Investigation of Information Security Management Practices in Indian Pubic Sector Banks

2008 ◽  
Author(s):  
H. Diwakar ◽  
A. Naik
Keyword(s):  
Information Security ◽  
Management Practices ◽  
Security Management ◽  
Information Security Management

A utilitarian re-examination of enterprise-scale information security management

2018 ◽  
Vol 26 (1) ◽  
pp. 39-57
Author(s):  
Andrew Stewart
Keyword(s):  
Information Security ◽  
Multinational Corporations ◽  
Best Practice ◽  
Management Practices ◽  
Gap Analysis ◽  
Security Management ◽  
Value Added ◽  
Investment Banks ◽  
Information Security Management ◽  
Content Type

Purpose An action is utilitarian when it is both useful and practical. This paper aims to examine a number of traditional information security management practices to ascertain their utility. That analysis is performed according to the particular set of challenges and requirements experienced by very large organizations. Examples of such organizations include multinational corporations, the governments of large nations and global investment banks. Design/methodology/approach The author performs a gap analysis of a number of security management practices. The examination is focused on the question of whether these practices are both useful and practical when used within very large organizations. Findings The author identifies a number of information security management practices that are considered to be “best practice” in the general case but that are suboptimal at the margin represented by very large organizations. A number of alternative management practices are proposed that compensate for the identified weaknesses. Originality/value Quoting from the conclusion of the paper: We have seen in our analysis within this paper that some best practices can experience what economists refer to as diminishing marginal utility. As the target organization drifts from the typical use-case the amount of value-added declines and can potentially enter negative territory. We have also examined the degree of innovation in the practice of security management and the extent to which the literature can support practical, real-world activities. In both the areas, we have identified a number of opportunities to perform further work.

Information Security Culture

2015 ◽  
Vol 5 (2) ◽  
pp. 31-52 ◽  
Author(s):  
Joo S. Lim ◽  
Sean B Maynard ◽  
Atif Ahmad ◽  
Shanton Chang
Keyword(s):  
Information Security ◽  
Best Practice ◽  
Management Practices ◽  
Security Management ◽  
Information Security Management ◽  
Security Culture ◽  
Study Approach ◽  
Unified View ◽  
Multiple Case

There is considerable literature in the area of information security management (ISM). However, from an organizational viewpoint, the collective body of literature does not present a coherent, unified view of recommended security management practices. In particular, despite the existence of ‘best-practice' standards on information security management, organizations have no way of evaluating the reliability or objectivity of the recommended practices as they do not provide any underlying reasoning or justification. This paper is a first step towards the development of rigorous and formal instruments of measurement by which organizations can assess their security management practices. The paper identifies nine security practice constructs from the literature and develops measurement items for organizations to assess the adequacy of their security management practices. The study uses a multiple case study approach followed by interviews with a panel of four security experts to validate and refine these security practice constructs and their associated measures.

The impact of information security management practices on organisational agility

2020 ◽  
Vol 28 (5) ◽  
pp. 681-700
Author(s):  
Muhamad Khairulnizam Zaini ◽  
Mohamad Noorman Masrek ◽  
Mad Khir Johari Abdullah Sani
Keyword(s):  
Information Security ◽  
Structural Equation ◽  
Management Practices ◽  
Security Management ◽  
Partial Least Square ◽  
Least Square ◽  
Information Security Management ◽  
Content Type ◽  
The Impact ◽  
Organisational Agility

Purpose This study aims to determine the extent to which information security management (ISM) practices impact the organisational agility by examining the relationship between both concepts. Design/methodology/approach A quantitative method research design has been used in this study. This study was conducted throughout Malaysia with a total of 250 valid questionnaires obtained from managers and executives from the Multimedia Super Corridor (MSC)-status companies. Structural equation modelling (SEM) using partial least square was used to analyse the data and to test all nine hypotheses developed in this study. Findings Findings from this study indicate that operational agility (OA) is significantly related to ISM practices in MSC-status companies. The validation of the structural model of nine hypotheses developed for this study has demonstrated satisfactory results, exhibited six significant direct relationships and three insignificant relationships. Research limitations/implications This study has addressed the needs for a comprehensive, coherent and empirically tested ISM practices and organisational agility framework. The current theoretical framework used in this study emphasised on the ISM–organisational agility dimensions that are predominantly important to ascertain high level of ISM practices and perceived agility level among the information technology (IT) business companies in Malaysia. With the application of SEM for powerful analysis, the empirical-based framework established in this study was validated by the empirical findings, thus contributing significantly to the field of information security (InfoSec). Originality/value This study has filled the research gap between different constructs of ISM practices and OA. The model put forth in this study contributes in several ways to the InfoSec research community. The recognition of InfoSec practices that could facilitate organisational agility in the IT industry in Malaysia is vital and contributes to more value creation for the organisations.

scholarly journals Information Security Management Practices: Case Studies from India

2017 ◽  
Vol 20 (1) ◽  
pp. 253-271 ◽  
Author(s):  
Abhishek Narain Singh ◽  
M.P. Gupta
Keyword(s):  
Information Security ◽  
Case Studies ◽  
Management Practices ◽  
Business Processes ◽  
Descriptive Analysis ◽  
Security Management ◽  
Management Support ◽  
Structured Interviews ◽  
Information Security Management ◽  
Organizational Information

In recent years, information security has gained attention in organizations across diverse businesses and sectors. Primary reasons of this can be the new and innovative ways of information handling (during generation, processing, storage and distribution), and dependence of business processes on new and emerging IT/ICT mediums in organizations to carry out daily business activities. This has made organizations agile in terms of functioning and, at the same time, has posed new challenges. In this direction, the present study aims to explore and examine information security management (ISM) practices of two IT development and services organizations in India. In case study design, the study adopts qualitative research route to understand the current ISM practices of the case organizations. The observations derived from semi-structured interviews are presented using descriptive analysis methodology. Further, SAP-LAP (Situation, Actor, Process—Learning, Action, Performance) method of inquiry is used to analyse the findings from case studies. Results highlight the importance of consistent top management support, organizational information security culture and a proper monitoring system for ISM effectiveness in organizations. Insights derived from the study can be helpful for managers and decision makers in managing organizational information security practices.

Sign in / Sign up

Export Citation Format

Share Document