scholarly journals Assessing liability arising from information security breaches in data privacy

2011 ◽  
Vol 1 (2) ◽  
pp. 129-136 ◽  
Author(s):  
A. Mitrakas
Keyword(s):  
Information Security ◽  
Data Privacy ◽  
Security Breaches

How Bad is it? – A Branching Activity Model to Estimate the Impact of Information Security Breaches

2013 ◽  
Author(s):  
Russell Cameron Thomas ◽  
Marcin Antkiewicz ◽  
Patrick Florer ◽  
Suzanne Widup ◽  
Matthew Woodyard
Keyword(s):  
Information Security ◽  
Activity Model ◽  
Security Breaches ◽  
The Impact

The Market Value and Reputational Effects from Lost Confidential Information

2015 ◽  
Vol 5 (4) ◽  
Author(s):  
Joseph K. Tanimura ◽  
Eric W. Wehrly
Keyword(s):  
Information Security ◽  
Market Value ◽  
Direct Costs ◽  
Publicly Traded ◽  
Confidential Information ◽  
Publicly Traded Companies ◽  
Security Breaches ◽  
Customer Information ◽  
Employee Information

According to many business publications, firms that experience information security breaches suffer substantial reputational penalties. This paper examines incidents in which confidential information, for a firms customers or employees, is stolen from or lost by publicly traded companies. Firms that experience such breaches suffer statistically significant losses in the market value of their equity. On the whole, the data indicate that these losses are of similar magnitudes to the direct costs. Thus, direct costs, and not reputational penalties, are the primary deterrents to information security breaches. Contrary to many published assertions, on average, firms that lose customer information do not suffer reputational penalties. However, when firms lose employee information, we find significant reputational penalties.

scholarly journals Fuzzy-Based Symmetrical Multi-Criteria Decision-Making Procedure for Evaluating the Impact of Harmful Factors of Healthcare Information Security

Symmetry ◽  
2020 ◽  
Vol 12 (4) ◽  
pp. 664 ◽  
Author(s):  
Rajeev Kumar ◽  
Abhishek Kumar Pandey ◽  
Abdullah Baz ◽  
Hosam Alhakami ◽  
Wajdi Alhakami ◽  
...  
Keyword(s):  
Decision Making ◽  
Information Security ◽  
Information Management ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Multi Criteria Decision Making ◽  
Local Hospital ◽  
Healthcare Information ◽  
Security Breaches ◽  
The Impact

Growing concern about healthcare information security in the wake of alarmingly rising cyber-attacks is being given symmetrical priority by current researchers and cyber security experts. Intruders are penetrating symmetrical mechanisms of healthcare information security continuously. In the same league, the paper presents an overview on the current situation of healthcare information and presents a layered model of healthcare information management in organizations. The paper also evaluates the various factors that have a key contribution in healthcare information security breaches through a hybrid fuzzy-based symmetrical methodology of AHP-TOPSIS. Furthermore, for assessing the effect of the calculated results, the authors have tested the results on local hospital software of Varanasi. Tested results of the factors are validated through the comparison and sensitivity analysis in this study. Tabulated results of the proposed study propose a symmetrical mechanism as the most conversant technique which can be employed by the experts and researchers for preparing security guidelines and strategies.

scholarly journals IMPROVEMENT OF INFORMATION SECURITY OF THE COMMUNICATION PROCESS AT THE ENTERPRISE

2021 ◽  
Vol 13 (3) ◽  
pp. 156-162
Author(s):  
Nataliya Blaga ◽  
◽  
Volodymyr Hobela
Keyword(s):  
Information Security ◽  
Information Technologies ◽  
Remote Access ◽  
Communication Process ◽  
Information Structures ◽  
Essential Information ◽  
Security Breaches ◽  
Information Awareness ◽  
Concept Of Information ◽  
Medium Enterprises

