Use our essay title generator to get ideas and recommendations instantly
One of the major reasons for this vulnerability is the increased and widespread presence of these groups within the American home soil. As a result of the various operations in about 40 states in America, the sleeper cells are carefully planning and waiting for their next attacks. The second major reason for America's vulnerability to operations of sleeper cells is that the country's first-line defenders are neither adequately trained nor prepared to deal with terrorism (Gaubatz, 2007).
While there are numerous initiatives and plans that have been established by the government to counter terrorism, the first-line defenders are still inadequately trained and prepared to deal with terror attacks effectively. Actually, the local law enforcement agencies in the United States are not receiving enough assistance and funds from the Federal Government to tackle terrorism especially from sleeper cells. On the contrary, these sleeper cells are basically prepared to carry out terrorist…
Corsi, J. (2005, April 18). Sleeper Cells in America: 'Atomic Iran' Explains Terrorist Threats to U.S. Homeland. Retrieved December 4, 2011, from http://www.wnd.com/?pageId=29860
Gaubatz, D. (2007, February 2). Sleeper Cells in the United States and Canada. Retrieved December 4, 2011, from http://www.americanthinker.com/2007/02/sleeper_cells_in_the_united_st.html
"Islamic Extremists Invade U.S., Join Sleeper Cells." (2004, February 9). The Washington
Times. Retrieved December 4, 2011, from http://www.washingtontimes.com/news/2004/feb/9/20040209-115406-6221r/?page=all
S. Department of Energy).
Q3. Discuss the internet of things and its likely consequences for developing an enforceable information assurance (IA) policy and implementing robust security architecture.
The internet of things refers to the inevitable connectedness of all things in all regions of the world through the internet. "The fact that there will be a global system of interconnected computer networks, sensors, actuators, and devices all using the internet protocol holds so much potential to change our lives that it is often referred to as the internet's next generation" (Ferber 2013). Although the internet feels ubiquitous today, the internet of things refers to an even more complete merger of the virtual and the real world. "In many and diverse sectors of the global economy, new web-based business models being hatched for the internet of things are bringing together market players who previously had no business dealings with each other. Through…
Ferber, Stephen. (2013). How the internet of things changes everything. HBR Blog. Retrieved:
Heath, Nick. (2012). What the internet of things means for you. Tech Republic. Retrieved:
Security Audit for FX Hospital EH/EM Systems
The study carries out the security audits for the FX Hospital EH/EM information systems to identify the vulnerabilities in the systems. The study uses the BackTrack as an auditing tool to penetrate the website, and outcomes of the auditing reveal that the website is not secure and can be subject to different vulnerabilities. After carrying out the auditing, the study is able to collect as much patients' data as possible revealing the website can be subject to vulnerable attacks. One of the vulnerabilities identified is that the website UL starts from HTTP showing that an attacker can easily break into the website and collect sensitive information. Moreover, all the data in the website are not encrypted making them easy for an attacker to collect patients' data.
By consequence, the FX Hospital can face lawsuits for failing to protect patients' data because if patients'…
Abdel-Aziz, A. (2009). Intrusion Detection & Response - Leveraging Next Generation Firewall Technology. SANS Institute.
Burr, W. Ferraiolo, H. & Waltermire, D. (2014). IEEE Computer Society. NIST and Computer Security.
Chadwick, D. (2012). Network Firewall Technologies. IS Institute, University of Salford.
Mell, P.Bergeron, T. & Henning, D.(2005).Creating a Patch and Vulnerability Management Program. National Institute of Standards and Technology (NIST).
1. In a civil action, how can a claim of negligent hiring have a greater chance of succeeding?
Jurisdictions have been increasingly putting laws in place pertaining to what makes organizations a potential target for a lawsuit on negligent hiring. Though in most instances, claims of negligent hiring may be effectively fended off, it proves increasingly tricky in the following cases:
· If the individual harming or injuring another is an employee of the company.
· If the employee is found guilty of harming, injuring or doing any damage to the complainant.
· If the organization was aware of, or ought to have been aware of, the employee’s tendency to inflict harm or injury.
· If the organization was inattentive when hiring the individual and failed to carry out a proper background check which could have identified the individual’s tendency to cause harm to clients or colleagues (McCrie, 57-60).…
" (Harman, Flite, and ond, 2012) the key to the preservation of confidentiality is "making sure that only authorized individuals have access to that information. The process of controlling access -- limiting who can see what -- begins with authorizing users." (Harman, Flite, and ond, 2012) Employers are held accountable under the HIPAA Privacy and Security Rules for their employee's actions. The federal agency that holds responsibility for the development of information security guidelines is the National Institute of Standards and Technology (NIST). NIST further defines information security as "the preservation of data confidentiality, integrity, availability" stated to be commonly referred to as "the CIA triad." (Harman, Flite, and ond, 2012)
III. Risk Reduction Strategies
Strategies for addressing barriers and overcoming these barriers are inclusive of keeping clear communication at all organizational levels throughout the process and acknowledging the impact of the organization's culture as well as capitalizing on all…
Harman, LB, Flite, CA, and Bond, K. (2012) Electronic Health Records: Privacy, Confidentiality, and Security. State of the Art and Science. Virtual Mentor. Sept. 2012, Vol. 14 No. 9. Retrieved from: http://virtualmentor.ama-assn.org/2012/09/stas1-1209.html
Kopala, B. And Mitchell, ME (2011) Use of Digital health Records Raises Ethical Concerns. JONA's Healthcare Law, Ethics, and Regulation. Jul/Sep 2011. Lippincott's Nursing Center. Retrieved from: http://www.nursingcenter.com/lnc/cearticle?tid=1238212#P77 P85 P86 P87
Security Standards & Least Privilege
Security Standards and Legislative Mandates
Industries are required by law to follow regulations to protect the privacy of information, do risk assessments, and set policies for internal control measures. Among these polices are: SOX, HIPAA, PCI DSS, and GLA. Each of these regulations implements internal control of personal information for different industries. Where GLA is for the way information is shared, all of them are for the safeguard of sensitive personal information.
Sarbanes-Oxley Act of 2002 (SOX) created new standards for corporate accountability in reporting responsibilities, accuracy of financial statements, interaction with auditors, and internal controls and procedures (Sarbanes-Oxley Essential Information). When audits are done to verify the validity of the financial statements, auditors must also verify the adequacy of the internal control and procedures. The Health Insurance Portability and Accountability Act (HIPAA) is designed to protect personal health information held by covered entities and…
Brenner. (2007). How Chevron Met the PCI DSS Deadline. Security Wire Daily News.
Gramm Leach Bliley Act. (n.d.). Retrieved from Bureau of Consumer Protection: http://business.ftc.gov/privacy-and-security/gramm-leach-bliley-act principle of least privilege (POLP). (n.d.). Retrieved from Search Security: http://searchsecurity.techtarget.com/definition/principle-of-least-privilege-POLP
Sarbanes-Oxley Essential Information. (n.d.). Retrieved from The Data Manager's Public Library: http://www.sox-online.com/basics.html
Tipton, K. & . (n.d.). Access Control Models. Retrieved from CC Cure.org: http://www.cccure.org/
In the present day, organizations are reliant on information in order to continue being relevant and not become obsolete. To be specific, organizations are reliant on the controls and systems that have been instituted in place, which provide the continuing privacy, veracity, and accessibility of their data and information (Lomprey, 2008). There is an increase and rise in threats to information contained within organizations and information systems (Lomprey, 2008). There is also a rise in the intricacy of such systems and information, which places emphasis on the importance for organizations to understand and gain an understanding of how to better safeguard their information as well as information systems. As stated by Briggs (2005), globalization has instigated the world to become a global village. This, in turn, has increased the level of complexity and intricacy of the information security aspect of the organizations across the world. There is greater…
Alfawaz, S. M. (2011). Information security management: a case study of an information security culture (Doctoral dissertation, Queensland University of Technology).
Ashenden, D. (2008). Information Security management: A human challenge? Information security technical report, 13(4), 195-201.
Briggs, R. (2005). Joining Forces From national security to networked security. DEMOS.
Chang, S. E., Ho, C. B. (2006). Organizational factors to the effectiveness of implementing information security management. Industrial Management and Data Systems, 106 (3): 345-361.
