Cyber Security and Criminal Justice Programs in the United States: Exploring the Intersections

The study of cyber security is an interdisciplinary pursuit that includes STEM disciplines as well as the social sciences. While research on cyber security appears to be central in STEM disciplines, it is not yet clear how central cyber security and cyber crime is to criminal justice scholarship. In order to examine the connections between cyber security and criminal justice, in this study attention is given to the way that criminal justice scholars have embraced cyber crime research and coursework. Results show that while there are a number of cyber crime courses included in criminal justice majors there are not a large number of cyber crime research studies incorporated in mainstream criminal justice journals

IOT Forensics Curriculum: Is It a Myth or Reality?

In this research paper, two questions are answered. The first question is Should universities invest in the preparation of an IoT forensics curriculum? . The second question is If the IoT forensics curriculum is worth investing in, what are the basic building steps in the development of an loT forensics curriculum? . To answer those questions, the authors conducted a comprehensive literature review spanning academia, the private sector, and non-profit organizations. The authors also performed semi-structured interviews with two experts from academia and the private sector. The results showed that because of the proliferation of IoT technology and the increasing number of attacks against loT devices, developing loT forensics curriculum should be considered by the universities. It is worth mentioning that loT forensics can be one of the main driving factors for securing IoT devices. However, because of the peculiarity and novelty of the domain, and the challenges of IoT forensics, it is difficult to prepare a course-centric curriculum at the very first step. Rather than doing this, universities can collaborate with various stakeholders from the private sector and government agencies to spot and study in real-world cases and let these cases build and evolve an IoT forensics curriculum

AACSB‐Accredited Schools’ Adoption of Information Security Curriculum

The need to professionally and successfully conduct computer forensic investigations of incidents has never been greater. This has launched an increasing demand for a skilled computer security workforce (Locasto, et al., 2011). This paper examines the extent to which AACSB-accredited universities located in Virginia, Maryland and Washington, D.C. are working towards providing courses that will meet this demand. The authors conduct an online research of the information security courses and programs offered by the 27 AACSB-accredited business schools in the selected area. The preliminary investigation revealed that eight of the 27 participating universities did not offer any courses in cybersecurity, digital forensics, and information assurance. However, nearly 70% of the participating universities have included at least one or more information security courses in their curricula and some universities have implemented more extensive information security programs. This paper will describe the research methodology and results of the study. Keywords: digital forensics, information assurance, cybersecurity, information technology, information security, computer securit

An Examination of Computer Forensics and Related Certifications In The Accounting Curriculum

Forensic accounting has been a fast-growing niche area within the accounting field for many years. While there has been dramatic growth in the number of courses and degrees in forensic accounting offered by universities, certain relevant topics receive little coverage, such as computer forensics. The purpose of this paper is to examine the views of accounting academics and practitioners pertaining to integrating computer forensics in the accounting curriculum, as well as to determine which forensic accounting certifications the respondents hold. Differences in opinions between the two groups are discussed, along with recommendations on how to improve the forensic accounting curriculum pertaining to computer forensics education

Digital Evidence Education in Schools of Law

An examination of State of Connecticut v. Julie Amero provides insight into how a general lack of understanding of digital evidence can cause an innocent defendant to be wrongfully convicted. By contrast, the 101-page opinion in Lorraine v. Markel American Insurance Co. provides legal precedence and a detailed consideration for the admission of digital evidence. An analysis of both cases leads the authors to recommend additions to Law School curricula designed to raise the awareness of the legal community to ensure such travesties of justice, as in the Amero case, don’t occur in the future. Work underway at the University of Washington designed to address this deficiency is discussed

The 2007 Analysis of Information Remaining on Disks Offered for Sale on the Second Hand Market

