Manish Gupta

Manish Gupta is Manager of Information Risk Assurance at BlueCross BlueShield of Western New York and Adjunct Assistant Professor at State University of New York at Buffalo. He has more than 15 years of leadership experience in cybersecurity and IT risk management. Prior to his current role, he was VP of cybersercurity at one of the 15 largest banks in the US. Over the years, he has established, led and governed programs for corporate security awareness, threat and vulnerability management, regulatory and compliance, risk management and governance, security architecture and cybersecurity capabilities. He has authored or coauthored more than 70 research articles that are published in journals, books and conference proceedings. His research has won best paper awards and has been published in MISQ, DSS, ACM Transactions, JOEUC amongst others. He has edited or co-edited 7 books in the area of information assurance, cybersecurity and risk management. He holds several professional designations including CISSP, CISM, CISA, CRISC, CFE and PMP. He teaches graduate level courses in IT Auditing and IT Risk Management at SUNY Buffalo. He received PhD (Management/MIS) and MBA from State University of New York at Buffalo in 2011 and 2003, respectively and a bachelors degree in Mechanical Engineering from IET Lucknow, India in 1998.

Publications

Modernizing Enterprise IT Audit Governance and Management Practices
Modernizing Enterprise IT Audit Governance and Management Practices
Manish Gupta, Raj Sharman. © 2023. 318 pages.
Information technology auditing examines an organization's IT infrastructure, applications, data use, and management policies, procedures, and operational processes against...
Auditing Agile Release Management: Balancing Speed and Control
Auditing Agile Release Management: Balancing Speed and Control
Nikitha Agnew, Manish Gupta, Raj Sharman. © 2023. 43 pages.
The management of software releases is a significant element for most businesses. However, many organizations suffer from poor release management due to rapid demand for the...
Auditing Low-Code and No-Code Platforms Securing Citizen Development
Auditing Low-Code and No-Code Platforms Securing Citizen Development
Ajeethra Balamurugan, Harshitha Anand Shetty, Karthikeyan Muthumani Sengunthar, Manish Gupta. © 2023. 27 pages.
Low-code and no-code applications are increasingly becoming the technology of choice for many professionals in the digital workplace. According to Gartner data, 70% of new apps...
Auditing Customer Identity and Access Management
Auditing Customer Identity and Access Management
Sushmita Podugu, Vamsi Krishna Rayapureddi, Manish Gupta. © 2023. 30 pages.
Customer identity and access management (CAIM) is an emerging field that is a subset of traditional identity and access management. Authenticating, authorizing, and granting...
Auditing an Agile Development Operations Ecosystem
Auditing an Agile Development Operations Ecosystem
Aishwarya Subramanian, Priyadarsini Kannan Krishnamachariar, Manish Gupta, Raj Sharman. © 2022. 23 pages.
In an enterprise software development, DevOps is a practice of integrating development and operations to deliver cost-efficient, improved quality solutions to the customer by...
A Tale of Policies and Breaches: Analytical Approach to Construct Social Media Policy
A Tale of Policies and Breaches: Analytical Approach to Construct Social Media Policy
Neha Singh, Tanya Mittal, Manish Gupta. © 2021. 29 pages.
While the use of social media offers great opportunities to interact with customers and business partners, there are significant risks associated with this technology if a clear...
Cloud Risk Resilience: Investigation of Audit Practices and Technology Advances - A Technical Report
Cloud Risk Resilience: Investigation of Audit Practices and Technology Advances - A Technical Report
Akhilesh Mahesh, Niranjali Suresh, Manish Gupta, Raj Sharman. © 2020. 31 pages.
Cloud computing has been instrumental in transforming the way we store, access and process data. With mobility being the primary objective of the current market, cloud computing...
Impact of Technology Innovation: A Study on Cloud Risk Mitigation
Impact of Technology Innovation: A Study on Cloud Risk Mitigation
Niranjali Suresh, Manish Gupta. © 2019. 31 pages.
Cloud enables computing as a utility by offering convenient, on-demand network access to a centralized pool of configurable computing resources that can be rapidly deployed with...
Cloud Risk Resilience: Investigation of Audit Practices and Technology Advances - A Technical Report
Cloud Risk Resilience: Investigation of Audit Practices and Technology Advances - A Technical Report
Akhilesh Mahesh, Niranjali Suresh, Manish Gupta, Raj Sharman. © 2019. 27 pages.