Mohr, and Webb 45)
The change includes increased consumer awareness of the corporate social responsibility (CSR) of a company to companies seeking to make such commitments to CSR marketable to the public. Companies are taking note that their CSR behaviors are important to investors in both mutual and individual investment funds, not to mention direct sales of products manufactured by the company.
This change is a significant one, and is growing in popularity, expanding to include the development of brokers an firms who specialize in different types of socially responsible business investment. Those who have a particular interest in social issues, such as fair employment or local manufacturing and employment can seek out such a broker. While those who are more about environmental issues can seek out a broker who specializes in finding companies that work within the goals of developing sustainable environmental business practices, energy efficiency, the use of…
Security Sector eform
Overview of the relevant arguments regarding Security Sector reform
The objective of security sector reform has to take care of the threats to the security of the state and the safety of its citizens. These arise often from the situation within the state and military responses may not be suitable. This leads on to an analysis of the government. The second article talks in a wider, more theoretical and less action oriented tone. It says that "existing constitutional frameworks have been used to maintain status quo than promote change." This much is certainly true and it is true not only of the countries with a security problem, but also of even United States wherein recently a justice of the Supreme Court was appointed, though she had no experience of being a judge, but she was a friend of the Chief Executive of the country. There are and…
Anderson, Major Will. Wiring up Whitehall: Ensuring Effective Cross -- Departmental
Activity. Journal of Security Sector Management. Volume 3 Number 3 -- June 2005. Retrieved from http://www.jofssm.org/issues/jofssm_0303_AndersonW_Wiring_up_whitehall_2005.doc?CFID=939029& CFTOKEN=57506392 Accessed 6 October, 2005
Ball, Nicole. Enhancing Security Sector Governance: A Conceptual Framework for UNDP. 9
October, 2002. http://www.undp.org/bcpr/jssr/4_resources/documents/UNDP_Ball_2002_SSR%20Concept%20Paper.pdf Accessed 6 October, 2005
Physical Security Controls
To document the importance of physical security controls as it relates to the massive pervasiveness of online theft and cyber crime
Background information on the identification and authentication of people.
With the advent of the internet it is often very difficult to properly identify the individual in which business is conducted with. With the extreme ease of the internet comes the secrecy of potential criminal lurking through the shadows. Identification and authentication therefore have profound impacts on how to better protect assets from criminals.
The importance of information systems security and how it relates to globalization
Information systems, particularly those that store personal information, often are very senstivie to criminal activity. Therefore physical store techniques mandate that sensitivity information be locked away and under intense surveillance. Aspects such as disposable drives, printers and workstations should also be considered.
C. Brief overview of the paper.
i. The remainder…
1. Backhouse, J., Hsu, C., & McDonnell, A. (2003). Toward public-key infrastructure interoperability. Communications of the ACM, 46(6), 98-100. Retrieved April 25, 2009, from ACM.
2. Bala, D. (2008). Biometrics and information security. Proceedings of the 5th annual conference on Information security curriculum development, 64-66. Retrieved March 31, 2009, from ACM.
3. Boatwright, M. & Lou, X. (2007). What do we know about biometrics authentication? Proceedings of the 4th annual conference on Information security curriculum development, 31, Retrieved March 31, 2009, from ACM.
4. Chan, A.T. (2003). Integrating smart card access to web-based medical information systems. Proceedings of the 2003 ACM symposium on Applied computing, 246-250.Retrieved February 13, 2009, from ACM.
Network Security Administrator, Approach Problem Securing a Central
I would utilize a number of security measures to adequately secure a central computer network that is accessed by other branches and staff from remote physical location. The vast majority tends to work in conjunction with one another, and should not deny access to authorized users.
For all of the computers that are present in the primary, physical location in which the network is based out of, I would employ encryption measures. This sort of encryption is similar to that used by cellular devices (whether in the form of tablets or phones), which enables users to reduce the threat of unauthorized users from accessing their devices or the data within them (Stafford, 2010). However, it is worth noting that encryption would not be used on the computing devices in the network that are outside of this primary physical location.
One of the…
Merkow, M.S., Breithaupt, J. (2006). Information Security: Principles and Practices. Upper Saddle River: Pearson Prentice Hall.
Stafford, M. (2010). "Hackers crack cell phone encryption." Tech News Daily. Retrieved from http://www.technewsdaily.com/70-hackers-crack-cell-phone-encryption.html
Williams, P. "The Apache Software Foundation and its influence on data management." www.dataversity.com. Retrieved from http://www.dataversity.net/the-apache-software-foundation-and-its-influence-on-data-management/
Specifically, perimeter security requires protocols for continuous monitoring of the entire perimeter, especially in conjunction with responding to potential breaches in any given sector (McGee 2006). Grounds and perimeter security also requires scenario-based training in conjunction with non-security-related emergency procedures. Specifically, periodic emergency drills involving building tenants and personnel may present a vulnerability where grounds and perimeter security procedures are not equipped to accommodate larger than normal volumes of foot traffic, such as typically associated with fire drills.
Optimal grounds and perimeter security protocols must include procedures for accommodating the increased traffic necessitated by non-security-related emergency drills without compromising general grounds and perimeter security considerations. For the same reason, information detailing emergency drill schedules must be protected from unauthorized access or unnecessary dissemination in advance (Larson 2007).
The primary technological advances in physical facility, building, grounds, and perimeter security relate to computerization of relevant security information and its…
Larsen, R.J. (2007) Our Own Worst Enemy: Asking the Right Questions About Security to Protect You, Your Family, and America. New York: Grand Central Publishing
McGee, J. (2006) International Special Events; FBI Law Enforcement Bulletin, Vol. 75, No. 1. (pp.10-18).
Reed. B. (2008) Future Technology in Law Enforcement; FBI Law Enforcement Bulletin, Vol. 77, No. 5. (pp.15-21).
External building security seems to have taken on added significance since the 2001 strike against the orld Trade Center in New York city by terrorists that flew airplanes into the two buildings that resulted in their complete decimation. As one recent study determined, however, there are modern remedies that help against future attacks of similar nature. One study in particular determined that "Ultra-high-performance concrete (UHPC) is particularly suitable for application in aircraft-impact-resistant high-rise buildings for combined load-bearing and protective structures" (Noldgen, Fehling, Riedel, Thoma, 2012, pp. 358). There are more concerns however in developing and maintaining security than just worrying about an airplane (or other missile) being used against a building for terrorism and mayham.
One of the concerns may include the access points to the building that may be vulnerable to entry by those who seek to control or damage the building. As the book reminds us…
Noldgen, M.; Fehling, E.; Riedel, W.; Thoma, K.; (2012) Vulnerability and robustness of a security skyscraper subjected to aircraft impact, Computer -- Aided Civil and Infrastructure Engineering, Vol. 27, Issue 5, pp. 358 -- 368
White House (2013) Columbia Electronic Encyclopedia, 6th edition, p. 1 -- 1
Chapters 10 -- 11 -- 15 in the book (you will have to put in the citation)
COUNTE-TEOISM AND THE DEPATMENT OF HOMELAND SECUITY
Counter-terrorism is popular as antiterrorism and incorporates techniques, practices, strategies, and tactics that militaries, governments, corporations and police departments adopt in attacking terrorist threats and acts either real or imputed. Both governments and insurgents use terror tactics. It is clear that some insurgents do not terror as tactics while others opt not to apply as other tactics have better outcomes for their particular contexts. Individuals may engage in acts of terror, as it was the case with Oklahoma City bombing (Katherine, Darmer & osenbaum, 2004). Where the terrorism acts are part of broader insurgencies, counter-terrorism forms an integral element of security doctrines. However, economic, political, and other measures focus on insurgencies as compared to specific terror acts. The United States uses foreign internal defense doctrine in its military programs to support other nations while attempting to suppress lawlessness, insurgency, or subversion and…
Katherine, M.B., Darmer, R.M., & Rosenbaum, S.E. (2004). Civil Liberties vs. National Security in a Post9/11 World. Amherst NY: Prometheus Books.
Nacos, B.L. (2012). Terrorism and Counterterrorism. New York: Longman/Pearson.
These devices can help to ensure customer violence is limited. Additionally, by investing in interpersonal training and dispute resolution courses for employees, companies can help to control coworker violence. Furthermore, the use of EAP (Employee Assistance Programs) for frustrated workers can help to provide some outlet for frustrations, further eliminating the possible problems (Hagan, 2004). Through polite, direct, proper communication, most acts of interpersonal workplace violence can be avoided.
