Homework 2

Part 1 (50 Points) Write an article of about 3-4 page report (11 point, New times roman, single spacing) based on the two papers listed below. You are free to choose the style of your writing - you may summarize the essential issues addressed in the two papers; be a critic of the papers highlighting/comparing the strengths and weaknesses; build on the ideas discussed there; or do a mix of these. You are encouraged to incorporate issues we have discussed in the lectures, whereever it applies. 

  1. M. Whitman, "Enemy At the Gate: Threats to Information Security" , Communications of the ACM, Vol 46, No.8, AUgust, 2003, (Threats1.pdf)

  2. Ghi Paul IM, Richard L. Baskerville, "A Longitudinal Study of Information Systems Threat Categories: The Enduring Problem of Human Error.", The Database Advances in Information Systems, Vol. 36, No. 4, 2005. (Threats2.pdf)

Part 2 (50 Points) Assume that you are a newly employed CISO for the University of Pittsburgh and starting soon. As the first task you decide to analyze the web-pages related to the Information Security in the University of Pittsburgh. Based on the various topics covered till today, analyze the current status and project how you would like to proceed. (write comments/critique on the current status; make notes as to what new plan/programs or modifications to the existing items you would want to start exploring; make notes as to what items are not clear and you would want to analyze further after meeting with the staff). There is no page-limit for this part. (Note:

Homework is due on Wednesday, Feb 6, 2008, by 11:59PM