; and outside experts.

 

Sec. 7. Baseline Framework to Reduce Cyber Risk to Critical Infrastructure. (a) The Secretary of Commerce shall direct the Director of the National Institute of Standards and Technology (the “Director”) to lead the development of a framework to reduce cyber risks to critical infrastructure (the “Cybersecurity Framework”). The Cybersecurity Framework shall include a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks. The Cybersecurity Framework shall incorporate voluntary consensus standards and industry best practices to the fullest extent possible. The Cybersecurity Framework shall be consistent with voluntary international standards when such international standards will advance the objectives of this order, and shall meet the requirements of the National Institute of Standards and Technology Act, as amended (15 U.S.C. 271 et seq.), the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113), and OMB Circular A-119, as revised.

 

(b) The Cybersecurity Framework shall provide a prioritized, flexible, repeatable, performance-based, and cost-effective approach, including information security measures and controls, to help owners and operators of critical infrastructure identify, assess, and manage cyber risk. The Cybersecurity Framework shall focus on identifying cross-sector security standards and guidelines applicable to critical infrastructure. The Cybersecurity Framework will also identify areas for improvement that should be addressed through future collaboration with particular sectors and standards-developing organizations. To enable technical innovation and account for organizational differences, the Cybersecurity Framework will provide guidance that is technology neutral and that enables critical infrastructure sectors to benefit from a competitive market for products and services that meet the standards, methodologies, procedures, and processes developed to address cyber risks. The Cybersecurity Framework shall include guidance for measuring the performance of an entity in implementing the Cybersecurity Framework.

 

(c) The Cybersecurity Framework shall include methodologies to identify and mitigate impacts of the Cybersecurity Framework and associated information security measures or controls on business confidentiality, and to protect individual privacy and civil liberties.

 

(d) In developing the Cybersecurity Framework, the Director shall engage in an open public review and comment process. The Director shall also consult with the Secretary, the National Security Agency, Sector-Specific Agencies and other interested agencies including OMB, owners and operators of critical infrastructure, and other stakeholders through the consultative process established in section 6 of this order. The Secretary, the Director of National Intelligence, and the heads of other relevant agencies shall provide threat and vulnerability information and technical expertise to inform the development of the Cybersecurity Framework. The Secretary shall provide performance goals for the Cybersecurity Framework informed by work under section 9 of this order.

 

(e) Within 240 days of the date of this order, the Director shall publish a preliminary version of the Cybersecurity Framework (the “preliminary Framework”). Within 1 year of the date of this order, and after coordination with the Secretary to ensure suitability under section 8 of this order, the Director shall publish a final version of the Cybersecurity Framework (the “final Framework”).

 

(f) Consistent with statutory responsibilities, the Director will ensure the Cybersecurity Framework and related guidance is reviewed and updated as necessary, taking into consideration technological changes, changes in cyber risks, operational feedback from owners and operators of critical infrastructure, experience from the implementation of section 8 of this order, and any other relevant factors.

 

Sec. 8. Voluntary Critical Infrastructure Cybersecurity Program. (a) The Secretary, in coordination with Sector-Specific Agencies, shall establish a voluntary program to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure and any other interested entities (the “Program”).

 

(b) Sector-Specific Agencies, in consultation with the Secretary and other interested agencies, shall coordinate with the Sector Coordinating Councils to review the Cybersecurity Framework and, if necessary, develop implementation guidance or supplemental materials to address sector-specific risks and operating environments.

 

(c) Sector-Specific Agencies shall report annually to the President, through the Secretary, on the extent to which owners and operators notified under section 9 of this order are participating in the Program.

 

(d) The Secretary shall coordinate establishment of a set of incentives designed to promote participation in the Program. Within 120 days of the date of this order, the Secretary and the Secretaries of the Treasury and Commerce each shall make recommendations separately to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, that shall include analysis of the benefits and relative effectiveness of such incentives, and whether the incentives would require legislation or can be provided under existing law and authorities to participants in the Program.