ASIS. (2001). Certification. ASIS International. etrieved September 26, 2007 from ASIS International. Website: http://www.asisonline.org/certification/arp/certpromo.htm.
Chapter 498 Oregon Laws. (2001). [Online] etrieved July 10, 2007 from the Oregon State Legislature database. Website: http://www.leg.state.or.us/01orlaws/sess0400.dir/0498ses.html
Cole, D. (2002, September) Trading liberty for security after September 11. FPIF Policy eport. etrieved 8 July, 2007 at http://www.fpif.org/papers/post9-11.html.
Collins, P.A., icks, T.A., Van Meter, C.W. (2000). Chapter 8: Crime and the threat environment. Principles of security and crime prevention, 4th ed. Cincinnati, OH: Anderson Publishing.
ASIS. (2001). Certification. ASIS International. Retrieved September 26, 2007 from ASIS International. Website: http://www.asisonline.org/certification/arp/certpromo.htm .
Chapter 498 Oregon Laws. (2001). [Online] Retrieved July 10, 2007 from the Oregon State Legislature database. Website: http://www.leg.state.or.us/01orlaws/sess0400.dir/0498ses.html
Cole, D. (2002, September) Trading liberty for security after September 11. FPIF Policy Report. Retrieved 8 July, 2007 at http://www.fpif.org/papers/post9-11.html .
Collins, P.A., Ricks, T.A., Van Meter, C.W. (2000). Chapter 8: Crime and the threat environment. Principles of security and crime prevention, 4th ed. Cincinnati, OH: Anderson Publishing.
Virtualization: Benefits of XenServer
Disadvantage of XenServer
Virtualization Security Challenges
Implementation of XenServer
The objective of this study is to examine the use of Citrix XenServer which is a free virtualization platform based on the open-source Xen hypervisor and to examine the implications, advantages and disadvantages of having an open-source virtualization product such as XenServer.
XenServer is a "full open source model beginning with the new XenServer 6.2." (Citrix, 2015, p.1) Xenserver provided by Citrix is a paid version however, the upside to the paid version is that it is inclusive of both maintenance and support as well as having CPU socket licensing. It is reported that the "DNA of Xen and XenSource...is open source." (Citrix, 2015, p.1) In addition it is reported that "open source software leads proprietary software in cloud infrastructure [and] open source enables collaborative development and drives public trust." (Citric, 2015,…
Meeting the Challenges of Virtualization Security (2014) Trend Micro. Retrieved from: http://www.trendmicro.com/cloud-content/us/pdfs/business/white-papers/wp_meeting-the-challenges-of-virtualization-security.pdf
Microsoft Hyper-V vs. Citrix Xen Server (2014) Custom Systems. Retrieved from: http://www.customsystems.com/microsoft-hyper-v-vs.-citrix-xen-server/
XenServer 6.2 Is Now Fully Open Source (2013) Citrix. Retrieved from; http://blogs.citrix.com/2013/06/25/xenserver-6-2-is-now-fully-open-source/
Clearly better virtualization with Citrix XenServer (nd) Retrieved from: https://www.moonsoft.fi/materials/citrix_better_virtualization.pdf
HLS-355: CRITICAL THINKING FOR HOMELAND SECURITY Final Project
The fight against Hurricane Katrina in a political environment set on fighting terrorism
Improving security can be a particularly challenging mission and this makes a critical thinking technique particularly useful for a person or a community to effectively strengthen their position and legislations. One of the first things that someone dealing with the concept needs to consider is the fact that security can never be one hundred percent foolproof. Even the most advanced security systems can be defeated and caring for such a system thus entails having to be in constant alert and to attempt to improve it every minute. The better a security system is, the harder it is for a criminal to defeat it and the more successful the individuals benefiting from it are.
Many individuals have a limited understanding of the idea of security, as they only tend to…
Bullock, J., Haddow, G, & Coppola, D.P., "Introduction to Homeland Security: Principles of All-Hazards Risk Management," (Elsevier, 2012)
Kiltz, Linda, "Journal of Homeland Security and Emergency Management," Retrieved October 22, 2014, from http://www.innovative-analytics.com/wp-content/uploads/2013/05/DevelopingCriticalThinking.pdf
Matthews, J. "Mass Shootings: Six Steps to Survival," (eBooks2go, 10 Jan 2014)
Purpura, P. "Terrorism and Homeland Security: An Introduction with Applications," (Butterworth-Heinemann, 29 Aug 2011)
The Key equirements of Network Infrastructure Security
Measures for Internal Network Architecture
Storage of sensitive information on Networked Systems
Network Connection Control
Third Party Access to Internal Networks
Security of the IT network for any company is very important. Scores of sensitive business information is stored electronically in the IT systems and the company network. An unsecured or a partially secured network has the potential to cause financial losses to the company if the information falls in the wrong hands. Therefore there is need for installing and network security systems.
For any network security to become operational the company must first look into whether the system can be implemented technically and whether it can be implemented throughout the organization. Another consideration for the selection of the network security is to ensure that the system clearly define areas of responsibility for the users, administrators, and…
Andres, S. (2004). Security sage's guide to hardening the network infrastructure. Rockland, MA: Syngress Pub.
Convery, S. (2004). Network security architectures. Indianapolis, IN: Cisco Press.
Heng, S., Wright, R., & Goi, B. (2010). Cryptology and network security. Berlin: Springer.
1 | Page
Homeland Security and Emergency Management.
M7D1: Social Media and Risk Communications
According to Bullock (et al. 2013) the four methods of risk communication include mitigation or "to promote implementation of strategies, technologies, and actions that will reduce the loss of lives and property in future disasters; preparedness or "to communicate preparedness messages that encourage and educate the public in anticipation of disaster events;" response or "to provide to the public notification, warning, evacuation, and situation reports on an ongoing disaster and recovery or "to provide individuals and communities affected by a disaster with information on how to register for and receive disaster relief" (Bullock et al. 2013: 515). It is in the response phase which was critically lacking in the case of dealing with the threat posed by the D.C. sniper. There is always an element of fear in the case of spontaneous threats which emerge, as but a realistic…
Human Aspects in IT and Cybersecurity Outline
Government Justification of Informing Private industry to improve or Set up Cyber-security
Methods of the Government Interventions
Impacts of Government egulation on National Security
Failure to comply to related cyber regulations
Meeting the minimum requirements.
Exceeding the Minimum equirements
The economic and national security of the United States rely on the effective functioning of the country critical infrastructures. ecently, the U.S. government has issued an executive order to manage the cybersecurity and protect the country critical infrastructure since a destruction of the critical infrastructures whether virtual or physical can have a negative impact on the national economic security, safety or national public health. The computer and information systems are part of the country critical infrastructures that facilitate effective data communication between organizations. Presently, the U.S. information systems have enhanced interconnectivity that enhances business advantages, which has never happened before. Despite the benefits of…
Coyne, C.J. (2012). Who's to Protect Cyberspace? Department of Economics Hampden-Sydney College
Liu, E.C. Stevens, G. Ruane, K. A. et al. (2013). Cybersecurity: Selected Legal Issues. Congress Research Service
Rosenzweig, P. (2012). An emerging threats: Cybersecurity and Public Goods. The Public/Private "Partnership." Hoover Institution, Stanford University
Stalling, W. (2011). Cryptography and Network Security Principles and Practice. (Fifth Edition). Pearson Education, Inc. Prentice Hall
Security Analysis' has been current for more than 60 years. Graham and Dodd are not only astute observers but also veterans in the field of investing. They have seen investment markets and businesses plunge and raise themselves and have observed investor's behavior under all conditions.
Although their books are classics, Graham and Dodd manage to write in a clear and contemporary style that is just as applicable today as it was then. They provide details and techniques for achieving success as investors as well as the responsibilities of businesses to be transparent about the affair of their businesses for shareholders and potential investors.
The brunt of the book, however, is its timeless advice to students that careful assessment and review of balance sheets is the essence and key to success in investment.
The fact that Buffet writes that he has been following their "road map" for 57 years and that…
Graham, BG & Dodd, DL. Security Analysis: Principles and techniques. McGraw Hill, 2010.
security of the U.S. And Canadian border is in peril. There is an unprotected route allowing the free-flow of terrorists from around the world into Canada and then into the U.S. This is a national security situation that threatens our way of life. hat are our options for eliminating this threat?
