The role of organizational cultures in information-systems security management: A goal-setting perspective

2008 ◽  
Vol 2 (1) ◽  
pp. 7-17 ◽  
Author(s):  
Ioannis V. Koskosas ◽  
Georgia Charitoudi ◽  
Malamati Louta
Keyword(s):  
Information Systems ◽  
Goal Setting ◽  
Security Management ◽  
Organizational Cultures ◽  
Information Systems Security ◽  
Systems Security

An Agent-Based Model of Insurance and Protection Decisions on IT Systems

2015 ◽  
Vol 7 (3) ◽  
pp. 1-17
Author(s):  
Juan Luis Santos
Keyword(s):  
Information Systems ◽  
Theoretical Approach ◽  
Information Systems Security ◽  
Agent Based Model ◽  
Security Vulnerabilities ◽  
Agent Based ◽  
Systems Security ◽  
It Systems ◽  
Game Theoretical Approach

This paper discusses the key role of incentives in information systems security. Vulnerabilities can be reduced, and even removed, if individual motivations are taken into account in the process of protection and insurance design. The article first discusses the importance of externalities, free-riding behavior, uncertainty and the incentives mismatch between individuals and organizations involved in information systems security. Previous works perform this study using a game theoretical approach but the paper shows that an agent-based model is capable of including the heterogeneity and interrelations among individuals, not focusing on the reached equilibrium but on the dynamics prior to its emergence.

The Role of Human Resource Management in Enhancing Organizational Information Systems Security

2020 ◽  
pp. 278-303
Author(s):  
Peace Kumah
Keyword(s):  
Information Systems ◽  
Resource Management ◽  
Human Resource Management ◽  
Human Resource ◽  
Employee Relations ◽  
Information Systems Security ◽  
Background Checks ◽  
Systems Security ◽  
Organizational Information

Emerging human resource management (HRM) practices are focusing on background checks, training and development, employer-employee relations, responsibility and accountability, and monitoring of information systems security resources. Information systems security ensures that appropriate resources and adequate skills exist in the organization to effectively manage information security projects. This chapter examined the role of HRM in enhancing organizational information systems security. Using importance-performance map analysis, the study found training, background checks, and monitoring as crucial HRM practices that could enhance organizational information systems security. Moreover, four indicators, consisting of training on mobile devices security; malware management; background checks; and monitoring of potential, current, and former employees recorded high importance but with rather low performance. Consequently, these indicators should be improved. On the contrary, the organizations placed excessive focus on responsibility, accountability, and employee relations.

Conceptualizing the Domain and an Empirical Analysis of Operations Security Management

2022 ◽  
pp. 533-560
Author(s):  
Winfred Yaokumah
Keyword(s):  
Information Systems ◽  
Empirical Analysis ◽  
Security Management ◽  
Information Systems Security ◽  
Computing Environment ◽  
Maturity Level ◽  
Security Controls ◽  
Systems Security ◽  
Level 3 ◽  
State Of Practice

Operations security management integrates the activities of all the information systems security controls. It ensures that the entire computing environment is adequately secured. This chapter conducts an in-depth review of scholarly and practitioner works to conceptualize the domain of operations security management. Drawing upon the existing information systems security literature, the chapter classifies operations security management into 10 domains. Following, the chapter performs an empirical analysis to investigate the state-of-practice of operations security management in organizations. The findings show that the maturity level of operations security management is at the Level 3 (well-defined). The maturity levels range from Level 0 (not performed) to Level 5 (continuously improving). The results indicate that operations security processes are documented, approved, and implemented organization-wide. Backup and malware management are the most applied operations security controls, while logging, auditing, monitoring, and reviewing are the least implemented controls.

Sign in / Sign up

Export Citation Format

Share Document