Sworn to protect...implementing the security systems development life cycle into local law enforcement
Pages 163 - 172
Abstract
This paper sets out to provide an example for local law enforcement agencies to use in order to develop a basic information security program. In conjunction with outside sources used to parallel some key points between other organizations, such as universities and non-profit agencies, the Security Systems Development Life Cycle is a methodology used as the basis for this paper. The information from outside sources suggests that universities and non-profit businesses have suffered from massive attacks to the vital information of their students and personnel. To avoid falling victim to a predator waiting to induce the same systemic damage that has plagued these organizations, local law enforcement agencies must begin to develop plans to protect themselves in ways not traditionally thought of. Just as these two organizations house personal and organizational information that could be damaging if compromised, so to do local law enforcement agencies. A local law enforcement agency concerns vast information on, not only personnel but, defendants, victims, and witnesses as well. These defendants, victims, and witnesses have a right to have their information protected. A compromise to information could be severely damaging to the reputation and morale of any local law enforcement agency. With the thought of a possible deviant lurking and waiting for the opportune moment to strike, the local law enforcement agency should be approaching a sound, viable, and holistic program for their defensive strategy---the Security Systems Development Life Cycle offers the framework for a much needed information security program.
References
[1]
Austin, R., & Darby, C. (2003, June). The myth of secure computing. Harvard Business Review, 120--126.
[2]
Cline, M., Guynes, C. S., & Nyanoga, A. (2010). The impact of organizational change on information systems security. Journal of Business & Economics Research, 8(1), 59--65.
[3]
Cobb County Government Organizational Chart: http://www.cobbcounty.org.
[4]
Georgia Controlled Substance Act (title 16-13-30 of the Official Code of the Georgia Assembly).
[5]
Grace, E. (2009). Adopting a well-rounded information security solution. Collector, 75(5), 28--31.
[6]
Hulme, G. V. (2004). Security threats won't let up. Information Week, 970, 59.
[7]
ISO 17799 and ISO 27001: http//www.17799central.com.
[8]
Kolb, N., & Abdullah, F. (2009). Developing an information security awareness program for a non-profit organization. International Management Review, 5(2), 103--108.
[9]
Ma, Q., Schmidt, M. B., & Pearson, J. M. (2009). An integrated framework for information security management. Review of Business, 30(1), 58--70.
[10]
NIST 800-14: http://www.ffiec.gov/ffiecinfobase/resources/info_sec.
[11]
Privacy statistics and breach information for commercial organizations: http://www.privacyrights.org.
[12]
Robinson, A. (1990). Modern approaches to manufacturing improvement: The shingo system. New York, New York: Productivity Press.
[13]
Systems Development Life Cycle chart: http://www.thinknetworks.co.uk.
[14]
The Commission on Accreditation for Law Enforcement Agencies: http//www.calea.org.
[15]
Whitman, M. E., & Mattord, H. J. (2010). Management of information security, third edition. Boston, Massachusetts: Course Technology.
Index Terms
- Sworn to protect...implementing the security systems development life cycle into local law enforcement
Recommendations
Law Enforcement's Ability to Deal with Digital Crime and the Implications for Business
Much has been made of the capabilities to commit a crime that has a digital component, whether it is hacking, fraud, embezzlement, identity theft, organized crime, child pornography, or other criminal act. While the capabilities of the perpetrators and ...
Comments
Information & Contributors
Information
Published In
October 2010
187 pages
Copyright © 2010 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- KSU - CISE: KSU Center for InfoSec Education
- ISSA: The Metro Atlanta Information Systems Security Association
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 01 October 2010
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
InfoSecCD '10
Sponsor:
- KSU - CISE
- ISSA
InfoSecCD '10: 2010 Information Security Curriculum Development Conference
October 1 - 3, 2010
Georgia, Kennesaw
Acceptance Rates
Overall Acceptance Rate 18 of 23 submissions, 78%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 313Total Downloads
- Downloads (Last 12 months)7
- Downloads (Last 6 weeks)1
Reflects downloads up to 11 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in