By definition a liberal is a man or a woman who believes in liberty. Liberalism as a philosophy has evolved as a defense of individual citizen's liberties against the potential tyranny of his or her ruling state. Liberals such as John Locke have typically maintained that humans are naturally in 'a State of perfect Freedom to order their Actions ... As they think fit ... without asking leave, or depending on the ill of any other Man," In other words, unless the individual's liberty impinges upon the liberty of another individual, than that individual should do as he or…
Gaus, Gerald. "Liberalism." The Stanford Encyclopedia of Philosophy, 2001. Available online November 3, 2004 at http://plato.stanford.edu/entries/liberalism/
Intrusion detection is the method of keeping track of the events taking place inside a computer or perhaps a network and then examining them to get indications of potential situations, that are transgressions or impending dangers of breach of IT security procedures, appropriate usage guidelines, or standardized security strategies. Intrusion prevention is the method of carrying out intrusion detection as well as trying to stop recognized potential situations. Intrusion detection as well as prevention systems (IDPS) happen to be mainly centered on determining potential situations, writing down details about them, trying to end all of them, as well as reporting these to security managers. Additionally, businesses make use of IDPSs for various other objectives, like identifying issues with security guidelines, documenting current risks, as well as stopping people from breaking safety guidelines. IDPSs have grown to be an essential accessory for the security system involving just about any…
Allen, J., Christie, A., Fithen, W., McHugh, J. And Pickel, J. (2000). State of the Practice of Intrusion Detection Technologies. Pittsburg, PA: Carnegie Mellon Software Engineering Institute, January.
Base, R. And Mell, P. (2001). SP 800-31, Intrusion Detection Systems. Washington, DC: National Institute of Standards and Technology.
Kent, K. And Mell, P. (2006). SP 800-94, Guide to Intrusion Detection and Prevention (IDP) Systems (DRAFT). Washington, DC: National Institute of Standards and Technology.
Kent, K. And Warnock, M. (2004). Intrusion Detection Tools Report, 4th Edition. Herndon, VA: Information Assurance Technology Analysis Center (IATAC).
Security and Co-Operation in Europe
The topics before the Organization for Security and Co-Operation in Europe (OSCE) are: Combating Human Trafficking; Supporting Post-Conflict Stabilization and Institution- Building in Kyrgyzstan; and Energy Supply as a Factor of Instability. Greece is dedicated to assisting the OCSE to combat human trafficking, to supporting OCSE initiatives to stabilize and build democratic institutions in Kyrgyzstan, and I. Combating Human Trafficking
As a committed member of the United Nations and the European Union, Greece supports the objectives outlined by both organizations to combat human trafficking. . Accordingly in an effort to combat human trafficking, Greece has increased its efforts to disrupt major human smuggling rings and arrest the individuals involved, and coordinated these efforts with similar efforts by both the European Union and the United Nations. The delegation from Greece signals that its enforcement has been stepped up, which is reflected in the increased number of…
The first 10 years the 21st century began a seemingly new age of terror and fear where heightened alert statuses and preventive measures can be seen as taken to extremes. The macrocosmic status of the global affairs which are often riddled with warfare, strife and suspicion can be examined at the microcosmic level within the information security and data protection industry. The purpose of this essay is to examine these questions: "How should we decide how secure we want our information to be? And who should be responsible to make these decisions? I'll answer these questions using ideas connecting the rationality of fear and security. Next I'll examine how materialism has distracted technology from its true essence, to help mankind. Lastly I will offer solutions to hopefully eliminate confusing and overbearing problems that humanity's quest for security can both effectively and efficiently have serious impact on that condition.
Antonopoulos, A. (2011). " Can you have too much security? "NetworkWorld May31, 2011. Retrieved from: http://www.networkworld.com/columnists/2011/053111-andreas.html
CIOinsight. (2005). "Jurassic Plaque: the u-curve of security." April 21, 2005.
Fact Forum Framework. (n.d.) "Computer Security." Retrieved from http://www.caplet.com/security/taxonomy/index.html
Lipowicz, A. (2010). "Wikileaks fallout: white house orders classified data security review." Federal Computer Week Nov 30, 2010. Retrieved from http://fcw.com/articles/2010/11/30/white-house-wikileaks-classified-data-security - review.aspx
Health-Care Data at Euclid Hospital Security and Control: A White Paper
Protecting Health-Care Data
The efficiency of the modern healthcare system is increasingly becoming reliant on a computerized infrastructure. Open distributed information systems have been initiated to bring professionals together on a common platform throughout the world. It needs to be understood that easy and flexible methods of processing and communication of images; sound and texts will help in visualizing and thereby cure illnesses and diseases effectively. Another aspect is that the easy access and usage can risk patient privacy, accountability, and secrecy associated with the healthcare profession. Therefore, Information Technology -- IT must be able to focus mainly on improving the health of the patient and should not put the patient's health in danger. (IO Press)
This implies that right data has to be made available to the right person at the right time. IT strongly affects the confidentiality…
A WWW implementation of National Recommendations for Protecting Electronic Health
Accessed 21 September, 2005
IO Press. Retrieved from http://www.iospress.nl/loadtop/load.php?isbn=9051992661
Information System Security Plan
The information security system is required to ensure the security of the business process and make the confidential data of the organization secure. The organization's management is required to analyze the appropriate system to be implemented and evaluate the service provided on the basis of their required needs. The implementation of the system requires the compliance of organizational policies with the service provider to ensure the maximum efficiency of the system. The continuous update and maintenance of the system is required to ensure the invulnerability of the system towards the potential internal and external threats.
Data Security Manager and Coordinator
Evaluate Service Providers
Change Passwords Periodically
estricted access to personal information
Safeguard paper records
eport unauthorized use of customer information
Terminated Employees 1
3. External isks 1
3.1 Firewall Protection 1
3.2 Data Encryption 1
Baskerville, R., & Siponen, M. (2002).An information security meta-policy for emergent organizations.Logistics Information Management, 15(5/6), 337-346.
Dlamini, M.T., Eloff, J.H., & Eloff, M.M. (2009). Information security: The moving target. Computers & Security, 28(3), 189-198.
Dhillon, G., & Backhouse, J. (2000). Technical opinion: Information system security management in the new millennium. Communications of the ACM, 43(7), 125-128.
Jain, A.K., Ross, A., & Pankanti, S. (2006). Biometrics: a tool for information security. Information Forensics and Security, IEEE Transactions on, 1(2), 125-143.
It therefore assists in identifying network vulnerability and corrects them immediately.
Ferland (2009) noted that Secure Socket Layer (SSL) is a network protocol used in encrypting data so that the information send remains secure until it reaches its destination. It also used in the validation of the identity of the website which is using certificate. It informs the user the authentication of the website and that such a web site as been validated by the third party certificate authority. Both the source and destination of any send data has their own unique keys for encryption. However, the organization would install SSL certificate so that the customers has trust in our website
Digital certificate is describes as an electronic "tag" that shows the credentials of an organization when doing business or any other transaction online. The certificate contains the name of organization, serial number, and expiry date,…
Al-Slamy K., (2008) E-Commerce: Security Challenges and Solutions
Stawowski M., (2007). The Principles of Network Security Design
The Global Voice of Information Security; ISSA Journal | October 2007
Ferland M., (2009). WIPO Customer Certification Authority Information
Corporation Transactions and Misrepresentation of Financial eports
Business law also called commercial law is a branch of civil law that governs business as well as, commercial transactions, and deals with both the private and public law. The branch created to ensure that, they are no exploitation and manipulation of people as well as rules and regulation in order to benefit some members of a business. This means that should one break or manipulate the rules and regulation in his favor. The or she must face the court in accordance with the law. With legal rights of all investors considered as an important element of the business law, we examine the board changes within the filling of the shareholder derivative lawsuits and might not be frivolous. Also, lack of highly competent employees within a business can lead to tremendous losses and to some extent closure of the business in accordance with…
Arlen, J. (1994). The Potentially Perverse Effects of Corporate Criminal Liability, the Journal of Legal Studies 23 (June), 833.
Becker, G.S. (1968). "Crime and Punishment: An Economic Approach." Journal of Political Economy 76 (March/April), 169-217.