 

(e) Within 120 days of the date of this order, the Secretary of Defense and the Administrator of General Services, in consultation with the Secretary and the Federal Acquisition Regulatory Council, shall make recommendations to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, on the feasibility, security benefits, and relative merits of incorporating security standards into acquisition planning and contract administration. The report shall address what steps can be taken to harmonize and make consistent existing procurement requirements related to cybersecurity.

 

Sec. 9. Identification of Critical Infrastructure at Greatest Risk. (a) Within 150 days of the date of this order, the Secretary shall use a risk-based approach to identify critical infrastructure where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security. In identifying critical infrastructure for this purpose, the Secretary shall use the consultative process established in section 6 of this order and draw upon the expertise of Sector-Specific Agencies. The Secretary shall apply consistent, objective criteria in identifying such critical infrastructure. The Secretary shall not identify any commercial information technology products or consumer information technology services under this section. The Secretary shall review and update the list of identified critical infrastructure under this section on an annual basis, and provide such list to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs.

 

(b) Heads of Sector-Specific Agencies and other relevant agencies shall provide the Secretary with information necessary to carry out the responsibilities under this section. The Secretary shall develop a process for other relevant stakeholders to submit information to assist in making the identifications required in subsection (a) of this section.

 

(c) The Secretary, in coordination with Sector-Specific Agencies, shall confidentially notify owners and operators of critical infrastructure identified under subsection (a) of this section that they have been so identified, and ensure identified owners and operators are provided the basis for the determination. The Secretary shall establish a process through which owners and operators of critical infrastructure may submit relevant information and request reconsideration of identifications under subsection (a) of this section.

 

Sec. 10. Adoption of Framework. (a) Agencies with responsibility for regulating the security of critical infrastructure shall engage in a consultative process with DHS, OMB, and the National Security Staff to review the preliminary Cybersecurity Framework and determine if current cybersecurity regulatory requirements are sufficient given current and projected risks. In making such determination, these agencies shall consider the identification of critical infrastructure required under section 9 of this order. Within 90 days of the publication of the preliminary Framework, these agencies shall submit a report to the President, through the Assistant to the President for Homeland Security and Counterterrorism, the Director of OMB, and the Assistant to the President for Economic Affairs, that states whether or not the agency has clear authority to establish requirements based upon the Cybersecurity Framework to sufficiently address current and projected cyber risks to critical infrastructure, the existing authorities identified, and any additional authority required.

 

(b) If current regulatory requirements are deemed to be insufficient, within 90 days of publication of the final Framework, agencies identified in subsection (a) of this section shall propose prioritized, risk-based, efficient, and coordinated actions, consistent with Executive Order 12866 of September 30, 1993 (Regulatory Planning and Review), Executive Order 13563 of January 18, 2011 (Improving Regulation and Regulatory Review), and Executive Order 13609 of May 1, 2012 (Promoting International Regulatory Cooperation), to mitigate cyber risk.

 

(c) Within 2 years after publication of the final Framework, consistent with Executive Order 13563 and Executive Order 13610 of May 10, 2012 (Identifying and Reducing Regulatory Burdens), agencies identified in subsection (a) of this section shall, in consultation with owners and operators of critical infrastructure, report to OMB on any critical infrastructure subject to ineffective, conflicting, or excessively burdensome cybersecurity requirements. This report shall describe efforts made by agencies, and make recommendations for further actions, to minimize or eliminate such requirements.

 

(d) The Secretary shall coordinate the provision of technical assistance to agencies identified in subsection (a) of this section on the development of their cybersecurity workforce and programs.

 

(e) Independent regulatory agencies with responsibility for regulating the security of critical infrastructure are encouraged to engage in a consultative process with the Secretary, relevant Sector-Specific Agencies, and other affected parties to consider prioritized actions to mitigate cyber risks for critical infrastructure consistent with their authorities.

 

Sec. 11. Definitions. (a) “Agency” means any authority of the United States that is an “agency” under 44 U.S.C. 3502(1), other than those considered to be independent regulatory agencies, as defined in 44 U.S.C. 3502(5).

 

(b) “Critical Infrastructure Partnership Advisory Council” means the council established by DHS under 6 U.S.C. 451 to facilitate effective interaction and coordination of critical infrastructure protection activities among the Federal Government; the private sector; and State, local, territorial, and tribal governments.

