Edited by Ramesh Subramanian, Ph.D. | Reviewed by Carlos Villamizar Rodriguez, CISA, CGEIT, BS 25999 LA, ISO 27001 LA
The intersection of politics, law, privacy and security in the context of computer technology is both sensitive and complex. Computer Security, Privacy, and Politics: Current Issues, Challenges, and Solutions connects privacy and politics, offering a point-in-time review of recent developments in computer security, with a special focus on the relevance and implications of global privacy, law and politics for society, individuals and corporations. The book compiles high-quality, timely content on such cutting-edge topics as global and societal implications, emerging lawsuits and cases, emerging computer exploits, and protection from attacks on privacy.
Computer Security, Privacy, and Politics is organized into five sections, with a total of 14 chapters. Each chapter includes the contributions of different authors. The audience for this book is anyone in the fields of security, privacy, law and politics, and academics and technology managers, social and political scientists, chief information officers (CIOs), and chief information security officers (CISOs).
The first section introduces the notions of security and privacy in a global context, setting the tone for the rest of the book. Themes in chapter one include: individual privacy on the web, growing concerns among web users, and technologies employed for collecting and protecting information on the web.
The second section takes the reader into a major aspect of implementing computer security and personal privacy across various nations. In chapter three, authors discuss some of the most significant governmental regulations recently mandated in the IT industry and their considerable impact and implications on information technology, from both a technical and a managerial perspective. Then, the authors suggest that the plethora of regulations being imposed on the IT industry is moving organizations in the IT industry to conform and implement standardized processes and practices, resulting in the industrywide commoditization of IT.
The third section focuses on emerging privacy technologies and their uses and implications. Chapter five discusses a taxonomy of existing data-mining techniques. Chapter six discusses some rational security and privacy concerns about biometric technology. Chapter seven addresses the multiple issues related to privacy threats through privacy-intrusive technologies.
The fourth section focuses on how privacy and security are handled in the organizational context. Chapter eight discusses how one small business planned for and implemented the security of its data in a new enterprisewide system. Chapter nine examines the connection between privacy, security and the enterprise architecture framework. Chapter 10 covers the ever-important business issue of information security in organizations by researching these issues in the context of Canadian financial firms and educational organizations.
The fifth, and final, section discusses important emerging topics and issues related to security, privacy and politics. Chapter 11 discusses emerging technologies and emerging privacy issues. Chapter 12 provides a window into the emerging world of teledemocracy in developing countries. It includes the effects of information and communication technologies on democracy and focuses on the driving forces—citizens and technology—to understand the effects and future implications. Chapter 13 introduces trust modeling and trust management as a means of managing trust in digital systems. Chapter 14 brings a pedagogical focus to the theme of the book by introducing the interrelationships of security, privacy and politics in higher education.
Computer Security, Privacy, and Politics: Current Issues, Challenges, and Solutions is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in this Journal, visit www.isaca.org/bookstore, e-mail [email protected] or telephone +1.847.660.5650.
Reviewed by Carlos Villamizar Rodriguez, CISA, CGEIT, ISO 27001 LA, BS 25999 LAconsulting manager at Digiware S.A., Bogota, Colombia. He has more than 15 years’ experience in controls, security, and information systems auditing and consulting. He has worked in and has broad experience in IT governance, audit and security. An active member in ISACA’s community, he was president of the ISACA Bogota Chapter (2007-2009) and has been a member of various committees at ISACA since 2004. His work was recognized this year with the John Kuyers Award, which recognizes individuals for major contributions to the development of ISACA global conferences or for outstanding individual speaking achievements.
Enjoying this article? To read the most current ISACA® Journal articles, become a member or subscribe to the Journal.
The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.
Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute® and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.
© 2010 ISACA. All rights reserved.
Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.