Cloud computing has been instrumental in transforming the way we store, access and process data. With mobility being the primary objective of the current market, cloud computing...
Fortifying Corporate Human Wall: A Literature Review of Security Awareness and Training
Fortifying Corporate Human Wall: A Literature Review of Security Awareness and Training
Anandharaman Pattabiraman, Sridhar Srinivasan, Kaushik Swaminathan, Manish Gupta. © 2018. 34 pages.
It has been very evident from data breaches from last few years that attackers are increasingly targeting the path of least resistance to compromise the security of...
A Tale of Policies and Breaches: Analytical Approach to Construct Social Media Policy
A Tale of Policies and Breaches: Analytical Approach to Construct Social Media Policy
Neha Singh, Tanya Mittal, Manish Gupta. © 2018. 37 pages.
While the use of social media offers great opportunities to interact with customers and business partners, there are significant risks associated with this technology if a clear...
Impact of Technology Innovation: A Study on Cloud Risk Mitigation
Impact of Technology Innovation: A Study on Cloud Risk Mitigation
Niranjali Suresh, Manish Gupta. © 2018. 39 pages.
Cloud enables computing as a utility by offering convenient, on-demand network access to a centralized pool of configurable computing resources that can be rapidly deployed with...
Swimming Upstream in Turbulent Waters: Auditing Agile Development
Swimming Upstream in Turbulent Waters: Auditing Agile Development
Priyadarsini Kannan Krishnamachariar, Manish Gupta. © 2018. 33 pages.
Agile approach is a pragmatic fashion of software development, wherein the requirements are flexible to the changing needs of the customers, fast paced markets and the iterations...
Swimming Upstream in Turbulent Waters: Auditing Agile Development
Swimming Upstream in Turbulent Waters: Auditing Agile Development
Priyadarsini Kannan Krishnamachariar, Manish Gupta. © 2018. 26 pages.
Agile approach is a pragmatic fashion of software development, wherein the requirements are flexible to the changing needs of the customers, fast paced markets and the iterations...
Auditing an Agile Development Operations Ecosystem
Auditing an Agile Development Operations Ecosystem
Aishwarya Subramanian, Priyadarsini Kannan Krishnamachariar, Manish Gupta, Raj Sharman. © 2018. 21 pages.
In an enterprise software development, DevOps is a practice of integrating development and operations to deliver cost-efficient, improved quality solutions to the customer by...
Identity Management Systems: Models, Standards, and COTS Offerings
Identity Management Systems: Models, Standards, and COTS Offerings
Reema Bhatt, Manish Gupta, Raj Sharman. © 2017. 27 pages.
Identity management is the administration of an individual's access rights and privileges in the form of authentication and authorization within or across systems and...
How Private Is Your Financial Data?: Survey of Authentication Methods in Web and Mobile Banking
How Private Is Your Financial Data?: Survey of Authentication Methods in Web and Mobile Banking
Vidya Mulukutla, Manish Gupta, H. R. Rao. © 2017. 31 pages.
The ease and convenience of Internet Banking or e-banking has made it the most preferred way for customers as well as the banking industry alike. The fact that e-banking enables...
Handbook of Research on Emerging Developments in Data Privacy
Handbook of Research on Emerging Developments in Data Privacy
Manish Gupta. © 2015. 507 pages.
Data collection allows today’s businesses to cater to each customer’s individual needs and provides a necessary edge in a competitive market. However, any breach in...
Identity Management Systems: Models, Standards, and COTS Offerings
Identity Management Systems: Models, Standards, and COTS Offerings
Reema Bhatt, Manish Gupta, Raj Sharman. © 2015. 26 pages.
Identity management is the administration of an individual's access rights and privileges in the form of authentication and authorization within or across systems and...
How Private Is Your Financial Data?: Survey of Authentication Methods in Web and Mobile Banking
How Private Is Your Financial Data?: Survey of Authentication Methods in Web and Mobile Banking
Vidya Mulukutla, Manish Gupta, H. R. Rao. © 2015. 28 pages.
The ease and convenience of Internet Banking or e-banking has made it the most preferred way for customers as well as the banking industry alike. The fact that e-banking enables...
