Security Information and Event Management (SIEM) is the combined form of Security Information Management (SIM) and Security Event Management (SEM), where SIM collects accounting and audits logs at large volume and SEM analysis those logs, picks out the important behaviours and flagging them for review via alerts. It is focused on the need of SIEM for the purpose of security of the data in a pre...

Individual decision making in computer security risk plays a critical role in successful information security management. This paper describes a study that investigated how individuals make tradeoffs regarding computer security risk. The study asked subjects to make decisions on two hypothetical scenarios in which subjects were asked to choose between avoiding computer security risk and accepti...

The aim of this paper is to study the management of Information Technology (IT) security in Kenyan Small and Medium Enterprises (SMEs). Particularly, this study looks at whether SMEs have a designated employee in charge of IT security, whether SMEs seek external expertise about IT security where it is not internally available and if employees are aware that IT security incidents should be repor...

Information security has been a crucial strategic issue in organizational management. Information security management is a systematic process of effectively coping with information security threats and risks in an organization. With the pressure of high implementation and maintenance cost, organizations need to distinguish between controls they need and those that are less critical. Applying cr...

It has already been a trend for the management of animal husbandry in farms to employ the advanced management system(MIS)and the software-developing platform to scientifically manage the information about animal husbandry in farms through the network. This is a network system that combines B/S structure and ASP techniques, and the method adopts both the computer network technology and database ...

In work previously done by the authors, various human aspects of Information Assurance were identified. These comprise Social and Psychological aspects, the effects of Psycho-social risk at the workplace, the application of Influence techniques, user response to Social Engineering Methods and choices based on Economic considerations. Even though these aspects have been shown to gravely affect I...

The principal aim of this paper is to examine an innovative approach to determine the extent that an organisation complies with a generally-accepted information security management standard. This new approach is modelled on the Goal Attainment Scaling (GAS) methodology and is combined with a set of baseline security controls extracted from the International Standard AS/NZS ISO/IEC 17799: 2001. ...

Compelled to improve information security by the introduction of personal data protection legislation, organizations worldwide are adopting standardized security management guidelines to inform their internal processes. This paper analyzes whether existing security management standards support process requirements for personal data management, drawing from experience with security policies in p...

The present paper aims to successfully deal with the needs of information security functions by providing a management tool which links business and information security objectives. In the past terms, information security has become fortunately a top management topic due to the recognition of the continuously increasing dependencies of the overall business success on secure information and info...