Zingales, L. (2004). The Costs and Benefits of Financial Market Regulation, European Corporate Governance Institute working paper 21/2004
oom With a View
Enterprise isk Assessment
The principle risk associated with the Data Security Coordinator and his or her role in the security plan is in properly training employees and selecting the proper service providers. Additionally, it is necessary to continually monitor and evaluate the progress of service providers to ensure that they are compliant with both enterprise and industry standards. Internally it is necessary to ensure that there is a set period of no more than a month for which passwords must be changed. Personal information should be accessible only to the Data Security Coordinator and to C. level employees. An orderly, formal procedure needs to take place for de-provisioning terminated employees in which they provide access to all of their data and have all of their employee access denied. isk assessment for external risks includes evaluating and monitoring the progress of the service provider responsible for provisioning…
Harper, J. (2014). Data replication: The crux of data management. www.dataversity.net Retrieved from http://www.dataversity.net/data-replication-crux-data-management/
Harper, J. (2014). Cloud data protection. www.dataversity.net Retrieved from http://www.dataversity.net/cloud-data-protection/
Macroeconomics in the News
In her recent article The 'Go Fast' and 'Go Big' Fiscal Challenges, economics professor Laura D'Andrea Tyson uses a combination of straightforward language and complex terminology to explain the intricacies of our nation's current budgetary crisis. ith the January 1st deadline for the so-called "fiscal cliff," a $600 billion package of mandatory spending cuts and tax hikes, fast approaching, Tyson proposes that America's economic plight is actually twofold when the impending debt ceiling debate is also considered. Through a comprehensive analysis of the various factors affecting the debate, including stagnant unemployment rates, entitlement reforms to Medicare, Medicaid and Social Security, and the eventual impact of the Affordable Care Act, the author presents her case for a macroeconomic-based approach to balancing the budget, reducing the national debt, and leveling the playing field in terms of taxation.
Analysis: These esoteric concepts may sound like mere abstractions, but the…
Tyson, Laura D'Andrea. "The 'Go Fast' and 'Go Big' Fiscal Challenges." New York Times 05 Dec 2012. Print. .
capital is defined as the "return expected by those who provide capital for the business" (Gallo 2025). Both managers and investors may calculate the cost of capital, investors to determine whether the company is a worthwhile risk and managers to determine if particular ventures are worth the risk in relation to the return (Gallo 2015).
In 2009, ExxonMobil (XOM) acquired XTO Energy for $41 billion. The acquisition provided ExxonMobil an opportunity to engage in the development of shale and unconventional natural gas resources within the continental United States. This acquisition added to ExxonMobil's existing upstream (exploration and development) activities. In addition to this business segment, ExxonMobil was also engaged in chemicals and downstream operations related to the refining of crude oil into a variety of consumer and industrial products. How do you think the company should approach the determination of its cost of capital for making new capital investment decisions?…
Capital investment decisions. (2015). Capital Investment. Retrieved from:
Gallo, A. (2015). A refresher on the cost of capital. Harvard Business Review. Retrieved from:
Stone's treatise on Liberty fascinating particularly since I have been much intrigued by philosophers' depiction of an ideal metropolis (with, therefore, ideal liberty) in general, and with Leibniz's political jurisprudence (and ideal liberty) in particular.
Leibniz, draws on Ulpian's oman code for basis but goes beyond that in extrapolating and arguing that ideal liberty should constitute not only strict Justice but also Charity (i..e national welfare). He then goes on to state that the highest strata of liberty is one where the country is regulated per a City of God. What this, essentially, means is that Justice and Charity should be combined with ethical attributes (that he called Piety).
Comparing this to Mill's definition of liberty presented by Stone I see an interesting correspondence as well as contrast.
Mill states that the government is only justified in restricting behavior that impedes others. Connecting that to contemporary concerns one may argue…
Arnstein, Sherry R. "A Ladder of Citizen Participation," JAIP, Vol. 35, No. 4, July 1969, pp. 216-224.
H.George Frederickson, Social Equity and Public Administration: Origins, Developments, and Applications, M.E.Sharpe (chapter 2 & 3)
Deborah Stone, Policy Paradox: The Art of Political decision Making, WW Norton and Co Revised Edition (Chapters 4 & 5)
Drawing from Maslow's hierarchy of needs, Shank's old boss failed to fulfill the needs of both esteem and belonging. Belonging is related to making sure employees are comfortable and feel that they are part of the team or group. Although esteem is making employees feel a sense of accomplishment. Shank has described the former boss as being non-motivating, having no relationship with employees and having told employees that they are just a number in the organization. During the tenure of the former boss, motivating employees was not a prime factor. The former boss ran the company on the bottom line of getting things done, making profit, efficiently and effectively. If things were not done in the right manner, the boss would replace the employees. Since the boss is operating at a twofold level of the Maslow's hierarchy of needs (security and physiology), its top priority must be to motivate…
Identity Management and Security Awareness Training Plan Strategy
Duration and frequency: three sessions of one hour each. Technology developments that are used in permanently updating the company's security features must be communicated to employees. Update training sessions of two hours must be performed every three months in order to keep up with technology improvements.
The training program must inform employees on the company's security guidelines. The administrative, technical, or physical safeguards intended to protect the personal information of clients and employees must be communicated and explained to all department members. In addition to this, the company must identify current attitudes towards information security that employees have (Winkler & Manke, 2013). The training material will be structured in accordance with these attitudes.
In this case, the question is whether to select an in-house or an outside trainer. An outside trainer could have more experience on…
1. Winkler, I. & Manke, S. (2013). The 7 elements of a successful security awareness program. CSO Online. Retrieved February 14, 2015 from
Introduction to Security Measures
The history of security is fairly lengthy. Security has always accompanied organized civilizations for nearly as long as they have been extant. Initially, security was begotten from the need to protect important personages who, not infrequently, were in the private sector. Therefore, the history of security can be traced to the private security guards who were appointed to protect the Pharaohs and the rulers in Egypt. It is worth noting that these security personnel worked for those in the public sector, yet were themselves comprised of individuals from the private sector. In general, this trend would continue to this very day, in which there are currently private security companies engaged in services in which they are combating forces of ISIS for the public sector.
Perhaps the most notable security advancements to initialize within Westernization are found in the history of ancient Rome. The Vigiles Urbani was…
Home Security Vulnerabilities
Having observed my residence from the outside so as to identify key security vulnerabilities or weaknesses, I now come up with an in-depth security vulnerability assessment of the said residence. Included in this assessment are recommendations on how the identified vulnerabilities or security weaknesses will be eliminated and/or minimized.
Vulnerability Assessment and ecommended Security Enhancements
Intruders more often than not 'case' homes before they attempt a robbery. What this means is that intruders scout for key vulnerabilities that would make a certain home their likely target. Having looked at my residence from an intruder's point-of-view, I was able to identify a number of key security vulnerabilities. In the section below, I revisit some of the vulnerabilities I spotted and make recommendations that would in addition to eliminating the said vulnerabilities also make my home more secure.
To begin with, the open bedroom window presents a perfect opportunity…
Capel, V. (1997). Home Security: Alarms, Sensors and Systems (2nd ed.). Jordan Hill, Oxford: Newnes.
Protections for hardware, software, and data resources. (American Health Information Management Association, 2011, paraphrased)
V. Legal and Ethical Issues
Security professionals are held responsible for understanding the legal and ethical aspects of information security including crimes, investigation of computer crimes and specifically it is stated that certified security professionals "…are morally and legally held to a higher standard of ethical conduct." (U.S. Department of Health and Human Services, 2011)
There are four primary canons established in (ISC)2 code of ethics for credentialed security included those stated as follows:
(1) Protect society, the commonwealth, and the infrastructure
(2) Act honorably, honestly, justly, responsibly, and legally
(3) Provide diligent and competent service to principals
(4) Advance and protect the profession (U.S. Department of Health and Human Services, 2011)
Three credentials are held by information security professions include the following credentials:
(1) CISSP -- Certified Information Systems Security Professional, credentialed through the International…
Kurtz, Ronald L., and Russell Dean Vines. The CISSP Prep Guide (Gold Edition). Indianapolis, in: Wiley, 2003, p. 345.
Summary of the HIPAA Security Rule (2011) U.S. Department of Health and Human Services. Retrieved from: http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
The 10 Security Domains (AHIMA Practice Brief) (2011) Retrieved from: http://www.advancedmedrec.com/images/The10SecurityDomains.pdf
Walsh, Tom. "Selecting and Implementing Security Controls." Getting Practical with Privacy and Security Seminars, AHIMA and HIMSS, 2003.