Virtual Worlds: A Review
Virtual Worlds: A Review
Manish Gupta, Sung Jin, G. Lawrence Sanders, Barbara A. Sherman, Anand Simha. © 2014. 51 pages.
Virtual Worlds have emerged as important socio-technical artifacts with the potential to impact many important facets of contemporary society and to enable unique, novel business...
Digital Identity and Access Management: Technologies and Frameworks
Digital Identity and Access Management: Technologies and Frameworks
Raj Sharman, Sanjukta Das Smith, Manish Gupta. © 2012. 498 pages.
Digital identity and access management (DIAM) systems are essential to security frameworks for their ability to rapidly and consistently confirm identities and to control...
Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions
Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions
Manish Gupta, John Walp, Raj Sharman. © 2012. 491 pages.
Organizations, worldwide, have adopted practical and applied approaches for mitigating risks and managing information security program. Considering complexities of a large-scale...
Threats, Countermeasures, and Advances in Applied Information Security
Threats, Countermeasures, and Advances in Applied Information Security
Manish Gupta, John Walp, Raj Sharman. © 2012. 319 pages.
Organizations are increasingly relying on electronic information to conduct business, which has caused the amount of personal information to grow exponentially. Threats...
Coming of Age or Just off the Boat?: A Review of Contemporary Identity Management Systems
Coming of Age or Just off the Boat?: A Review of Contemporary Identity Management Systems
Raj Sharman, Ryan Kendrick, Manish Gupta. © 2012. 17 pages.
Identity management (IdM) systems are information systems that help to manage an individual’s credentials. This occurs through the establishment, description, maintenance, and...
Who is Guarding the Doors: Review of Authentication in E-Banking
Who is Guarding the Doors: Review of Authentication in E-Banking
Manish Gupta, Pradeep Kumar KB, H. R. Rao. © 2012. 17 pages.
Internet banking has become the preferred channel for conducting banking activities across globe and amongst all social demographics. Only a few other technological adoptions can...
Understanding Evolution of Virtual Worlds Research: A Content Analytic Approach
Understanding Evolution of Virtual Worlds Research: A Content Analytic Approach
Manish Gupta, Rui Chen. © 2012. 25 pages.
Virtual worlds are emerging as important socio-technical artifacts in contemporary society. Improvements in technology – both hardware and software performance and costs – have...
Impact of Web Portal Announcements on Market Valuations: An Event Study
Impact of Web Portal Announcements on Market Valuations: An Event Study
Manish Gupta, Raj Sharman. © 2012. 17 pages.
Organizations providing enhanced electronic services to their customers have exponentially increased in past years. The benefits of web-portals to companies and to customers are...
Getting Real About Virtual Worlds: A Review
Getting Real About Virtual Worlds: A Review
Manish Gupta, Sung Jin, G. Lawrence Sanders, Barbara A. Sherman, Anand Simha. © 2012. 46 pages.
Virtual worlds have emerged as important socio-technical artifacts in contemporary society. They have enabled unique business models in the digital economy. This paper presents a...
Advances in Information Security, Privacy, and Ethics
Advances in Information Security, Privacy, and Ethics
Manish Gupta. 2010.
As digital technologies become more pervasive in everyday life and the Internet is utilized in ever increasing ways by both private and public entities, concern over digital...
Impact of Web Portal Announcements on Market Valuations: An Event Study
Impact of Web Portal Announcements on Market Valuations: An Event Study
Manish Gupta, Raj Sharman. © 2010. 17 pages.
Organizations providing enhanced electronic services to their customers have exponentially increased in past years. The benefits of web-portals to companies and to customers are...
Handbook of Research on Social and Organizational Liabilities in Information Security
Handbook of Research on Social and Organizational Liabilities in Information Security
Manish Gupta, Raj Sharman. © 2009. 596 pages.
As the diffusion and use of technology applications have accelerated in organizational and societal domains, behavioral and social dynamics have inevitably created the potential...
Social and Human Elements of Information Security: Emerging Trends and Countermeasures
Social and Human Elements of Information Security: Emerging Trends and Countermeasures
Manish Gupta, Raj Sharman. © 2009. 412 pages.
More often than not, it is becoming increasingly evident that the weakest links in the information-security chain are the people. Due an increase in information security threats...
International Journal of Web Portals (IJWP)
International Journal of Web Portals (IJWP)
Mehdi Khosrow-Pour. Est. 2009.