All organisations, whether in the public or private sector, increasingly use computers and other devices that contain computer hard disks for the storage and processing of information relating to their business, their employees or their customers. Individual home users also increasingly use computers and other devices containing computer hard disks for the storage and processing of information relating to their private, personal affairs. It continues to be clear that the majority of organisations and individual home users still remain ignorant or misinformed of the volume and type of information that is stored on the hard disks that these devices contain and have not considered, or are unaware of, the potential impact of this information becoming available to their competitors or to people with criminal intent. This is the third study in an ongoing research effort that is being conducted into the volume and type of information that remains on computer hard disks offered for sale on the second hand market. The purpose of the research has been to gain an understanding of the information that remains on the disk and to determine the level of damage that could, potentially be caused, if the information fell into the wrong hands. The study examines disks that have been obtained in a number of countries to determine whether there is any detectable national or regional variance in the way that the disposal of computer disks is addressed and to compare the results for any other detectable regional or temporal trends. The first study was carried out in 2005 and was repeated in 2006 with the scope extended to include additional countries. The studies were carried out by British Telecommunications, the University of Glamorgan in the UK and Edith Cowan University in Australia. The basis of the research was to acquire a number of second hand computer disks from various sources and then determine whether they still contained information relating to a previous owner or if information had been effectively erased. If they still contained information, the research examined whether it was in a sufficient volume and of enough sensitivity to the original owner to be of value to either a competitor or a criminal. One of the results of the research was that, for a very large proportion of the disks that were examined, there was significant information present and both organisations and individuals were potentially exposed to the possibility of a compromise of sensitive information and identity theft. The report noted that where the disks had originally been owned by organisations, they had, in most cases, failed to meet their statutory, regulatory and legal obligations. In the third and latest study, conducted in 2007, the research methodology of the previous two studies conducted was repeated, but in addition to Longwood University in the USA joining the research effort, the scope was broadened geographically and the focus was extended to determine what changes had occurred in the availability of sensitive information might be occurring over time

Digital Evidence Education in Schools of Law

An examination of State of Connecticut v. Julie Amero provides insight into how a general lack of understanding of digital evidence can cause an innocent defendant to be wrongfully convicted. By contrast, the 101-page opinion in Lorraine v. Markel American Insurance Co. provides legal precedence and a detailed consideration for the admission of digital evidence. An analysis of both cases leads the authors to recommend additions to Law School curricula designed to raise the awareness of the legal community to ensure such travesties of justice, as in the Amero case, don’t occur in the future. Work underway at the University of Washington designed to address this deficiency is discussed. Keywords: digital forensics, law education, ESI, admissibility, evidenc

The 2007 Analysis of Information Remaining on Disks offered for sale on the second hand market

All organisations, whether in the public or private sector, increasingly use computers and other devices that contain computer hard disks for the storage and processing of information relating to their business, their employees or their customers. Individual home users also increasingly use computers and other devices containing computer hard disks for the storage and processing of information relating to their private, personal affairs. It continues to be clear that the majority of organisations and individual home users still remain ignorant or misinformed of the volume and type of information that is stored on the hard disks that these devices contain and have not considered, or are unaware of, the potential impact of this information becoming available to their competitors or to people with criminal intent. This is the third study in an ongoing research effort that is being conducted into the volume and type of information that remains on computer hard disks offered for sale on the second hand market. The purpose of the research has been to gain an understanding of the information that remains on the disk and to determine the level of damage that could, potentially be caused, if the information fell into the wrong hands. The study examines disks that have been obtained in a number of countries to determine whether there is any detectable national or regional variance in the way that the disposal of computer disks is addressed and to compare the results for any other detectable regional or temporal trends. The first study was carried out in 2005 and was repeated in 2006 with the scope extended to include additional countries. The studies were carried out by British Telecommunications, the University of Glamorgan in the UK and Edith Cowan University in Australia. The basis of the research was to acquire a number of second hand computer disks from various sources and then determine whether they still contained information relating to a previous owner or if information had been effectively erased. If they still contained information, the research examined whether it was in a sufficient volume and of enough sensitivity to the original owner to be of value to either a competitor or a criminal. One of the results of the research was that, for a very large proportion of the disks that were examined, there was significant information present and both organisations and individuals were potentially exposed to the possibility of a compromise of sensitive information and identity theft. The report noted that where the disks had originally been owned by organisations, they had, in most cases, failed to meet their statutory, regulatory and legal obligations. In the third and latest study, conducted in 2007, the research methodology of the previous two studies conducted was repeated, but in addition to Longwood University in the USA joining the research effort, the scope was broadened geographically and the focus was extended to determine what changes had occurred in the availability of sensitive information might be occurring over time

Experiences and lessons learned in the design and implementation of an Information Assurance curriculum

In 2004, Dakota State University proposed a model for information assurance and computer security program development. That model provided a framework for developing undergraduate and graduate programs at DSU. This paper provides insight into experiences and lessons learned to further implement that model. The paper details modifications to both the undergraduate and graduate information assurance programs as a result of specific issues and challenges. Further, the paper highlights the introduction of a new terminal degree that includes an information assurance specialization. As a national center of excellence in information assurance education, we are confident that this paper will be helpful to universities around the world in either developing new or improving existing IA programs