Operation of the Homeland Security Council
Creates the Homeland Security Council and sets down is functions.
This directive creates the Homeland Security Council (HSC) and lists its functions. The purpose of the HSC is to synchronize homeland security-related efforts across executive departments and agencies of all levels all through the country, and to put into practice the Department's policies by way of eleven Policy Coordination Committees.
Homeland Security Presidential Directive 3: Homeland Security Advisory System
Creates a Homeland Security Advisory Board to issue security threat levels. There are five threat levels, each identified by a description and corresponding color. From lowest to highest, the levels and colors are: Low = Green; Guarded = Blue; Elevated = Yellow; High = Orange; Severe = ed. The higher the threat level is, the greater the risk of a terrorist attack. isk includes both the likelihood of an attack taking place and its potential…
Homeland Security Presidential Directives. (2011). Retrieved from http://www.dhs.gov/xabout/laws/editorial_0607.shtm
A proposal to change the program
educing Benefits: This can be done in various ways. Monthly benefits can be reduced by minimizing cost of living adjustments or by minimizing the primary insurance amount (PIA) for a certain average indexed monthly earnings (AIME). Other proposals include targeting reductions towards high-income retirees. Benefits can also be reduced by increasing the retirement age or imposing full taxes on social security benefits. These benefit reduction proposals are some of the simplest and cheapest to implement. If future clients expect lower benefits, they are expected to save more or work longer; all of which will have a positive effect on the economy (Midgley, 2006).
Complete privatization: one of the radical proposals is to erase the social security system and encourage individuals to save in their accounts held by private investment companies. Owners of accounts will have great discretion over their decision of investment…
Brown, J., Liebman, J., & Wise, D. (2009). Social Security Policy in a Changing Environment. Chicago: University of Chicago Press.
Cross, T.E. (2010). Social security: Capital markets & educational issues associated with individual accounts. S.l.: Diane Pub Co.
Midgley, J. (2006). Challenges to social security: An international exploration. Westport, Conn. [u.a.: Auburn House.
Physical Security Design
The physical security of any entity is largely pegged on the risk assessment mechanisms used. Prior to implementing any physical security plans, it is fundamental to comprehend the types of threats that the entity is faced with, the possibility that the threats will occur, and the level of damage likely to be inflicted in the threat happens. Firms involved in risk management should be able to assist in the identification of the vulnerability areas and thereafter form a functional and sound physical security plan. Schools, businesses, government agencies, and private institutions and individuals and can enjoy the benefits of using exert help in risk management.
In order to prevent theft business entities with large inventory, schools, government institutions with confidential and privileged data and personal private residents require comprehensive physical security systems. Physical safety is one of the most vulnerable. The times we live in today detail…
The CBP (Customs and Border Protection) is a unit in the homeland security department and is the agency responsible for regulating, monitoring and facilitating flow of products at the points of entry. CBP policy formulation is done is such a way as to ensure that there is smooth movement of cargo through the border line. CBP enforces the customs and trade rules which are put in place with a view of protecting businesses and customers in the U.S. and collect revenue. CBP also enforces security laws for imports formulated with an objective of preventing illegal drugs, mass destruction weapons and contraband commodities from accessing the U.S.A. The U.S. congress is charged with the duty of defining and authorising the functions of international trade within CBP, allocation of funds for conducting program CBP oversight. The current laws authorising facilitation of trade and enforcing CBP functions are centred on a…
Too often people focus on values, norms, and specifics while ignoring the principles that they are based on.
Principle-centered leadership, on the other hand, can be applied to any generation or any type of organizational culture. Another reason why Covey's book is effective is because he continually reverts to the central ideas of natural law and self-discipline. Natural law is best conveyed through the image of farm work: Covey offers this metaphor throughout Principle-Centered Leadership to underscore why principles, not values, guide effective leaders. After all, what an effective farmer does in his or her daily life is quite different from what an effective CEO does. If one focuses only on their core values, only differences would be evident. However, if one closely examines the principles that guide both the farmer and the CEO, key similarities in their leadership styles and personality traits will be made evident. These are the…
isk Communication and Its Importance for the Security Manager
Identify what risk communication is and explain its importance for the security manager
Communication is a significant factor in all aspects and sectors of life. The social, political or economic features of are transmitted exclusively through communication. Communication is the act of conveying information and messages from an individual to another or a group. It serves to, teach, educate, learn, entertain and to warn among other purposes. Thus, in any organization or area of a corporate or personal life, it is imperative to have effective and efficient communication. The safety of a person, corporate organization or a nation can always be assured. Communication is, therefore, needed in ensuring this safety.
What is risk communication?
If you are told that, in the path, you are about to take, there is a gargantuan poisonous snake lying by the side of the path; you…
Roeser, S., Hillerbrand, R., Sandin, P., & Peterson, M. (2012). Handbook of Risk Theory:
Epistemology, Decision Theory, Ethics, and Social Implications of Risk. Dordrecht:
Hayes, R. (2007). Retail security and loss prevention. Basingstoke [u.a.: Palgrave Macmillan
Cisco SAFE's Network Security Planning
Cisco SAFE has significantly help in securing large internetwork that has remain a daunting challenge; this complexity has been facilitated through cloud computing as well as social networks. Cisco SAFE architecture offer guidelines of design and implementation which are detailed that is used for building secure and reliable network infrastructures as well as the policies supporting them. The guides have been established based on security best practices that have been amalgamated with several hours spent in designing, testing, and documentation.
Since the contemporary organizational environment is full of threats, the target is directed on everything and Cisco SAFE uses defense-in-depth approach to provide the needed security. Systemwide intelligence approach for SAFE tend to address network devices; security of the infrastructure, applications and application servers; endpoints; email; web; databases; storage systems; communications devices; and other servers. This is accomplished through putting emphasis…
It closely links human rights violations with national and international insecurities. And the concept enhances development thinking by expanding real freedoms already enjoyed by people. Protecting security, therefore, urgently requires a new consensus among all countries, whether developed or developing. It must aim at reviewing current foreign policies and aiming at creating real opportunities for people's safety and dignity.
Rethinking the Concept
Human security focuses more on generalized poverty than average well-being.
General poverty means being below a threshold of well-being. A policy on human security concerns itself mainly with persons in situations of deep want. Human development pertains to average levels of human well-being. Many believe that human security must be a priority in human development. A "prioritarian" view is for the improvement of everyone but emphasis on that of those at the bottom. An egalitarian view wants well-being to be distributed across all persons. An egalitarian person will…
Compass. Human Security. Manual on Human Rights Education with Young People:
Council of Europe, 2000. Available from http://www.eycb.coe.int/compass/en/pdf.5_10.pdf; internet: accessed 29 Oct 2009
Fuentes, Claudia F. And Aravena, Francisco Rojas. Promoting Human Security: Ethical,
Normative and Educational Frameworks in Latin America and the Caribbean.
This was in keeping with the Marxist principle of a classless society. In the United Nations, the United States has had an equal standing with other nations such as ritain, France, and the Soviet Union. The United States has participated in United Nations actions and made a show of being a part of the international community while maintaining its superpower status outside of the United Nations' walls. In light of new global political conditions that emphasize global cooperation and governance, rather than government (aylis & Smith, 13), the United Nations still has an important role to play, and the United States has a role to play in it.
While the United States continues to be a member of the United Nations, it is no longer really a true team player. The United States, while still making a show of belonging to the United Nations, now more closely follows the principle…
Baylis, J & Smith, S 2005, The Globalization of World Politics, Oxford University Press, Oxford.
Hirst, P 2001, War and Power in the 21st Century, Polity Press, Cambridge.
Janis, Irving 1982, Groupthink, Houghton Mifflin, Boston.
Kaldor, M 1999, New Wars and Old Wars: Organized Violence in a Global Era, Stanford University, Stanford.
EP and Information Security
Introduction to EP
Even though the plans of information security include the prevention of outsiders to gain access of internal network still the risk from the outsiders still exists. The outsiders can also represent themselves as authorized users in order to cause damage to the transactions of the business systems. Therefore, strict prevention measures should be taken to avoid such situations.