Web portals are one of the most important components in the context of business integration. The International Journal of Web Portals (IJWP) is a high-quality refereed journal on...
Emerging Frameworks in User-Focused Identity Management
Emerging Frameworks in User-Focused Identity Management
Manish Gupta, Raj Sharman. © 2009. 16 pages.
A paradigm shift is occurring in identity management philosophy. User-focused identity management is one the emerging and most promising paradigms. One of the fundamental...
Implications of FFIEC Guidance on Authentication in Electronic Banking
Implications of FFIEC Guidance on Authentication in Electronic Banking
Manish Gupta, JinKyu Lee, H. R. Rao. © 2009. 13 pages.
The Internet has emerged as the dominant medium in enabling banking transactions. Adoption of e-banking has witnessed an unprecedented increase over the last few years. In...
Security-Efficient Identity Management Using Service Provisioning (Markup Language)
Security-Efficient Identity Management Using Service Provisioning (Markup Language)
Manish Gupta. © 2009. 11 pages.
Enterprises are increasingly interested in new and cost effective technologies to leverage existing investments in IT and extend capabilities to reduce costs and improve security...
Research Notes on Emerging Areas of Conflict in Security
Research Notes on Emerging Areas of Conflict in Security
Donald Murphy, Manish Gupta, H.R. Rao. © 2009. 16 pages.
We present five emerging areas in information security that are poised to bring the radical benefits to the information security practice and research. We have selected these...
Security Requirements Elicitation: An Agenda for Acquisition of Human Factors
Security Requirements Elicitation: An Agenda for Acquisition of Human Factors
Manish Gupta. © 2009. 10 pages.
Information security is becoming increasingly important and more complex as organizations are increasingly adopting electronic channels for managing and conducting business....
Security of Alternative Delivery Channels in Banking: Issues and Countermeasures
Security of Alternative Delivery Channels in Banking: Issues and Countermeasures
Manish Gupta, H. Raghav Rao, Shambhu Upadhyaya. © 2009. 23 pages.
To sustain competitive advantages, financial institutions continuously strive to innovate and offer new banking channels to their customers as technology creates new dimensions...
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Manish Gupta, Raghav Rao, Shambhu Upadhyaya. © 2008. 20 pages.
Information assurance is a key component in e-banking services. This article investigates the information assurance issues and tenets of e-banking security that would be needed...
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Manish Gupta, Raghav Rao, Shambhu Upadhyaya. © 2008. 20 pages.
Information assurance is a key component in e-banking services. This article investigates the information assurance issues and tenets of e-banking security that would be needed...
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Manish Gupta, Raghav Rao, Shambhu Upadhyaya. © 2008. 20 pages.
Information assurance is a key component in e-banking services. This article investigates the information assurance issues and tenets of e-banking security that would be needed...
Managing Information Assurance in Financial Services
Managing Information Assurance in Financial Services
H.R. Rao, Manish Gupta, Shambhu J. Upadhyaya. © 2007. 346 pages.
While advances in information technology and the adoption of Internet as service delivery channels have enabled financial service institutions to provide more convenient...
Role of FS-ISAC in Countering Cyber Terrorism
Role of FS-ISAC in Countering Cyber Terrorism
Manish Gupta, H. R. Rao. © 2007. 8 pages.
In recent times, reliance on interconnected computer systems to support critical operations and infrastructures and, at the same time, physical and cyber threats and potential...
Pharming Attack Designs
Pharming Attack Designs
Manish Gupta. © 2007. 7 pages.
Pharming is emerging as a major new Internet security threat. Pharming has overtaken “phishing” as the most dangerous Internet scam tactic, according to the latest Internet...
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Electronic Banking and Information Assurance Issues: Survey and Synthesis
Manish Gupta, Raghav Rao, Shambhu Upadhyaya. © 2005. 24 pages.
Information assurance is a key component in e-banking services. This article investigates the information assurance issues and tenets of e-banking security that would be needed...
Electronic Banking and Information Assurance Issues: Surveys and Synthesis
Electronic Banking and Information Assurance Issues: Surveys and Synthesis
Manish Gupta, Raghav Rao, Shambhu Upadhyaya. © 2004. 21 pages.
Information assurance is a key component in e-banking services. This article investigates the information assurance issues and tenets of e-banking security that would be needed...