This publication discusses advanced knowledge management techniques based on information splitting and sharing algorithms for secret, strategic information. Information splitting techniques will be dedicated to problems of secure information storage and managing sets of strategic data. The management of strategic corporate/organisational data will provide the illustration of the discussion of k...

A metadata model is proposed to represent security configuration and management information. This model can be used to aid dynamic security management and configuration. The exchange of security information within the context of a social interaction and policing model can promote improved safety and security. An application of the model to manage message exchange using a secure message envelope...

Due to the growing dependence of information society on Information and Communication Technologies, the need to protect information is getting more and more important for enterprises. In this context, Information Security Management Systems (ISMSs), have arisen for supporting the processes and systems for effectively managing information security. The fact of having these systems available has ...

The security of information system is like a chain. Its strength is affected by the weakest knot. Since we can achieve 100% Information Security Management System (ISMS) security, we must cautiously fulfill the certification and accreditation of information security. In this paper, we analyzed, studied the evaluation knowledge and skills required for auditing the certification procedures for th...

this paper aims to recognise information security policies (isp) and their relationship with the effectiveness of the management information systems (mis) of the major palestinian universities in the gaza strip. the researchers used the descriptive analytical approach. they used a questionnaire as a research tool. they used a stratified random sample to explore viewpoints of the research sample...

For authoritative definitions related to CMRS one may consult NIST publication SP 800-137 [NIST 2011], where Information Security Continuous Monitoring is defined as “... maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions, ” or DISA, which defines CMRS as “...visibility of cyber risks and demonstrates the abili...

IT security preparedness exercises allow for practical collaborative training, which in turn leads to improved response capabilities to information security incidents for an organization. However, such exercises are not commonly performed in the electric power industry. We have observed a tabletop exercise as performed by three organizations with the aim of understanding challenges of performin...

! ABSTRACT Purpose The lack of a security evaluation method might expose organizations to several risky situations. This paper aims at presenting a cyclical evaluation model of information security maturity. Design/methodology/approach This model was developed through the definition of a set of steps to be followed in order to obtain periodical evaluation of maturity and continuous improvement ...

Organisations are under constant pressure from governments and industry to implement risk management methods. There are various information security risk management methods available that organisations can implement, and each has different approaches to identifying, measuring, controlling and monitoring the information security risks. Organisations find it difficult to select an information sec...