Using IT Benchmarking Principles to Design an Information Security Benchmark Model
نویسندگان
چکیده
This paper examines the current state of IT benchmarking and the problem of using conventional IT benchmarking models to benchmark Information Security environments. A framework is presented as a starting point for further development to obtain a fully-fledged, operational Information Security benchmark model. This model will determine what money companies are spending on Information Security and whether there is a correlation between the level of Information Security, cost and effectiveness. Once this model has been fully developed and populated, companies will be able to use it as a benchmark tool to determine the cost efficiency of their information security environments. One of the key outputs of this model will be a list of possible areas or actions that companies should focus on in order to improve Information Security efficiencies.
منابع مشابه
Development of an Artifact for Benchmarking Information Security Policy
Benchmarking of information security policies has two challenges: lack of communication between organizations and no two organizations are identical. In this paper, we attempt to propose an artifact for a benchmarking method of information security policy (BMISP), which can resolve the above challenges. We employ design science methodology, activity theory and international standards to design ...
متن کاملEvaluating the Efficiency and Benchmarking of Regions in an Electricity Distribution Company Using a Public Lighting Asset Management Model
Public lighting networks are constructed and maintained to provide social security and traffic safety. Due to the expansion of cities, the development in public lighting is inevitable. In addition to new investment, the public lighting service and maintenance program imposes high costs on distribution companies. Since performance assessment methods focus on a combination of key performance indi...
متن کاملAn Efficiency Measurement and Benchmarking Model Based on Tobit Regression, GANN-DEA and PSOGA
The purpose of this study is designing a model based on Tobit regression, DEA, Artificial Neural Network, Genetic Algorithm and Particle Swarm Optimization to evaluate the efficiency and also benchmarking the efficient and inefficient units. This model has three stages, and it uses the data envelopment analysis combined model with neural network, optimized by genetic algorithm, to evaluate the ...
متن کاملA Model and Framework for Online Security Benchmarking
The variety of threats and vulnerabilities within the online business environment are dynamic and thus constantly changing in how they impinge upon online functionality, compromise organizational or customer information, contravene security implementations and thereby undermine online customer confidence. To nullify such threats, online security management must become proactive, by reviewing an...
متن کاملReturn On Security Investment (ROSI) - A Practical Quantitative Modell
Organizations need practical security benchmarking tools in order to plan effective security strategies. This paper explores a number of techniques that can be used to measure security within an organization. It proposes a new benchmarking methodology that produces results that are of strategic importance to both decision makers and technology implementers. The approach taken reflects a work-in...
متن کامل