CALL FOR CHAPTERS
Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions
http://www.acsu.buffalo.edu/~mgupta3/Call.pdf

Editors:
Manish Gupta, State University of New York & M&T Bank Corporation, USA
John Walp, M&T Bank Corporation, USA
Raj Sharman, State University of New York, USA

Proposals Submission Deadline: August 15, 2010

Introduction
Organizations are increasingly relying on information in electronic form to conduct business. While this evolution of an electronic-based society from a paper-based one has been advantageous to both enterprises and individuals alike, the amount of personal information has also grown exponentially. With rapid growth in the number of information systems and related processes, managing information security program while effectively managing risks has never been so critical. A recent survey of 600 IT and security executives finds that there is a widespread lack of confidence in their organizations ability to defend against a cyberattack. About 40% of those surveyed expected a major incident -- an attack resulting in major consequences -- within a year, and 80% said they expected a major incident within 5 years (pp 13). On average, respondents estimated that 24 hours of down time from a major attack would cost their own organization (U.S.) $6.3 million. Also, more than 60% say that the frequency and intensity of cyberattacks have increased in the past year. Given the rise of threats and technologies to launch and hide these attacks, the situation is clearly getting worse for organizations. Effective Information Security Management and Governance is the most important action organizations can take to thwart and manage these risks. In such an environment, information security management and governance issues are at the forefront of any discussions for security organizations information assets, which includes considerations for managing risks, data and costs.

Objective of the Book
The proposed book aims to provide high-quality research papers and practice articles on management and governance issues in the field of information security. The main focus of the book is to provide an organization with insights into practical and applied solutions, frameworks, technologies and practices on technological and organizational factors.The book will present Information Security Management solutions being researched on or deployed through book chapters from leading researchers and practitioners in the field. This will culminate in submissions to a high quality book. The key objective is to fill a gap in the existing literature on the latest advances in practice and in research by providing the audience one comprehensive source of latest trends, issues and research in the field. The book will host topics both on theoretical (research) aspects of information security management by presenting solutions and issues in the area while supplementing them with real- world implications and implementations (practice) of the research.

Target Audience
The primary audience for the book is professionals, scholars, researchers and academicians working in this field that is fast evolving and growing as an area of information assurance. Practitioners and managers working in information technology or information security areas across all industries would vastly improve their knowledge and understanding of critical human and social aspects of information security. Auditors and lawyers from organizations will also find this book as a very helpful resource.
Recommended topics include, but are not limited to, the following:

Information Security Governance Frameworks
Identification and Authentication technologies and issues
Information Security Management Frameworks
Business value, return of security investments, planning and budgeting
Security Auditing and Accountability Issues
Legal and regulatory oversight issues
Access Control Methods and Models
Incident Response and Management and Emergency Preparedness
Storage and device security
Forensics and Investigation Issues
Fraud and Identity theft issues
Enterprise Information Security Policies, Standards and Procedures
Data Loss Prevention Approaches and enforcement policies
Phishing, Pharming and other social engineering issues
Risk Management, Governance and Compliance
Security Awareness, communications and training issues
Employee monitoring and surveillance
Security economics
Messaging and Communications Security
Case studies and deployment experiences
Corporate Espionage and information warfare
National and Critical Infrastructure security issues
Vulnerability and Patch Management
Trust, Privacy and anonymity issues
Security Architectures, Models and Evaluations
Open Security Standards and Protocols
Application Security, audits and penetration testing

Submission Procedure
Researchers and practitioners are invited to submit on or before August 15, 2010, a 2-3 page chapter proposal clearly explaining the mission and concerns of his or her proposed chapter. Authors of accepted proposals will be notified by August 30, 2010 about the status of their proposals and sent chapter guidelines. Full chapters are expected to be submitted by November 30, 2010. All submitted chapters will be reviewed on a double-blind review basis. Contributors may also be requested to serve as reviewers for this project.
Publisher
This book is scheduled to be published by IGI Global (formerly Idea Group Inc.), publisher of the Information Science Reference (formerly Idea Group Reference), Medical Information Science Reference, Business Science Reference, and Engineering Science Reference imprints. For additional information regarding the publisher, please visit www.igi-global.com. This publication is anticipated to be released in 2011.

Important Dates
August 15, 2010: Proposal Submission Deadline
August 30, 2010: Notification of Proposal Acceptance
October 30, 2010: Full Chapter Submission
December 15, 2010: Review Results Returned
January 15, 2011: Revised Chapter Submission
February 1, 2011: Final Acceptance Notification
March 1, 2011: Final Chapter Submission

Inquiries and submissions can be forwarded electronically (Word document) to:
mgupta3@buffalo.eduand/or mgupta@mtb.com