The threats of both the hackers have been increased with the software of the enterprise resource planning (EP) (Holsbeck and Johnson, 2004). By performing acts of deception, the system privileges are neglected by them and take old of the assets which are mainly the cash. Its continuous integration has not succeeded in eliminating the threat of hackers who are either the insiders or enter through the perimeter security.
Considering the financial losses caused from the system-based frauds, errors and abuse by business transactions, new ways…
Bell, T., Thimbleby, H., Fellows, M., Witten, I., Koblitz, N. & Powell, M. 2003. Explaining cryptographic systems. Computers & Education. Volume 40. pp 199 -- 215.
Blosch, M. & Hunter, R. 2004. Sarbanes-Oxley: an external look at internal controls. Gartner. August.
CobiT Security Baseline. IT Governance Institute. http://www.itgi.org
Dhillon, G. 2004. Guest Editorial: the challenge of managing information security. International Journal of Information Management. Volume 24. pp 3 -- 4.
UN Security Council
Proliferation of chemical, biological and nuclear weapons to terrorist organizations is inarguably one of the greatest menaces threatening international peace and security today.[footnoteef:1] Since the turn of the century, this sentiment has grown in strength across the world, and as a countermeasure to this threat, in 2004, the United Nations Security Council passed esolution 1540 to combat the dangerous nexus between the spread of weapons of mass destruction (WMD) and terrorism. Adopted under Chapter VII of the UN Charter, the esolution mandates that all member states criminalizes and put into place a national enforcement system to deter and punish proliferation activities. Additionally, provisions under esolution 1540 entail physical safety and security measures, as well as the adoption of border and export controls to detect, deter, prevent, and combat illicit trafficking. [1: During the 2010 Washington, DC Nuclear Security Summit, the United States President Barack Obama stated that…
AG/RES. 2333 (XXXVII-O/07) Support for Implementation at the Hemispheric Level of United Nations Security Council Resolution 1540 (2004)," adopted at the fourth plenary session (June 5, 2007); ASEAN Regional Forum,
Charter of the United Nations, chp. VIII, art. 52.
Fawcett, p. 3; UN Secretary-General's remarks to the Security Council debate on the role of regional and sub-regional organizations in the maintenance of international peace and security New York, 6 November 2007.
traditional principles of just war guide states in fighting terrorism, or do new rules have to apply?
War has been waged much in the same manner, barring technological advances, for centuries. Wars are fought between sovereign nation states and the regimes that control them or against civil challenges to sovereign nation states from within, and yet the current so called war on terror is very obviously a different animal all together than any previous war. Yet, like so many other national and international challenges there is a reluctance to change.
The questionable link that the ush administration established between its war on terror and its military intervention in Iraq, as well as its apparent willingness to suspend fundamental rights if the 'war' requires it (exemplified by its practices in Guantanamo ay and its exhortations to extradite terror suspects across Europe), have contributed much to the striking fact that many citizens…
Arquilla, J. (2007). The End of War as We Knew It? Insurgency counterinsurgency and lessons from the forgotten history of early terror networks. Third World Quarterly, 369-386.
Michta, A.A. (2008, January). Double or Nothing. National Interest, 58-61.
Monar, J. (2007). The EU's approach post-September 11: global terrorism as a multidimensional law enforcement challenge. Cambridge Review of International Affairs, 20 (2), 267-283.
Richard H. Fallon, J. (2010). The Supreme Court, Habeas Corpus, and the War on Terror: an Essay on Law and Poltical Science. Columbia Law Review, 352-398.
Regarding Border ecurity, "the Department of Homeland ecurity prevents and investigates illegal movements across our borders, including the smuggling of people, drugs, cash, and weapons" (DH.gov. Border ecurity. 2012. PP. 1). Customs, Coast Guard, and Immigration (IN) are working departments in this area.
Preparedness, Response, Recovery refers to "providing a coordinated, comprehensive federal response and mounting a swift and effective recovery effort" (DH.gov. Preparedness. Response. Recovery. 2012. PP. 1). FEMA is the direct provider of government action and coordination in this realm.
On Immigration, "the Department is responsible for providing immigration-related services and benefits such as naturalization and work authorization" (DH.gov. Immigration. 2012. PP. 1). IN is the primary vehicle in this context however, cross-over with Border ecurity functions are common.
Lastly, DH engages in cyber security "keeping our federal civilian networks secure, and secure the cyberspace and critical infrastructure on which we all depend" (DH.gov. Cyber ecurity. 2012. PP.…
Succinctly, no! The encompassing mission of the DHS is so broad as to incorporate far too many active departments, agencies directorates, and components for the structure to effectively work. The flow chart itself is complex in its reporting and layered approach. The unification which is necessary to protect the U.S. from threats is not possible under the auspices of a broad tent approach to control and information dissemination. As an example, a recent report indicated "86 reported attacks on computer systems in the U.S. that control infrastructure, factories, and databases between October 2011 and February 2012" (Schmidt, M. March 13, 2012. PP. 1); yet no one Federal agency "has the authority to compel businesses that run the nation's infrastructure to improve their security" (Schmidt, M. March 13, 2012. PP. 1). If the DHS were to assume control of this task, the assumption would be that economies of scale in resources and scope would allow for greater efficacy. The counter is that the nimbleness and coordination necessary to prevent such hacking is anathema under a monolithic structure. Decentralization would be a more logical method of countering the multiple risks to homeland security.
2. Are there any federal, state, and/or local agencies present in DHS that do not belong? If so, explain why / if not, explain why. Be detailed.
The best example, and most obvious is FEMA, the
Network Security: Past, Present and Future
The work of Curtin (2007) states that a network is defined as "any set of interlinking lines resembling a net, a network of roads -- an interconnected system, a network of alliances." Quite simply a computer network is a system of computers that are interconnected. There are seven layers of communication types identified by the International Standards Organization (ISO) Open Systems Interconnect (OSI) eference Model as well as the interfaces among them. Each layer is stated to be dependent on the services that the layer above it provides including the physical network hardware.
Technology: Description and Area of esearch
The most popular networks which have been used over the past twenty-five years and which include both private and public networks include the following network services: (1) UUCP -- Unix-to-Unix CoPy: This was developed originally for connecting Unix hosts together however, since that time UUCP…
Bouchard, Mark (2009) WANTED: The Future of Network Security for Service Providers -- Now!AimPoint Group, LLC. Juniper Networks. Retrieved from: http://www.juniper.net/us/en/local/pdf/whitepapers/2000301-en.pdf
Cisco Security Planning and Design Service (2010) Cisco Systems. Retrieved from: http://www.planetcisco.org/en/U.S./services/ps2961/ps2952/services_datasheet_securitypd.pdf
Graff, Mark (2002 ) The Future of Internet Security. Para-Protect. Retrieved from: http://www.markgraff.com/mg_writings/TFOIS6000.pdf
Keohane & Nye (2000) in: Schneider, Jim (2003) Globalization and Think-Tanks: Security Policy Networks. SAREM International Seminar, Istanbul, May 30, 2003. Retrieved from: http://www.policy.hu/schneider/GlobalTTs.pdf
Siracusa Principles Empowering Public Health
Investing in public health is substantial for the prosperity of human rights. This is based on the knowledge that public health commitment is a collective focus attempting to minimize the gap between the rich and the poor in accessing health resources. As a result, public health policy formulation is possible through national and international legislations. A good example of this legislation is the Siracusa principles. This study examines the various roles played by Siracusa principles in improving public health administration both nationally and internationally. This discussion will present a critical analysis of the background that lead to the development of this legislation and the impact it has had on general human rights practice. This study also focuses on the impact of the Siracusa principles in facilitating public health administration whilst using the Medicaid as a close example of its influence (Grodin et al.,…
Burchill, R., Davidson, S., & Conte, A. (2013). Defining Civil and Political Rights: The Jurisprudence of the United Nations Human Rights Committee. New York: Ashgate Publishing
Grodin, M., Tarantola, D., Annas, G., & Gruskin, S. (2013). Human Rights in a Changing World. New York: Routledge
Olesker, R. (2007). The Value of Security Vs. The Security of Values: The Relationship Between the Rights of the Minority and the Security of the Majority in Israel. New York: ProQuest.
