Alignment of Coursework with Knowledge Requirements: A Textbook Content Analysis

Every information systems professional has a role to play in security. Analysts must consider security in their analyses and designs; programmers think through logic flaws that create vulnerabilities; and database managers need to provide appropriate access without exposing sensitive information to bad actors. Other disciplines also recognize the importance of employees having a respect for security and a broad understanding of concepts that enable it. Universities prepare students for careers across different domains; and the increasingly important formation of security knowledge falls to IS faculty. This study first examines relevant job postings to determine the knowledge, skills, and abilities most sought after by employers; then uses those results in a content analysis of current information security textbooks to indicate the degree to which employer-demanded concepts are covered in university-deployed teaching materials. The overall results of this study found that coverage of terms associated with security knowledge areas demanded by the marketplace is mixed among six leading textbooks, ranging from near complete coverage to just over half of the topics

Toward Alignment Between Communities of Practice and Knowledge-Based Decision Support

The National Repository of Digital Forensics Information (NRDFI) is a knowledge repository for law enforcement digital forensics investigators (LEDFI). Over six years, the NRDFI has undertaken significant design revisions in order to more closely align the architecture of the system with theory addressing motivation to share knowledge and communication within ego-centric groups and communities of practice. These revisions have been met with minimal change in usage patterns by LEDFI community members, calling into question the applicability of relevant theory when the domain for knowledge sharing activities expands beyond the confines of an individual organization to a community of practice. When considered alongside an empirical study that demonstrated a lack of generalizability for existing theory on motivators to share knowledge, a call for deeper investigation is clear. In the current study, researchers apply grounded theory methodology through interviews with members of the LEDFI community to discover aspects of community context that appear to position communities of practice along a continuum between process focus and knowledge focus. Findings suggest that these contextual categories impact a community’s willingness to participate in various classes of knowledge support initiatives, and community positioning along these categories dictates prescription for design of knowledge based decision support systems beyond that which can be found in the current literature. Keywords: grounded theory, decision support, communities of practice, knowledge managemen

Development of a National Repository of Digital Forensic Intelligence

Many people do all of their banking online, we and our children communicate with peers through computer systems, and there are many jobs that require near continuous interaction with computer systems. Criminals, however, are also “connected”, and our online interaction provides them a conduit into our information like never before. Our credit card numbers and other fiscal information are at risk, our children\u27s personal information is exposed to the world, and our professional reputations are on the line.The discipline of Digital Forensics in law enforcement agencies around the nation and world has grown to match the increased risk and potential for cyber crimes. Even crimes that are not themselves computer-based, may be solved or prosecuted based on digital evidence left behind by the perpetrator. However, no widely accepted mechanism to facilitate sharing of ideas and methodologies has emerged. Different agencies re-develop approaches that have been tested in other jurisdictions. Even within a single agency, there is often significant redundant work. There is great potential efficiency gain in sharing information from digital forensic investigations.This paper describes an on-going design and development project between Oklahoma State University’s Center for Telecommunications and Network Security and the Defense Cyber Crimes Center to develop a Repository of Digital Forensic Knowledge. In its full implementation, the system has potential to provide exceptional gains in efficiency for examiners and investigators. It provides a better conduit to share relevant information between agencies and a structure through which cases can be cross-referenced to have the most impact on a current investigation

Development of A National Repository of Digital Forensic Intelligence

Many people do all of their banking online, we and our children communicate with peers through computer systems, and there are many jobs that require near continuous interaction with computer systems. Criminals, however, are also “connected”, and our online interaction provides them a conduit into our information like never before. Our credit card numbers and other fiscal information are at risk, our children\u27s personal information is exposed to the world, and our professional reputations are on the line. The discipline of Digital Forensics in law enforcement agencies around the nation and world has grown to match the increased risk and potential for cyber crimes. Even crimes that are not themselves computer-based, may be solved or prosecuted based on digital evidence left behind by the perpetrator. However, no widely accepted mechanism to facilitate sharing of ideas and methodologies has emerged. Different agencies re-develop approaches that have been tested in other jurisdictions. Even within a single agency, there is often significant redundant work. There is great potential efficiency gain in sharing information from digital forensic investigations. This paper describes an on-going design and development project between Oklahoma State University’s Center for Telecommunications and Network Security and the Defense Cyber Crimes Center to develop a Repository of Digital Forensic Knowledge. In its full implementation, the system has potential to provide exceptional gains in efficiency for examiners and investigators. It provides a better conduit to share relevant information between agencies and a structure through which cases can be cross-referenced to have the most impact on a current investigation

Managing digital forensic knowledge an applied approach

The science of digital forensics is continually changing as technological advances are made and new digital devices are developed. This environment forces analysts to regularly extend their skills with training and frequent research to develop new and admissible techniques. Unfortunately, the same and similar methods are re-discovered by other analysts who are unaware of earlier peer efforts. The situation is aggravated by a nearly universal backlog in qualified digital forensics facilities. This leaves little time for communication between analysts even within a single agency. To address these issues and facilitate an increase in efficiency across all law enforcement agencies, we apply the lessons of knowledge management to digital forensics and extend them with special characteristics required by the law enforcement profession. The result is the development of the National Repository of Digital Forensic Intelligence. This system has been implemented in the largest accredited digital forensics lab in the world and is currently being extended to many other local, state, and federal agencies to increase effectiveness and efficiency among analysts

Trustworthiness of Grounded Theory Methodology Research in Information Systems

Grounded Theory Methodology (GTM) is being used increasingly in the Information Systems (IS) discipline. However, some consumers of IS literature are skeptical of the findings in studies using this method. In this paper, we provide some steps that can be taken by researchers to improve the credibility of their work. This can be accomplished through increased trustworthiness of their research. The quality of quantitative research can be evaluated by examining the internal validity, external validity, reliability; similarly the trustworthiness of GTM studies can be evaluated by examining the credibility, transferability, dependability and confirmability of the study. We provide specific steps that can be taken to accomplish trustworthiness of GTM research and from IS literature; we summarize some of the GTM research that has applied these steps

Information Sharing: Hackers vs Law Enforcement

The fields of information assurance and digital forensics continue to grow in both importance and complexity, spurred on by rapid advancement in digital crime. Contemporary law enforcement professionals facing such issues quickly discover that they cannot be successful while operating in a vacuum and turn to colleagues for assistance. However, there is a clear need for greater IT-based knowledge sharing capabilities amongst law enforcement organizations; an environment historically typified by a silo mentality. A number of efforts have attempted to provide such capabilities, only to be met with limited enthusiasm and difficulties in sustaining continued use. Conversely, the hacker community achieves rapid advancement due to its diligent emphasis on knowledge sharing through technology. The characteristics of knowledge sharing willingness and effectiveness within these two communities create a distinct advantage for hackers. In what follows, these two highly disparate communities are juxtaposed in terms of what drives their relative effectiveness in knowledge sharing efforts. The resulting conclusions lay a foundation for deeper empirical investigation into this phenomenon, which in turn may drive design decisions for emerging law enforcement knowledge sharing platforms such as the U.S.National Repository for Digital Forensics Intelligence