Aligning Security Awareness With Information Systems Security Management
作者: Aggeliki Tsohou , Evangelos A. Kiountouzis , Spyros Kokolakis , Maria Karyda
DOI:
关键词: Security management 、 Security information and event management 、 Knowledge management 、 Information security awareness 、 Business 、 Information security management 、 Security convergence 、 Security awareness 、 Certified Information Security Manager 、 Security service
摘要: This paper explores the way information security awareness connects to overall management framework it serves. To date, formulation of initiatives has tended ignore important relationship with context, and vice versa. In this we show that two processes can be aligned so as ensure activities serve strategy exploits benefits an effective effort. do so, analyze using a process analysis explore their interactions. The identification these interactions results in making us able place instead viewing isolated mechanism.
参考文章(14)
Susan Hansche, Designing a Security Awareness Program: Part 1 Information Systems Security. ,vol. 9, pp. 1- 9 ,(2001) , 10.1201/1086/43298.9.6.20010102/30985.4
Thomas H Davenport, James E Short, None, The New Industrial Engineering: Information Technology and Business Process Redesign ,(2011)
Richard Power, Dario Forte, Case Study: a bold new approach to awareness and education, and how it met an ignoble fate Computer Fraud & Security. ,vol. 2006, pp. 7- 10 ,(2006) , 10.1016/S1361-3723(06)70355-4
Phil Spurling, Promoting security awareness and commitment Information Management & Computer Security. ,vol. 3, pp. 20- 26 ,(1995) , 10.1108/09685229510792988
Gary Katzenstein, F. Javier Lerch, Beneath the surface of organizational processes ACM Transactions on Information Systems. ,vol. 18, pp. 383- 422 ,(2000) , 10.1145/358108.358111
Everett C. Johnson, Awareness Training: Security awareness: switch to a better programme Network Security archive. ,vol. 2006, pp. 15- 18 ,(2006) , 10.1016/S1353-4858(06)70337-3
Peter O. Okenyi, Thomas J. Owens, On the Anatomy of Human Hacking Information Systems Security. ,vol. 16, pp. 302- 314 ,(2007) , 10.1080/10658980701747237
L. Drevin, H.A. Kruger, T. Steyn, Value-focused assessment of ICT security awareness in an academic environment Computers & Security. ,vol. 26, pp. 36- 43 ,(2007) , 10.1016/J.COSE.2006.10.006
Kevin Crowston, Process as Theory in Information Systems Research HOIT '00 Proceedings of the IFIP TC9 WG9.3 International Conference on Home Oriented Informatics and Telematics,: Information, Technology and Society. pp. 149- 166 ,(2000) , 10.1007/978-0-387-35505-4_10