Maximizing business information security's educational value

A business information security course's goals and objectives are quite different from most traditional security courses, which focus on designing and developing new security technologies. Business information security primarily concerns the strategic, tactical, and operational management issue...

Full description

Saved in:
Bibliographic Details
Published in:IEEE security & privacy 2004-01, Vol.2 (1), p.56-60
Main Author: Grimaila, M.R.
Format: Magazinearticle
Language:English
Subjects:
Business
Business continuity
Computer information security
Continuing education
Cost accounting
Cybersecurity
Data encryption
Disaster management
Education
Ethics
Information analysis
Information security
Network security
Policies
Professional communication
Recovery planning
Risk
Risk management
Security management
Strategic planning
Students
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c356t-4926959682299fb4c69567828848f51030338f294430ca1c404f654dd0fa93163
cites cdi_FETCH-LOGICAL-c356t-4926959682299fb4c69567828848f51030338f294430ca1c404f654dd0fa93163
container_end_page 60
container_issue 1
container_start_page 56
container_title IEEE security & privacy
container_volume 2
creator Grimaila, M.R.
description A business information security course's goals and objectives are quite different from most traditional security courses, which focus on designing and developing new security technologies. Business information security primarily concerns the strategic, tactical, and operational management issues surrounding the planning, analysis, design, implementation, and maintenance of an organization's information security program. Core issues include asset valuation, auditing, business continuity planning, disaster recovery planning, ethics, organizational communication, policy development, project planning, risk management, security awareness education and training, and various legal issues such as liability and regulatory compliance. Because businesses can't afford to mitigate all security risks, students must learn methods to identify and justify the optimal amount of expenditures to ensure that their information assets are sufficiently protected. Students should also understand the technical components of security so they can appreciate the problems experienced by the people they manage. This paper describes my experiences in developing a business information security course that provides students the knowledge arid experience to succeed in today's competitive information-intensive corporate environment.
doi_str_mv 10.1109/MSECP.2004.1264855
format magazinearticle
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1136361551</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1264855</ieee_id><sourcerecordid>28769341</sourcerecordid><originalsourceid>FETCH-LOGICAL-c356t-4926959682299fb4c69567828848f51030338f294430ca1c404f654dd0fa93163</originalsourceid><addsrcrecordid>eNp9kE1LAzEQhoMoWKt_QC-LB_WyNZOvJuBFSv2AFgX1HNI0kZTtbk12xfrr3W0LggdPmWSed5g8CJ0CHgBgdT19GY-eBwRjNgAimOR8D_WAc5kzzMR-VzOcD5Wih-gopQXGBIDLHrqZmq-wDN-hfM9mTQqlSykLpa_i0tShKrPkbBNDvb5MmZs3dvNoiuzTFI07RgfeFMmd7M4-ersbv44e8snT_ePodpJbykWdM0WE4kpIQpTyM2bbmxhKIiWTngOmmFLpiWKMYmvAtit7wdl8jr1RFATto4vt3FWsPhqXar0MybqiMKWrmqSJHApFGbTg1b8gABVUtF469PwPuqia2H4taUWwlIClaiGyhWysUorO61UMSxPXGrDuxOuNeN2J1zvxbehsGwrOud_ArvsDUwJ8gw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>magazinearticle</recordtype><pqid>920881089</pqid></control><display><type>magazinearticle</type><title>Maximizing business information security's educational value</title><source>IEEE Electronic Library (IEL) Journals</source><creator>Grimaila, M.R.</creator><creatorcontrib>Grimaila, M.R.</creatorcontrib><description>A business information security course's goals and objectives are quite different from most traditional security courses, which focus on designing and developing new security technologies. Business information security primarily concerns the strategic, tactical, and operational management issues surrounding the planning, analysis, design, implementation, and maintenance of an organization's information security program. Core issues include asset valuation, auditing, business continuity planning, disaster recovery planning, ethics, organizational communication, policy development, project planning, risk management, security awareness education and training, and various legal issues such as liability and regulatory compliance. Because businesses can't afford to mitigate all security risks, students must learn methods to identify and justify the optimal amount of expenditures to ensure that their information assets are sufficiently protected. Students should also understand the technical components of security so they can appreciate the problems experienced by the people they manage. This paper describes my experiences in developing a business information security course that provides students the knowledge arid experience to succeed in today's competitive information-intensive corporate environment.