The mechanism of communication process and information security at an enterprise is considered. The theoretical aspects of the communications at the enterprise are based on the variety of its form and the relation of organizational and information structures: most activities have underlying links via information processes. Thus information security of communication process has a significant impact on the information security of the enterprise as a whole. In modern conditions and circumstances, the information security of the enterprise is largely reduced to cybersecurity and suffers from most threats of the latter. However, the human factor is responsible for most of the real facts of inflicting harm due to information security breaches. Thus, traditional mechanisms of privacy and confidentiality ensuring need to be adapted to new realities. New opportunities also set new requirements for understanding the very concept of information security: information must not only be protected but also timely and accurate as far as it is possible to be provided with modern telecommunication systems and information technologies: information security is a system of information protection of the enterprise – protection against theft, delayed and inaccurate providing of essential information to the recipient inside the enterprise or outside it. There are proposed and justified four principles necessary but not sufficient to ensure efficient mechanism of information security regarding communication process at small to medium enterprises. These include information awareness of staff even if they are not advanced with information technologies, traditional methods of protection against cyber threats such as passwords and encryption, control over information flows and the infrastructure that provides them, reliable cooperation and protection of remote access. These principles should be followed by managers at all levels.

An Information Security Model for Implementing the New ISO 27001

2019 ◽  
pp. 219-242
Author(s):  
Margareth Stoll
Keyword(s):  
Information Security ◽  
Data Privacy ◽  
Business Processes ◽  
International Standard Organization ◽  
Security Model ◽  
Privacy And Security ◽  
Holistic Model ◽  
Common Structure ◽  
Standard Organization ◽  
Iec 27001

The importance of data privacy, information availability, and integrity is increasingly recognized. Sharpened legal requirements and increasing data leakages have further promoted data privacy. In order to implement the different requirements in an effective, efficient, and sustainable way, the authors integrate different governance frameworks to their holistic information security and data privacy model. More than 1.5 million organizations worldwide are implementing a standard-based management system. In order to promote the integration of different standards, the International Standard Organization (ISO) released a common structure. ISO/IEC 27001 for information security management was changed accordingly in October 2013. The holistic model fulfills all requirements of the new version. Its implementation in several organizations and the study's results are described. In that way data privacy and security are part of all strategic, tactical, and operational business processes, promote corporate governance and living security, as well as the fulfillment of all standard requirements.

It's Not My Fault

2019 ◽  
Vol 30 (3) ◽  
pp. 18-37
Author(s):  
Tawei Wang ◽  
Yen-Yao Wang ◽  
Ju-Chun Yen
Keyword(s):  
Information Security ◽  
Information Transfer ◽  
Large Data ◽  
Future Research ◽  
Data Set ◽  
Security Breach ◽  
Security Breaches ◽  
Personally Identifiable Information ◽  
Types Of Information ◽  
Transfer Of Information

This article investigates the transfer of information security breach information between breached firms and their peers. Using a large data set of information security incidents from 2003 to 2013, the results suggest that 1) the effect of information security breach information transfer exists between breached firms and non-breached firms that offer similar products and 2) the effect of information transfer is weaker when the information security breach is due to internal faults or is related to the loss of personally identifiable information. Additional tests demonstrate that the effect of information transfer exhibits consistent patterns across time and with different types of information security breaches. Finally, the effect does not depend on whether the firms are IT intensive. Implications, limitations, and future research are discussed.

scholarly journals Modeling of storage processes using Petri nets

2020 ◽  
Vol 175 ◽  
pp. 05038
Author(s):  
Marina Ganzhur ◽  
Nikita Dyachenko ◽  
Andrey Gazizov ◽  
Arthur Otakulov ◽  
Dmitry Romanov
Keyword(s):  
Information Security ◽  
Production Process ◽  
Scientific Community ◽  
Cyber Physical Systems ◽  
Critical Conditions ◽  
Classical Approach ◽  
Physical Systems ◽  
Security Breaches ◽  
Analysis And Synthesis ◽  
Storage Processes

Cyber-physical systems are actively explored in the global and domestic scientific community. It is expected that cyber-physical systems will minimize human participation in the production process, as well as in many other areas of society. At the same time, the information security aspect of the interaction of elements remains insufficiently studied. The classical approach to ensuring security is aimed at counteracting a clear destructive information impact - when information security breaches have obvious signs. The risk of failure of one object of the system can lead to critical conditions. Safety modeling of managerial structures is reduced to considering the operability of the functions of the intermediate link and the interaction between objects that make decisions on the management and generating teams. By analyzing these transitions in limiting cases, it allows the use of analysis and synthesis approaches based on structural schemes and logical relationships.

Sign in / Sign up

Export Citation Format

Share Document