Specifically, the Federal Bureau of Investigations (FBI) is one of the premier law enforcement organizations in the world. However, it was conceived, designed, and structured more for the purpose of investigating past crimes and apprehending and prosecuting criminals. For example, the FBI is, by design, a decentralized agency so that field offices in different states can pursue independent investigations. In the field of counterterrorism, the exact opposite structure is required: the counterterrorism mission demands a highly centralized structure whereby intelligence collected from many different locations and by many different agencies and entities is funneled into an integrated analysis center (Larsen, 2007). In many respects that deficiency still pervades the national homeland security mission, as evidenced by the failure of authorities to identify the perpetrator of the Northwest 253 plot on the basis of information that had previously been made available to the national counterterrorism and intelligence infrastructure.
Weapons of Mass…
Dershowitz, A. (2002). Shouting Fire: Civil Liberties in a Turbulent Age. New York:
Little Brown & Co.
DHS-FEMA. (2006). Fundamentals of Emergency Management: Introduction to Emergency Management. Accessed online December 28, 2009, from:
And it does this by conducting investigations and enforcing laws that deal with public health, order, and decency.
"Morals" and "decency" are not words one would expect to see in the core values of a secular institution like a police department, but they are definitely in line with the stated core beliefs of SLU. As stated previously, SLU has it basis in a strong Catholic ideology, which is permeated with morality and decency. Catholic teachings, which are at the center of the core values of SLU, teach a person to be a moral individual who acts with decency. While maintaining the core values of maintaining excellence, respecting the law, protecting communities, and acting with integrity, the Lubbock Police Department does not forget to maintain a code of moral conduct that also expects society to act within the norms of decency.
One of the causes of the failure of the United…
Casteel, Philip. (2011, Feb. 24). "Mayor Reacts to Terrorist Arrest in Lubbock." KCBD
Webpage. Retrieved from http://www.kcbd.com/story/14136417/mayor-reactas-to-terrorist-arest-in-lubbock?redirected=true
"Core Values." (n.d.) St. Leo University Webpage. Retrieved from http://www.saintleo.edu/About-SLU/Florida-Catholic-University
"Lubbock Police Department swears in 13 New Officers." (2011, Sept. 9). Lubbock
Advice on Handling Dismissals
The Minimum Wage
Working Time egulations
WOKES AND EMPLOYMENT
Gender and Sexual Orientation Discrimination
Discrimination on Grounds of ace or eligion or Age
Treatment of employees has come under scrutiny in the last few decades. Legislation has been passed to help facilitate effective regulation of a business/work environment. The areas covered by legislation are: employment contracts, work-related regulations (ie. Breaks and work conditions), minimum wage rates, unlawful/unfair dismissal, and discrimination/harassment on the grounds of gender, sexual preference, race, religious beliefs, disability, and in recent years, age. Legislation of this nature need to be a major concern for employers to not only follow, but implement. Dismissal of legislation could lead to large penalties, associated with compensation and legal fees.
Infringement of employees rights may also lead to a company/organization's poor public image. As most businesses know, maintaining a positive public…
Ashworth, A. 1995. Principles of criminal law. Oxford [England]: Clarendon Press, p. 87.
Computer World. 1996. IT security managers too focused on compliance, experts say. [online] Available at: http://www.computerworld.com/s/article/9237254/IT_security_managers_too_focused_on_compliance_experts_say [Accessed: 12 Jun 2013].
Fay, J. 2007. Encyclopedia of Security Management. Burlington, MA: Butterworth-Heinemann, p. 249.
Fletcher, G. 1998. Basic Concepts of Criminal Law. New York, N.Y.: Oxford University Press, p. 45.
Attacks on the system security include password theft, back doors and bugs, social engineering, protocol failures, authentication failures, Denial of Service attacks, active attacks, botnets, exponential attacks including worms and viruses, and information leakage. (Fortify Software Inc., 2008); (Fortify Software, n. d.)
Servers are targets of security attacks due to the fact that servers contain valuable data and services. For instance, if a server contains personal information about employees, it can become a target for stealing identities. All types of servers, which include file, database, web, email and infrastructure management servers are vulnerable to security attacks with the threat coming from both external as well as internal sources.
Some of the server problems that can jeopardize its security include: (i) Weakly encrypted or unencrypted information, especially of a sensitive nature, can be intercepted for malicious use while being transmitted from server to client. (ii) Software bugs present in the server…
Bace, Rebecca Gurley; Bace, Rebecca. (2000) "Intrusion Detection"
Fortify Software Inc. (2008) "Fortify Taxonomy: Software Security Errors" Retrieved 17 November, 2008 at http://www.fortify.com/vulncat/en/vulncat/index.html
Fortify Software. (n. d.) "Seven Pernicious Kingdoms: A Taxonomy of Software Security
The Congressional report card for 2007 goes on to say that an important part of leading an organization is to "provide clear statements of principles, priorities, and vision." But that said, it is unfortunate, according to the report card, that "...in spite of its mandate in the Homeland Security Act, neither the national policy nor the strategic plan...has been produced." During the fiscal year 2005 independent financial auditors reported that there were serious financial reporting difficulties for S&T that included "serious difficulties maintaining accurate financial records"; and moreover, the GAO has identified the same kinds of problems in 2007. So given that series of flaws, and the overall shaky management structure of DHS and S&T within the DHS, one can only conclude that the citizens of the U.S. should not feel safe, because they probably are not being protected as well as they could be.
Government Accountability Office.…
Government Accountability Office. "Department of Homeland Security: Science and Technology Directorate's Expenditure Plan." June 22, 2007. Retrieved Dec. 22, 2007, at http://www.gao.gov/news.items/do7868.pdf .
House Committee on Government Reform - Minority Staff Special Investigations Division.
The Growth of Political Appointees in the Bush Administration." May 2006. Retrieved Dec. 23, 2007 at http://oversight.house.gov/documents/20060503.pdf .
House Committee on Homeland Security. "The State of Homeland Security 2007: An Annual
Threats to security are seen to come not only from external military aggression but also from a myriad of internal challenges -- separatist movements, social unrest, or the collapse of the political system." -- Anwar 2003,
With the international attention given to "military aggression," especially external military aggression, in recent years, it is easy to allow one's idea of was security means to become clouded with Hobbesian and Machiavellian notions of armed conflict, with "war on terror" images of military and intelligence operations hunting down terrorists, and with the debate on nuclear proliferation in developing (or underdeveloped) nations like Iran and North Korea. What these definitions of security lack, however, is a full understanding of the term; military operations and protection from terrorist attacks are most certainly important factors in a nation's security, however, they are far from being the total measure of peace and stability in a society.
Stockholm Initiative on Global Security and Governance, 1991. Common Responsibility in the 1990s. Stockholm: Prime Minister's Office.
Timothy, K., 2004. "Human Security Discourse at the United Nations," in Peace Review, 16(1), pp. 19-24.
United Nations Development Program, Human Development Report, 1994. http://hrd.undp.org/reports/global/1994/en/.
Homeland Security isk Management
isk Management in Homeland Security
This paper provides a brief examination of the role of risk management within the homeland security operations. The discussion first addresses issues related to risk assessment, which is a necessary, prudent step for publicly funded activities, and particularly so given the national scope and the potential consumption of resources. The Strategic National isk Assessment (SNA) serves as a vehicle to link policy -- the Presidential Policy Directive 8 (PPD 8) and the National Preparedness System. The core capabilities of the National Preparedness Goal are mapped to the hazards and threats identified in the SNA (SNA 2011). This tactic enables additional core capabilities to be identified, and provides a resource to inform the establishment of priorities needed for making decisions about future investing in capabilities (SNA 2011).
As with any major projects of risk management, the initial stage is focused on assessment.…
The White House. National Security Strategy. (2010, May). Washington, D.C. Government Printing Office. Retrieved National_Security_Strategy.pdf
U.S. Customs and Border Protection. Secure Boarders, Safe Travel, Legal Trade. U.S. Customs and Boarder Protection Fiscal Year 2009-2014 Strategic Plan. Retrieved CBP_Strategic_Plan.pdf
U.S. Department of Homeland Security. Department of Homeland Security Strategic Plan. Fiscal Years 2012 -- 2016. (2012, February). Washington, DC: Government Printing Office. Retrieved DHS_Strategic_Plan-2012-2016.pdf
U.S. Department of Homeland Security. DHS Risk Lexicon. Risk Steering Committee. (2010, September). Washington, D.C. Retrieved http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon-2010.pdf