</description><identifier>ISSN: 1540-7993</identifier><identifier>EISSN: 1558-4046</identifier><identifier>DOI: 10.1109/MSECP.2004.1264855</identifier><identifier>CODEN: ISPMCN</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Business ; Business continuity ; Computer information security ; Continuing education ; Cost accounting ; Cybersecurity ; Data encryption ; Disaster management ; Education ; Ethics ; Information analysis ; Information security ; Network security ; Policies ; Professional communication ; Recovery planning ; Risk ; Risk management ; Security management ; Strategic planning ; Students</subject><ispartof>IEEE security &amp; privacy, 2004-01, Vol.2 (1), p.56-60</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2004</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c356t-4926959682299fb4c69567828848f51030338f294430ca1c404f654dd0fa93163</citedby><cites>FETCH-LOGICAL-c356t-4926959682299fb4c69567828848f51030338f294430ca1c404f654dd0fa93163</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1264855$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>780,784,27925,54796</link.rule.ids></links><search><creatorcontrib>Grimaila, M.R.</creatorcontrib><title>Maximizing business information security's educational value</title><title>IEEE security &amp; privacy</title><addtitle>SECP-M</addtitle><description>A business information security course's goals and objectives are quite different from most traditional security courses, which focus on designing and developing new security technologies. Business information security primarily concerns the strategic, tactical, and operational management issues surrounding the planning, analysis, design, implementation, and maintenance of an organization's information security program. Core issues include asset valuation, auditing, business continuity planning, disaster recovery planning, ethics, organizational communication, policy development, project planning, risk management, security awareness education and training, and various legal issues such as liability and regulatory compliance. Because businesses can't afford to mitigate all security risks, students must learn methods to identify and justify the optimal amount of expenditures to ensure that their information assets are sufficiently protected. Students should also understand the technical components of security so they can appreciate the problems experienced by the people they manage. This paper describes my experiences in developing a business information security course that provides students the knowledge arid experience to succeed in today's competitive information-intensive corporate environment.</description><subject>Business</subject><subject>Business continuity</subject><subject>Computer information security</subject><subject>Continuing education</subject><subject>Cost accounting</subject><subject>Cybersecurity</subject><subject>Data encryption</subject><subject>Disaster management</subject><subject>Education</subject><subject>Ethics</subject><subject>Information analysis</subject><subject>Information security</subject><subject>Network security</subject><subject>Policies</subject><subject>Professional communication</subject><subject>Recovery planning</subject><subject>Risk</subject><subject>Risk management</subject><subject>Security management</subject><subject>Strategic planning</subject><subject>Students</subject><issn>1540-7993</issn><issn>1558-4046</issn><fulltext>true</fulltext><rsrctype>magazinearticle</rsrctype><creationdate>2004</creationdate><recordtype>magazinearticle</recordtype><recordid>eNp9kE1LAzEQhoMoWKt_QC-LB_WyNZOvJuBFSv2AFgX1HNI0kZTtbk12xfrr3W0LggdPmWSed5g8CJ0CHgBgdT19GY-eBwRjNgAimOR8D_WAc5kzzMR-VzOcD5Wih-gopQXGBIDLHrqZmq-wDN-hfM9mTQqlSykLpa_i0tShKrPkbBNDvb5MmZs3dvNoiuzTFI07RgfeFMmd7M4-ersbv44e8snT_ePodpJbykWdM0WE4kpIQpTyM2bbmxhKIiWTngOmmFLpiWKMYmvAtit7wdl8jr1RFATto4vt3FWsPhqXar0MybqiMKWrmqSJHApFGbTg1b8gABVUtF469PwPuqia2H4taUWwlIClaiGyhWysUorO61UMSxPXGrDuxOuNeN2J1zvxbehsGwrOud_ArvsDUwJ8gw</recordid><startdate>200401</startdate><enddate>200401</enddate><creator>Grimaila, M.R.</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>7SP</scope><scope>F28</scope><scope>FR3</scope><scope>KR7</scope></search><sort><creationdate>200401</creationdate><title>Maximizing business information security's educational value</title><author>Grimaila, M.R.