30. ICST Transactions on Information Governance
Dr. Carrie GATES
Vice President and Research Staff Member
CA Labs, USA
Carrie.Gates@ca.com
WEB
Aim and Scope:
Information governance is a set of policies and procedures that govern a piece of information from inception through to its destruction. In order to achieve the ability to govern information throughout a complete lifecycle, research from a number of disparate areas must be combined, such as privacy, compliance, management, risk and technology. In this journal we combine the different disciplines comprising information governance in order to create a forum where all of the related disciplines can publish, allowing for communication among the disciplines in order to promote understanding of the field at large.
Today's growingly complex information and communication technology environments require us to manage information within organizations and processes that span multiple administrative, legislative, political, organization, jurisdictional, and conceptual boundaries. Moreover, the regulatory needs and their impact on businesses and individuals are not well understood, beyond their technical feasibility. This disconnect between government and the business sector is as common as the more familiar gap between business requirements and technology solutions, which in itself gains a novel dimension in cross-border settings.
Governance includes the regulatory environment surrounding information, which relates to both policies and politics. Information will be subject to different regulations depending on the country where the information resides, and the type of information being maintained. For example, if the information is health related, then in the United States it would be subject to regulations of the Health Insurance Portability and Accountability (HIPAA) Act, whereas financial information would be subject to Sarbannes-Oxley compliance. Adding to this complexity is the realm of international organizations, where information might be available in multiple countries, or might move among countries. Regulations surrounding this information might even be contradictory, such as information on religion, which is standard information to be collected in Switzerland but violates privacy regulations in Canada.
We invite researchers, academicians, practitioners, and others to submit original papers describing new research, applications, or case studies that address the complexity of information governance. Papers covering technical, legal, societal, or other aspects of these areas are solicited. Of particular interest are papers that span multiple disciplines. Topics of interest include, but are not limited to:
- Frameworks and overarching issues of governance (e.g., privacy, attribution, identify management, anonymity)
- Physical and policy infrastructure of the Internet, and its role in governance
- Compliance with government regulations for multi-national corporations and networks;
- Collaborative tools, and their use in politics and e-government.
- Security and the anticipation and response to attacks that cross international boundaries; cyber crime
- Technology to advance information governance in the enterprise (e.g., advances in data leak prevention, variations on digital rights management, access control)
- Approaches to dynamic policy enforcement as information crosses regulatory domains
- The impact of different political systems and viewpoints on information governance for multinational corporations on information that crosses borders
- The effect of cultural norms on regulations and regulatory compliance
Particular value will be placed on papers that raise new concepts, describe emerging issues, and highlight modes of organizing and acting to resolve challenges or create opportunities relating to network privacy, management, compliance, governance, and risk. Papers are encouraged which will be of relevance across different constituencies: government regulators and legislators, senior private sector managers, IT professionals, and the legal community.
EIC’s keywords:
information governance, privacy, policy, security, government regulations, compliance, risk
Editor in Chief:
Dr. Carrie GATES
Vice President and Research Staff Member
CA Labs, USA
Carrie.Gates@ca.com
WEB
Bio:
Dr. Carrie Gates is a vice president and research staff member with CA Labs, the research arm within CA. She is responsible for performing research that has the potential to impact the strategic direction of CA products and services. This is achieved through the identification of opportunities within the business units at CA that can be transformed into research relationships performed in collaboration with university faculty and students, with a focus on research in the area of enterprise-level security.
Dr. Gates has over 30 peer-reviewed publications in the computer and network security field. Her current research interests include applying visualization techniques to detecting security events given highly aggregated network traffic information, a project that has been funded by the US Department of Homeland Security. She is also actively pursuing research in the areas of insider threat detection and usable security. In addition to her security research, Dr. Gates is involved in research in sense-making and network traffic analysis, and has recently done work on security architectures and cloud computing. She has given several invited talks, served on both Masters and PhD thesis committees, and is on several organizing and program committees for academic conferences in the areas of governance, forensics, insider threat, and general security.
Prior to joining CA, Dr. Gates was an analyst with CERT, Carnegie Mellon University, where she performed research in network security and large-scale traffic analysis. Algorithms she developed while in this position have been deployed into operational use at large client sites. She has also taught courses at both Dalhousie University and Columbia University. Dr. Gates received her PhD from Dalhousie University, Halifax, Canada, in May 2006.