scholarly journals An Exploration of the Evolving Reporting Organizational Structure for the Chief Information Security Officer (CISO) Function

2019 ◽  
Vol 7 (1) ◽  
Author(s):  
Conrad Shayo ◽  
Frank Lin
Keyword(s):  
Information Security ◽  
Organizational Structure ◽  
Security Officer

Information Security Aspect of Operational Risk Management

2009 ◽  
Vol 1 (2) ◽  
pp. 45-60 ◽  
Author(s):  
Janusz Zawiła-Niedźwiecki ◽  
Maciej Byczkowski
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Organizational Structure ◽  
Operational Risk ◽  
The Other ◽  
Security Measures ◽  
Operational Risk Management ◽  
Hand Shaping ◽  
Product Service ◽  
The One

Information Security Aspect of Operational Risk ManagementImproving organization means on the one hand searching for adequate product (service) matched to the market, on the other hand shaping the ability to react on risks caused by that activity. The second should consist of identifying and estimating types of risk, and consequently creating solutions securing from possible forms of it's realization (disturbances), following rules of rational choice of security measures as seen in their relation to costs and effectiveness. Activities of creating the security measures should be organized as constantly developing and perfecting and as such they need formal place in organizational structure and rules of management

scholarly journals Validity of information security policy models

2004 ◽  
Vol 16 (3) ◽  
pp. 263-274 ◽  
Author(s):  
Joshua Onome Imoniana
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Security Policy ◽  
Chief Executive ◽  
Theoretical Models ◽  
Information Security Policy ◽  
Security Officer ◽  
Continuity Planning ◽  
Policy Models ◽  
Inclusive Business

Validity is concerned with establishing evidence for the use of a method to be used with a particular set of population. Thus, when we address the issue of application of security policy models, we are concerned with the implementation of a certain policy, taking into consideration the standards required, through attribution of scores to every item in the research instrument. En today's globalized economic scenarios, the implementation of information security policy, in an information technology environment, is a condition sine qua non for the strategic management process of any organization. Regarding this topic, various studies present evidences that, the responsibility for maintaining a policy rests primarily with the Chief Security Officer. The Chief Security Officer, in doing so, strives to enhance the updating of technologies, in order to meet all-inclusive business continuity planning policies. Therefore, for such policy to be effective, it has to be entirely embraced by the Chief Executive Officer. This study was developed with the purpose of validating specific theoretical models, whose designs were based on literature review, by sampling 10 of the Automobile Industries located in the ABC region of Metropolitan São Paulo City. This sampling was based on the representativeness of such industries, particularly with regards to each one's implementation of information technology in the region. The current study concludes, presenting evidence of the discriminating validity of four key dimensions of the security policy, being such: the Physical Security, the Logical Access Security, the Administrative Security, and the Legal & Environmental Security. On analyzing the Alpha of Crombach structure of these security items, results not only attest that the capacity of those industries to implement security policies is indisputable, but also, the items involved, homogeneously correlate to each other.

CHIEF INFORMATION SECURITY OFFICER: Steuermann durch den IT-Sicherheitsprozess

2020 ◽  
Vol 25 (03) ◽  
pp. 54-57
Author(s):  
Thorsten Schütz
Keyword(s):  
Information Security ◽  
Security Officer

Ohne funktionierende IT steht ein Krankenhaus weitgehend still, das belegen zahlreiche Beispiele von Hackerangriffen. Damit ein solcher Fall nicht eintritt, brauchen Krankenhäuser redundante IT-Systeme, ein fehlerfreies Zusammenspiel der eingesetzten Anwendungssysteme sowie einen wirksamen Schutz gegen Cyberattacken. Und: einen CISO.

A Rigorous Approach to the Definition of an International Vocational Master’s Degree in Information Security Management

2010 ◽  
Vol 1 (4) ◽  
pp. 1-17 ◽  
Author(s):  
Frédéric Girard ◽  
Bertrand Meunier ◽  
Duan Hua ◽  
Eric Dubois
Keyword(s):  
Information Security ◽  
Security Management ◽  
Holistic Approach ◽  
Learning Trajectory ◽  
Learning Program ◽  
Information Security Management ◽  
Security Officer ◽  
Rigorous Approach ◽  
Definition Of ◽  
New Education

In Luxembourg, like in many other countries, information security has become a central issue for private companies and public organizations. Today, information is the main asset of a company for its business and, at the same time, regulations are imposing more and more rules regarding its management. As a consequence, in Luxembourg, a clear need has emerged regarding the development of new learning trajectory fulfilling the requirements of the new job profile associated with a Chief Security Officer. This need was relayed by the national professional security association which asked for the development of a new education program targeting professional people engaged in a lifelong learning trajectory. The paper reports on the rigorous and scientific participatory approach for producing the adequate learning program meeting requirements elicited from the professional association members. The authors present the skills card that has been elaborated for capturing these requirements and the program, which has been built together with the University of Luxembourg for matching these requirements. This program proposes a holistic approach to information security management by including organization, human and technical security risks within the context of regulations and norms.

Defining the Strategic Role of the Chief Information Security Officer

2018 ◽  
pp. 61-86
Author(s):  
Sean B Maynard ◽  
◽  
Mazino Onibere ◽  
Atif Ahmad ◽  
◽  
...  
Keyword(s):  
Information Security ◽  
Security Officer ◽  
Strategic Role
Sign in / Sign up

Export Citation Format

Share Document