 

(c) “Fair Information Practice Principles” means the eight principles set forth in Appendix A of the National Strategy for Trusted Identities in Cyberspace.

 

(d) “Independent regulatory agency” has the meaning given the term in 44 U.S.C. 3502(5).

 

(e) “Sector Coordinating Council” means a private sector coordinating council composed of representatives of owners and operators within a particular sector of critical infrastructure established by the National Infrastructure Protection Plan or any successor.

 

(f) “Sector-Specific Agency” has the meaning given the term in Presidential Policy Directive-21 of February 12, 2013 (Critical Infrastructure Security and Resilience), or any successor.

 

Sec. 12. General Provisions. (a) This order shall be implemented consistent with applicable law and subject to the availability of appropriations. Nothing in this order shall be construed to provide an agency with authority for regulating the security of critical infrastructure in addition to or to a greater extent than the authority the agency has under existing law. Nothing in this order shall be construed to alter or limit any authority or responsibility of an agency under existing law.

 

(b) Nothing in this order shall be construed to impair or otherwise affect the functions of the Director of OMB relating to budgetary, administrative, or legislative proposals.

 

(c) All actions taken pursuant to this order shall be consistent with requirements and authorities to protect intelligence and law enforcement sources and methods. Nothing in this order shall be interpreted to supersede measures established under authority of law to protect the security and integrity of specific activities and associations that are in direct support of intelligence and law enforcement operations.

 

(d) This order shall be implemented consistent with U.S. international obligations.

 

(e) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

 

BARACK OBAMA

 

.

 

.

 

 

Cybercrime, media and insecurity:

The shaping of public perceptions of cybercrime1

Author: Wall*, David S. View Author Profile

Journal: International review of law, computers & technology

ISSN: 1360-0869

Date: 07/2008

Volume: 22 Issue: 1-2 Page: 45-63

DOI: 10.1080/13600860801924907

 

http://tinyurl.com/hd732fk

 

.

 

Burstein, A. J.

(2008).

Conducting Cybersecurity Research Legally and Ethically.

LEET, 8, 1-8.

 

http://tinyurl.com/jskqjr2

 

.

 

Moore, T.

(2010).

The economics of cybersecurity: principles and policy options.

International Journal of Critical infrastructure Protection, 3(3), 103-117.

 

http://tinyurl.com/zaver45

 

.

 

Brito, J., and Watkins, T.

(2011).

Loving the Cyber Bomb-The Dangers of Threat Inflation in Cybersecurity Policy.

Harv. Nat’l Sec. J., 3, 39.

 

http://tinyurl.com/h3hakxa

 

.

 

Thierer, A. D.

(2013).

Technopanics, threat inflation, and the danger of

an information technology precautionary principle.

Minnesota Journal of Law, Science and Technology, 14(1), 12-09.

 

http://tinyurl.com/z87xk7h

 

.

 

Yan, C.

(2011, October).

Cybercrime forensic system in cloud computing.

In Image Analysis and Signal Processing (IASP),

2011 International Conference on (pp. 612-615). IEEE.

 

http://tinyurl.com/h96fh58

 

.

 

The need for a national cybersecurity research and development agenda

Author: Maughan, Douglas

Journal: Communications of the ACM

ISSN: 0001-0782

Date: 02/2010

Volume: 53 Issue: 2 Page: 29

DOI: 10.1145/1646353.1646365

 

http://tinyurl.com/z57wxtz

 

.

 

The need for a national cybersecurity research and development agenda

Author: Maughan, Douglas

Journal: Communications of the ACM

ISSN: 0001-0782

Date: 02/2010

Volume: 53 Issue: 2 Page: 29

DOI: 10.1145/1646353.1646365

 

http://tinyurl.com/z57wxtz

 

.

 

Lachow, I.

(2009).

Cyber terrorism: Menace or myth.

Cyberpower and national security, 434-467.

 

http://tinyurl.com/zecdyjw

 

.

 

Holt, T. J.

(2012).

Exploring the intersections of technology, crime, and terror.

Terrorism and Political Violence, 24(2), 337-354.

 

http://tinyurl.com/zuvqwgk

 

.

 

Nojeim, G. T.