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c356t-4926959682299fb4c69567828848f51030338f294430ca1c404f654dd0fa93163</frbrgroupid><rsrctype>magazinearticle</rsrctype><prefilter>magazinearticle</prefilter><language>eng</language><creationdate>2004</creationdate><topic>Business</topic><topic>Business continuity</topic><topic>Computer information security</topic><topic>Continuing education</topic><topic>Cost accounting</topic><topic>Cybersecurity</topic><topic>Data encryption</topic><topic>Disaster management</topic><topic>Education</topic><topic>Ethics</topic><topic>Information analysis</topic><topic>Information security</topic><topic>Network security</topic><topic>Policies</topic><topic>Professional communication</topic><topic>Recovery planning</topic><topic>Risk</topic><topic>Risk management</topic><topic>Security management</topic><topic>Strategic planning</topic><topic>Students</topic><toplevel>online_resources</toplevel><creatorcontrib>Grimaila, M.R.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Xplore</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>ANTE: Abstracts in New Technology &amp; Engineering</collection><collection>Engineering Research Database</collection><collection>Civil Engineering Abstracts</collection><jtitle>IEEE security &amp; privacy</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Grimaila, M.R.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Maximizing business information security's educational value</atitle><jtitle>IEEE security &amp; privacy</jtitle><stitle>SECP-M</stitle><date>2004-01</date><risdate>2004</risdate><volume>2</volume><issue>1</issue><spage>56</spage><epage>60</epage><pages>56-60</pages><issn>1540-7993</issn><eissn>1558-4046</eissn><coden>ISPMCN</coden><abstract>A business information security course's goals and objectives are quite different from most traditional security courses, which focus on designing and developing new security technologies. Business information security primarily concerns the strategic, tactical, and operational management issues surrounding the planning, analysis, design, implementation, and maintenance of an organization's information security program. Core issues include asset valuation, auditing, business continuity planning, disaster recovery planning, ethics, organizational communication, policy development, project planning, risk management, security awareness education and training, and various legal issues such as liability and regulatory compliance. Because businesses can't afford to mitigate all security risks, students must learn methods to identify and justify the optimal amount of expenditures to ensure that their information assets are sufficiently protected. Students should also understand the technical components of security so they can appreciate the problems experienced by the people they manage. This paper describes my experiences in developing a business information security course that provides students the knowledge arid experience to succeed in today's competitive information-intensive corporate environment.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/MSECP.2004.1264855</doi><tpages>5</tpages></addata></record>
fulltext fulltext
identifier ISSN: 1540-7993
ispartof IEEE security & privacy, 2004-01, Vol.2 (1), p.56-60
issn 1540-7993
1558-4046
language eng
recordid cdi_proquest_miscellaneous_1136361551
source IEEE Electronic Library (IEL) Journals
subjects Business
Business continuity
Computer information security
Continuing education
Cost accounting
Cybersecurity
Data encryption
Disaster management
Education
Ethics
Information analysis
Information security
Network security
Policies
Professional communication
Recovery planning
Risk
Risk management
Security management
Strategic planning
Students
title Maximizing business information security's educational value
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-02T20%3A13%3A16IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Maximizing%20business%20information%20security's%20educational%20value&rft.jtitle=IEEE%20security%20&%20privacy&rft.au=Grimaila,%20M.R.&rft.date=2004-01&rft.volume=2&rft.issue=1&rft.spage=56&rft.epage=60&rft.pages=56-60&rft.issn=1540-7993&rft.eissn=1558-4046&rft.coden=ISPMCN&rft_id=info:doi/10.1109/MSECP.2004.1264855&rft_dat=%3Cproquest_cross%3E28769341%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c356t-4926959682299fb4c69567828848f51030338f294430ca1c404f654dd0fa93163%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=920881089&rft_id=info:pmid/&rft_ieee_id=1264855&rfr_iscdi=true