Information Security Risk Management: An Intelligence-Driven Approach
نویسندگان
چکیده
منابع مشابه
Towards an Intelligence-Driven Information Security Risk Management Process for Organisations
Three deficiencies exist in information security under prevailing practices: organisations tend to focus on compliance over protection; to estimate risk without investigating it; and to assess risk on an occasional (as opposed to continuous) basis. These tendencies indicate that important data is being missed and that the situation awareness of decision-makers in many organisations is currently...
متن کاملAn economic modelling approach to information security risk management
This paper presents an approach enabling economic modelling of information security risk management in contemporaneous businesses and other organizations. In the world of permanent cyber attacks to ICT systems, risk management is becoming a crucial task for minimization of the potential risks that can endeavor their operation. The prevention of the heavy losses that may happen due to cyber atta...
متن کاملInformation Security Risk Management
The increasing dependence on information networks for business operations has focused managerial attention on managing risks posed by failure of these networks. In this paper, we develop models to assess the risk of failure on the availability of an information network due to attacks that exploit software vulnerabilities. Software vulnerabilities arise from software installed on the nodes of th...
متن کاملInformation Security Risk Management
Security breaches on the socio-technical systems organizations depend on cost the latter billions of dollars of losses each year. Although information security is a growing concern, most organizations deploy technical security measures to prevent security attacks, overlooking social and organizational threats and the risks faced because of them. In this paper, we propose a method to information...
متن کاملRisk Management in the context of Information Security: a Model-Driven approach
Information security is concerned with the requirements of availability, integrity, and confidentiality of information’s assets, which are fundamental to the long-term survival of an organization. Information security relies in risk management for security risks identification, evaluation and treatment, according to the ISO 31000. The methodologies supporting information security implementation...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Australasian Journal of Information Systems
سال: 2014
ISSN: 1449-8618,1449-8618
DOI: 10.3127/ajis.v18i3.1096