(2010).

Cybersecurity and Freedom on the Internet.

J. Nat’l Sec. L. and Pol’y, 4, 119.

 

http://tinyurl.com/zezsdlt

 

.

 

Decision support for Cybersecurity risk planning

Author: Rees, Loren Paul View Author Profile

Journal: Decision Support Systems

Date: 06/2011

 Volume: 51   Issue: 3   Page: 493-505

DOI: 10.1016/j.dss.2011.02.013

 

http://tinyurl.com/z8zfzhf

 

.

 

The Seven Scam Types: Mapping the Terrain of Cybercrime

Author: Stabek, Amber

Book: Cybercrime and Trustworthy Computing Workshop (CTC),

2010 Second

ISBN: 1-4244-8054-X, 978-1-4244-8054-8

Date: 07/2010

Page: 41-51

DOI: 10.1109/CTC.2010.14

 

http://tinyurl.com/zkmqlt5

 

.

 

.

 

WEBBIB1516

 

http://tinyurl.com/q8tavoy

 

.

 

.

 

Sincerely,

David Dillard

Temple University

(215) 204 – 4584

jwne@temple.edu

http://workface.com/e/daviddillard

Net-Gold

http://groups.yahoo.com/group/net-gold

http://listserv.temple.edu/archives/net-gold.html

https://groups.io/org/groupsio/Net-Gold/archives

http://net-gold.3172864.n2.nabble.com/

General Internet & Print Resources

http://tinyurl.com/pwyg37u

COUNTRIES

http://tinyurl.com/p7s2z4u

EMPLOYMENT

http://tinyurl.com/oxa9w52

TOURISM

http://tinyurl.com/pnla2o9

DISABILITIES

http://tinyurl.com/pl7gorq

INDOOR GARDENING

https://groups.yahoo.com/neo/groups/IndoorGardeningUrban/info

Educator-Gold

http://groups.yahoo.com/group/Educator-Gold/

K12ADMINLIFE

http://groups.yahoo.com/group/K12AdminLIFE/

The Russell Conwell Learning Center Research Guide:

THE COLLEGE LEARNING CENTER

http://tinyurl.com/obcj6rf

Information Literacy

http://tinyurl.com/78a4shn

Research Guides

https://sites.google.com/site/researchguidesonsites/

Nina Dillard’s Photographs on Net-Gold

http://tinyurl.com/36qd2o

and also at

http://www.flickr.com/photos/neemers/

Twitter: davidpdillard

Temple University Site Map

https://sites.google.com/site/templeunivsitemap/home

Bushell, R. & Sheldon, P. (eds),

Wellness and Tourism: Mind, Body, Spirit,

Place, New York: Cognizant Communication Books.

Wellness Tourism: Bibliographic and Webliographic Essay

David P. Dillard

http://tinyurl.com/p63whl

RailTram Discussion Group

From the Union Pacific to BritRail and Beyond

https://groups.yahoo.com/neo/groups/railtram/info  

INDOOR GARDENING

Improve Your Chances for Indoor Gardening Success

https://groups.yahoo.com/neo/groups/IndoorGardeningUrban/info

SPORT-MED

https://www.jiscmail.ac.uk/lists/sport-med.html

http://groups.yahoo.com/group/sports-med/

http://listserv.temple.edu/archives/sport-med.html

HEALTH DIET FITNESS RECREATION SPORTS TOURISM

https://groups.yahoo.com/neo/groups/healthrecsport/info

http://listserv.temple.edu/archives/health-recreation-sports-tourism.html

.

.

Please Ignore All Links to JIGLU

in search results for Net-Gold and related lists.

The Net-Gold relationship with JIGLU has

been terminated by JIGLU and these are dead links.

http://groups.yahoo.com/group/Net-Gold/message/30664

http://health.groups.yahoo.com/group/healthrecsport/message/145

Temple University Listserv Alert :

Years 2009 and 2010 Eliminated from Archives

https://sites.google.com/site/templeuniversitylistservalert/

.

.

.
_._,_._,_

.

.

 

.

 

Groups.io Links:

You receive all messages sent to this group.

View This Message (#3827)

 

 

.

 

 

.

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s