In the current society of rapid expansion information, big data have achieved vigorous development in all walks life, considerably promoting transmission and information sharing. Meanwhile, individuals are becoming increasingly reliant on Internet, but at same time, threat security posed by is visible. As a result, how to protect has piqued interest both government businesses. The essence manag...

The gap between the knowledge and the practices regarding the computer and Internet use are the major factors which influence security of Information. A survey was performed on the education institutions in Oman to investigate the level of information security awareness among various entities. The survey focused on the following factors of IT Security: Demographics, Internet usage, Awareness ab...

Today business environment is highly dependent on complex technologies, and information is considered an important asset. Organizations are therefore required to protect their information infrastructure and follow an inclusive risk management approach. One way to achieve this is by aligning the information security investment decisions with respect to organizational strategy. A large number of ...

The prevalent approach to analysis of information security is typically event-centric and ad-hoc based primarily on risk management principles. However, we believe that scholars and practitioners in the information security field can benefit significantly from the experiences and principles of quality management, where process orientation dominates and continuous improvement is the essence. Thi...

This paper presents the findings of an empirical study of certification auditors’ and information security consultants’ experiences and insights concerning the implementation and certification of information security management systems. Using an action research strategy and a grounded theory research method, the study describes these particular experiences and insights primarily in terms of cri...