6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Mecealus Cronkrite et al.<br />
The views expressed herein are those of the authors and do not necessarily reflect the views of, and<br />
should not be attributed to, the Department of Homeland Security or any of its agencies.<br />
References<br />
Assante, M.J. 2010, November 17. Testimony of Michael J. Assante, President and Chief Executive Officer National<br />
Board of Information Security Examiners of the United States Inc. Before the Senate Committee on<br />
Homeland Security and Governmental Affairs US Senate Hearing on Securing Critical Infrastructure in the<br />
Age of Stuxnet. Washington D.C.<br />
Baer, W.S. & Parkinson, A. 2007, "Cyberinsurance in IT Security Management,” IEEE Security & Privacy, vol. 5,<br />
no. 3, pp. 50-56.<br />
Baker, W., Goudie, M., Hutton, A., Hylender, c.D., Niemantsverdriet, J., Novak, c., Ostertag, D., Porter, c.,<br />
Rosen, M., Sartin, B. & Tippett, P.,United States Secret Service 2010, July 28-last update, 2010 Data<br />
Breach Investigations Report [Homepage of Verizon], [Online]. Available:<br />
http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf [2010, 10/20]<br />
Council of Europe Counterterrorism Task Force 2007, Cyberterrorism-the use of the internet for terrorist purposes.<br />
Council of Europe Publishing, Strasbourg Cedex, France<br />
CSI, “14th Annual 2009 CSI Computer Crime and Security Survey” December, 2009, Computer Security Institute<br />
Falliere, N., Murchu, L.O. & Chien, E. 2010, October-last update, w32 Stuxnet Dossier [Homepage of Symantec],<br />
[Online]. Available:<br />
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dos<br />
sier.pdf [2010, 10/20]<br />
GAO May 5, 2009, GAO-09-661T: Testimony before the Subcommittee on Government Management, Organization,<br />
and Procurement; House Committee on Oversight and Government Reform: Cyber Threats and Vulnerabilities<br />
Place Federal Systems at Risk Statement of Gregory C. Wilshusen, Director, Information Security<br />
Issues, GAO, Washington, D.C.<br />
Gelbstein, E. & Kamal, A. 2002, Information insecurity :a survival guide to the uncharted territories of cyberthreats<br />
and cyber-security, 2nd ed, United Nations ICT Task Force and the United Nations Institute for<br />
Training and Research, New York, NY.<br />
Goertzel, K.M., Winograd, T., McKinley, H.L., Oh, L., Colon, M., McGibbon, T., Fedchak, E. & Vienneau, R. 2007,<br />
July 23-last update, Software Security Assurance State-of-the-Art Report (SOAR) [Homepage of Joint endeavour<br />
by IATAC with DACS], [Online]. Available: http://iac.dtic.mil/iatac/download/security.pdf [2010,<br />
10/20].<br />
Golumbic, M.C. 2008, Fighting terror online: the convergence of security, technology, and the law, Springer Verlag,<br />
New York.<br />
McGuinn, M. 2005, October 12-last update, Prioritizing Cyber Vulnerabilities, Final Report and Recommendations<br />
by the Council. [Homepage of DHS-NIAC], [Online]. Available:<br />
http://www.dhs.gov/xlibrary/assets/niac/NIAC_CyberVulnerabilitiesPaper_Feb05.pdf [2010, 10/20] .<br />
Mead, N.R., Allen, J.H., Conklin, A.W., Drommi, A., Harrison, J., Ingalsbe, J., Rainey, J. & Shoemaker, D. 2009,<br />
April-last update, Making the Business Case for Software Assurance [Homepage of Carneige Mellon Software<br />
Engineering Institute], [Online]. Available: http://www.sei.cmu.edu/reports/09sr001.pdf [2010, 10/20].<br />
Microsoft, “Microsoft Security Intelligence Report Volume 9 (Jan 1 2010 - Jun 30 2010)2010”, [Homepage of Microsoft],<br />
[Online]. Available: http://www.microsoft.com/security/sir/default.aspx [2010, 10/20].<br />
McGurk, Sean 2010, Nov.17 Statement for the Record of Seán P. McGurk Acting Director, National Cybersecurity<br />
and Communications Integration Center Office of Cybersecurity and Communications<br />
National Protection and Programs Directorate Department of Homeland Security Before the United States Senate<br />
Homeland Security and Governmental Affairs Committee, Washington, DC November 17, 2010<br />
MITRE & SANS 2010, April 5-last update, CWE/SANS Top 25 Most Dangerous Programming Errors [Homepage<br />
of MITRE], [Online]. Available: http://cwe.mitre.org/top25/ [2010, 10/20].<br />
NIAC, National Infrastructure Advisory Council September 8, 2009, Critical Infrastructure Resilience Final Report<br />
And Recommendations, DHS, Washington, D.C.<br />
OECD, 2008. “Malicious Software (Malware) A Security Threat to the Internet Economy. OECD, Seoul, Korea.<br />
US-CERT, “Build Security In. (n.d.).Key Practices for Mitigating the Most Egregious Exploitable Software Weaknesses.<br />
Software Assurance Pocket Guide Series: Development” Volume II Version 1.3.2009, May 24-last<br />
update [Homepage of DHS-US-CERT], [Online]. Available: https://buildsecurityin.uscert.gov/swa/downloads/KeyPracticesMWV13_02AM091111.pdf<br />
[2010, 10/20].<br />
US-CERT Multi-State Information Sharing and Analysis Center and United States Computer Emergency Readiness<br />
Team (US-CERT) 2005, May 16-last update, Malware Threats and Mitigation Strategies [Homepage of<br />
DHS-US-CERT], [Online]. Available: http://www.us-cert.gov/reading_room/malware-threats-mitigation.pdf<br />
[2010, 10/20]<br />
Wang, Y., Zheng, B. & Huang, H. 2008, "Complying with Coding Standards or Retaining Programming Style: A<br />
Quality Outlook at Source Code Level", Journal of Software Engineering and Applications, vol. 1, no. 1, pp.<br />
88.<br />
Wilkes, J. 1997, "Business Ethics: A <strong>European</strong> Review, Focus: 'Protecting the Public, Securing the Profession:'<br />
Enforcing Ethical Standards among Software Engineers"<br />
75