Information Security Risk Management: In Which Security Solutions Is It Worth Investing?
نویسندگان
چکیده
منابع مشابه
Information Security Risk Management: In Which Security Solutions Is It Worth Investing?
This material is brought to you by the Journals at AIS Electronic Library (AISeL). It has been accepted for inclusion in Communications of the Association for Information Systems by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contact [email protected]. As companies are increasingly exposed to information security threats, decision makers are per...
متن کاملInformation Security Risk Management
The increasing dependence on information networks for business operations has focused managerial attention on managing risks posed by failure of these networks. In this paper, we develop models to assess the risk of failure on the availability of an information network due to attacks that exploit software vulnerabilities. Software vulnerabilities arise from software installed on the nodes of th...
متن کاملInformation Security Risk Management
Security breaches on the socio-technical systems organizations depend on cost the latter billions of dollars of losses each year. Although information security is a growing concern, most organizations deploy technical security measures to prevent security attacks, overlooking social and organizational threats and the risks faced because of them. In this paper, we propose a method to information...
متن کاملIdentifying Information Security Risk Components in Military Hospitals in Iran
Background and Aim: Information systems are always at risk of information theft, information change, and interruptions in service delivery. Therefore, the present study was conducted to develop a model for identifying information security risk in military hospitals in Iran. Methods: This study was a qualitative content analysis conducted in military hospitals in Iran in 2019. The sample consist...
متن کاملRisk Management in IT Service Security
This article brings a novel approach for optimized risk management in IT service information security. The new method is based on widely used international standards – best practices – for IT service management (ISO/IEC 20000) and Information security management system (ISO/IEC 27000). Firstly, the IT service information security approach is developed (based on a Service level management extens...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Communications of the Association for Information Systems
سال: 2011
ISSN: 1529-3181
DOI: 10.17705/1cais.02822