Andrew Stewart
I am an information security professional employed as an officer at a global investment bank. I am also a part-time PhD student in the School of Security Studies at King's College London.
I received my M.Sc. in Information Security from Royal Holloway, University of London. My book A Vulnerable System: The History of Information Security in the Computer Age was published by Cornell University Press in September, 2021.
This page lists my academic work.
Email:
andrewinfosec@gmail.com / andrew.james.stewart@kcl.ac.uk
Google Scholar: https://scholar.google.com/citations?user=EFFU4wsAAAAJ
Academic Work
Books
- A. J. Stewart, A Vulnerable System: The History of Information Security in the Computer Age, Cornell University Press, 2021. This book was reviewed in California History, in Technology & Culture, in IEEE Cipher - the newsletter of the IEEE Technical Committee on Security & Privacy, and in Login - a publication of The Advanced Computing Systems Association. It was also inducted into the Cybersecurity Canon Hall of Fame at The Ohio State University, and translated into Japanese and Mandarin. [JSTOR; Project MUSE; Oxford University Press; Cornell University Press blog post].
- A. Shostack & A. Stewart, The New School of Information Security, Addison-Wesley, 2008. This book was used at Harvard Kennedy School, Drexel University, the Heinz School of Public Policy and Management at Carnegie Mellon University, and was reviewed in IEEE Cipher.
Refereed Journal Articles
- A. Stewart & M. Handy, The Design and Implementation of an Insider Threat Maturity Model, Counter-Insider Threat Research and Practice (2024).
- A. Stewart, A Utilitarian Re-Examination of Enterprise-Scale Information Security Management, Information and Computer Security 26, no. 1 (2018): 39-57.
- A. Stewart, Can Spending on Information Security be Justified? Evaluating the Security Spending Decision from the Perspective of a Rational Actor, Information Management & Computer Security 20, no. 4 (2012): 312-326.
- A. Stewart, A Contemporary Approach to Network Vulnerability Assessment, Network Security 2005, no. 4 (2005): 7-10.
- A. Stewart, Information Security Technologies as a Commodity Input, Information Management & Computer Security 13, no. 1 (2005): 5-15.
- A. Stewart, On Risk: Perception and Direction, Computers & Security 23, no. 5 (2004): 362-370.
- A. Stewart, No Illusions: Rethinking Information Security Policies and Standards, Information Security Bulletin 8, (2003): 229-234.
Refereed Conference Papers
Technical Reports
- A. Stewart, A Utilitarian Re-Examination of Enterprise-Scale Information Security Management, Department of Mathematics, Royal Holloway, University of London, 2014. This M.Sc. thesis was subsequently published in Information and Computer Security 26, no. 1 (2018): 39-57.
Other Papers
Academic Service
- In April 2024, I achieved a long-held goal of completing 100 academic journal peer-reviews.
Education
- M.Sc. Information Security, with Distinction, Information Security Group, Royal Holloway, University of London, 2013.
- MBA, Emory University, 2009.
- B.Sc. Computing, with Honors, Oxford Brookes University, 1997.
Thu Oct 24 10:04:56 PDT 2024