Discussions

balusuyaswanth
ICT4605Topicsforclasspaperandpresentation.doc

ICT 4605 Potential Topics for class papers and presentations.

1. Information Systems Security (Computer) Laws where we are today, where we need to go, concerns, and issues.

2. Access controls their implementation and associated threats/vulnerabilities.

3. Certification and Accreditation how and what are the values and pitfalls.

4. Risk Assessments process, concerns, trends, and effectiveness.

5. Intrusion Detection, the types, good, bad, and effectiveness.

6. Audits, how, what, when, where, and why. Good vs. bad.

7. Software Development. Security’s role and process to ensure Life Cycle protection.

8. Information Systems Security and it’s role in Configuration Management. The CMM process pros and cons.

9. Security issues regarding Object-Oriented, Artificial Intelligence, and / or Database systems.

10. Information Systems Security Expenditures and their Return on Investment (ROI)

11. http://mktg.rainbow.com/mk/get/bnxreg (a) "Enterprise Single Sign-On: Balancing Security & Productivity, Unified ID Management for Enterprise & Internet Security" (b)"Definitive Guide to ID Management" Couresty BNX Systems (bnx.com), Rainbow Technologies (rainbow.com)

12. The basis for all security is policy and how to create an effective one for all levels -- executives, network professionals, system administrators and consultants.

13. How do you build a change management program to stem security flaws that lead to potential vulnerabilities?

14. How do you educate employees for security awareness? Where does that begin? How does a resource starved business unit build a plan to test the level of information security?

15. Could or should the mission of CISOs be to raise the level of information security in the enterprise? How to do they get there? What does it take to build an effective program? How do you transform a network specialist into a network and security specialist?

16. Viruses, worms, Trojan horses -- What's next? You could add IP/URL spoofing and identity management to the first three, but now things are getting deep. If these issues are the next threats, what should companies be doing to head this off at the pass?

17. Security event correlation and alert response: How does a company build a plan, and what metrics (if you can find any) can be applied?

18. Cloud Security