Brett W. Brubaker
ABSTRACT
This paper sets out to provide an example for local law enforcement agencies to use in order to develop a basic information security program. In conjunction with outside sources used to parallel some key points between other organizations, such as universities and non-profit agencies, the Security Systems Development Life Cycle is a methodology used as the basis for this paper. The information from outside sources suggests that universities and non-profit businesses have suffered from massive attacks to the vital information of their students and personnel. To avoid falling victim to a predator waiting to induce the same systemic damage that has plagued these organizations, local law enforcement agencies must begin to develop plans to protect themselves in ways not traditionally thought of. Just as these two organizations house personal and organizational information that could be damaging if compromised, so to do local law enforcement agencies. A local law enforcement agency concerns vast information on, not only personnel but, defendants, victims, and witnesses as well. These defendants, victims, and witnesses have a right to have their information protected. A compromise to information could be severely damaging to the reputation and morale of any local law enforcement agency. With the thought of a possible deviant lurking and waiting for the opportune moment to strike, the local law enforcement agency should be approaching a sound, viable, and holistic program for their defensive strategy---the Security Systems Development Life Cycle offers the framework for a much needed information security program.
- Austin, R., & Darby, C. (2003, June). The myth of secure computing. Harvard Business Review, 120--126.Google Scholar
- Cline, M., Guynes, C. S., & Nyanoga, A. (2010). The impact of organizational change on information systems security. Journal of Business & Economics Research, 8(1), 59--65.Google Scholar
- Cobb County Government Organizational Chart: http://www.cobbcounty.org.Google Scholar
- Georgia Controlled Substance Act (title 16-13-30 of the Official Code of the Georgia Assembly).Google Scholar
- Grace, E. (2009). Adopting a well-rounded information security solution. Collector, 75(5), 28--31.Google Scholar
- Hulme, G. V. (2004). Security threats won't let up. Information Week, 970, 59.Google Scholar
- ISO 17799 and ISO 27001: http//www.17799central.com.Google Scholar
- Kolb, N., & Abdullah, F. (2009). Developing an information security awareness program for a non-profit organization. International Management Review, 5(2), 103--108.Google Scholar
- Ma, Q., Schmidt, M. B., & Pearson, J. M. (2009). An integrated framework for information security management. Review of Business, 30(1), 58--70.Google Scholar
- NIST 800-14: http://www.ffiec.gov/ffiecinfobase/resources/info_sec.Google Scholar
- Privacy statistics and breach information for commercial organizations: http://www.privacyrights.org.Google Scholar
- Robinson, A. (1990). Modern approaches to manufacturing improvement: The shingo system. New York, New York: Productivity Press.Google Scholar
- Systems Development Life Cycle chart: http://www.thinknetworks.co.uk.Google Scholar
- The Commission on Accreditation for Law Enforcement Agencies: http//www.calea.org.Google Scholar
- Whitman, M. E., & Mattord, H. J. (2010). Management of information security, third edition. Boston, Massachusetts: Course Technology.Google Scholar
Index Terms
- Sworn to protect...implementing the security systems development life cycle into local law enforcement
Recommendations
Law Enforcement's Ability to Deal with Digital Crime and the Implications for Business
Much has been made of the capabilities to commit a crime that has a digital component, whether it is hacking, fraud, embezzlement, identity theft, organized crime, child pornography, or other criminal act. While the capabilities of the perpetrators and ...
Comments