Discovering Information Security Management
نویسنده
چکیده
This thesis is concerned with issues relating to the management of information security in organisations, motivated by the need for cost-efficient information security. It is based on the assumption that: in order to achieve cost-efficient information security, the point of departure must be knowledge about the empirical reality in which the management of information security takes place. The data gathering instruments employed are questionnaires with open-ended questions and unstructured research interviews. The empirical material is analysed, and conclusions are drawn following the principles of Grounded Theory. Data sources are professionals in the area of information security management, including information security consultants (n=13), certification auditors (n=8), and information security managers (n=8). The main contributions are: an integrated model illustrating the experts’ perceptions concerning the objectives, actors, resources, threats, and countermeasures of information security management; a framework for the evaluation, formation, and implementation of information security management systems; a new approach for the evaluation of information security in organisations; a set of success factors concerning the formation of information security management systems; and a problem inventory concerning the value and assessment of information security education and training.
منابع مشابه
A Dynamic Approach for Honeypot Management
Honeypot is a security device the value of which lies mainly in discovering and inspecting, being attacked and being at risk. Most of the present Honeypots are configured and installed on the network statically. In some cases considerations have been made on dynamic configuration of Honeypots at the time of installation but still no study have been carried out on how to instantaneously change t...
متن کاملA Knowledge Management Approach to Discovering Influential Users in Social Media
A key step for success of marketer is to discover influential users who diffuse information and their followers have interest to this information and increase to diffuse information on social media. They can reduce the cost of advertising, increase sales and maximize diffusion of information. A key problem is how to precisely identify the most influential users on social networks. In this pape...
متن کاملA Dynamic Approach for Honeypot Management
Honeypot is a security device the value of which lies mainly in discovering and inspecting, being attacked and being at risk. Most of the present Honeypots are configured and installed on the network statically. In some cases considerations have been made on dynamic configuration of Honeypots at the time of installation but still no study have been carried out on how to instantaneously change t...
متن کاملFully Distributed Service Configuration Management
Configuration management in today’s data centers is largely a human activity. Where automation does exist it is usually implemented by centralized management tools that coordinate configuration actions across the entire infrastructure and applications. These systems are limited in scale, reliability, and security. We propose that dependable service configuration management is more naturally imp...
متن کاملCritical Success Factors in implementing information security governance (Case study: Iranian Central Oil Fields Company)
The oil industry, as one of the main industries of the country, has always faced cyber attacks and security threats. Therefore, the integration of information security in corporate governance is essential and a governance challenge. The integration of information security and corporate governance is called information security governance. In this research, we identified "critical success factor...
متن کامل