Overview of the Impact of Human Error on Cybersecurity based on ISO/IEC 27001 Information Security Management

Information security is the practice of protecting information by mitigating the risk of cyber-attack, and typically includes preventing or reducing the possibility of unauthorized/inappropriate access to data, unlawful use, disclosure, disruption. This concept of information security covers as well various procedures aiming at minimizing the negative effects of such incidents and threats. These threats might be originated from the human behavior which may lead to a wide damage of the organization data assets. Thus, the primary focus of information security is on the balanced protection of confidentiality, integrity and availability of data while maintaining an effective use of the organizations' systems. International standards related to information security such as ISO/IEC 27001 emphasis on effective implementation of the information security policies and applications without hampering the productivity of the organization. This research seeks to draw a set of practical rules to be established within an organization to preserve cybersecurity objectives and protect dada specifically from human errors incidents. The drawn rules are based on ISO/IEC 27001 and its application within organizations will rise the employee’s awareness about their behavior to reduce the impact of such incidents on the organization' systems and data.

Download Full-text

The Impact of Information Security International Standards : Enhancing the Efficiency of E-Publishing over Cloud Computing

10.24086/cocos17.17 ◽

2017 ◽

Cited By ~ 1

Author(s):

Thabit Thabit ◽

Yaser Jasim

Keyword(s):

Cloud Computing ◽

Information Security ◽

International Standards ◽

The Impact

Download Full-text

Research on the Impact of Information Security Certification and Concealment onFinancial Performance

Journal of Global Information Management ◽

10.4018/jgim.20220801oa04 ◽

2022 ◽

Vol 30 (3) ◽

pp. 0-0

Keyword(s):

Information Security ◽

Financial Performance ◽

Positive Impact ◽

Rapid Development ◽

International Standards ◽

Corporate Decisions ◽

Using Data ◽

The Impact ◽

The Relationship ◽

Iso 27001

With the rapid development of information technology, information security has been gaining attention. The International Organization for Standardization (ISO) has issued international standards and technical reports related to information security, which are gradually being adopted by enterprises. This study analyzes the relationship between information security certification (ISO 27001) and corporate financial performance using data from Chinese publicly listed companies. The study focusses on the impact of corporate decisions such as whether to obtain certification, how long to hold certification, and whether to publicize information regarding certification. The results show that there is a positive correlation between ISO 27001 and financial performance. Moreover, the positive impact of ISO 27001 on financial performance gradually increases with time. In addition, choosing not to publicize ISO 27001 certification can negatively affect enterprise performance.

Download Full-text

Analysis of Human Error in Healthcare Industry: an Indian Perspective

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d1034.1284s219 ◽

2019 ◽

Vol 8 (4S2) ◽

pp. 157-162

Keyword(s):

Human Error ◽

Assessment Method ◽

Healthcare Sector ◽

Healthcare Industry ◽

Human Knowledge ◽

Human Errors ◽

Urban City ◽

Risk Assessment Method ◽

Risk Sources ◽

The Impact

In healthcare sector, employing human knowledge, on a larger scale, in the decision making process in identifying the risk sources is very common, and often the human error in the process results in adverse effects of unrecognized risks. Hence, the impact of human error in employing the human knowledge remains a major problem. To minimize the human error a fuzzy based risk assessment method using Ranked Risk Breakdown Structure (RRBS) model is proposed in this work. The proposed method is able to rank the risk resources on the basis of a risk score generating mechanism based on the probability of occurrence of risk and outcome of the risk. By recognizing the high ranking risk resources, that is, the risk drivers at higher levels of seriousness/severity, this fuzzy based methodology nullify the existing common human errors. The proposed methodology is validated with the actual past data of one decade period, the occurrence of risk and its effect in a healthcare industry situated in an urban city of India. The results of the experimentation reveal that the proposed methodology can be successfully implemented in all other industries in healthcare sector to minimize the human error in risk recognition. The suggested model is helpful for industrial managers/practitioners to tackle risk factors related with complex works.

Download Full-text

Research on the Influence Factors System of Human Error in Power System

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.988.687 ◽

2014 ◽

Vol 988 ◽

pp. 687-690

Author(s):

Jun Xi Tang ◽

Li Cheng Wang ◽

Peng Jia Shi ◽

Zhao Li ◽

Su Hong Pang ◽

...

Keyword(s):

Power System ◽

System Reliability ◽

Human Error ◽

Influence Factors ◽

Organizational Factors ◽

Individual Factors ◽

Power System Reliability ◽

Human Errors ◽

Equipment Reliability ◽

The Impact

Along with the development of science and technology, equipment reliability is improving and human error has become an increasingly important threat to the power system reliability and safety. However, there is seldom research for the human errors in electric power generation. In this paper, the classification and the main causes of human errors in power system are analyzed firstly. Then, the influence factors of human error are divided into several groups, which are organizational factors, mission factors, individual factors, environment and equipment factors. By analyzing the impact of different influence factors, an influence factors system of human error in power system is proposed and lays a foundation for the further explorations.

Download Full-text

Fatigue leading to human error: a study based on marine accidents

Scientific Bulletin of Naval Academy ◽

10.21279/1454-864x-19-i2-013 ◽

2019 ◽

Vol XXII (2) ◽

pp. 110-115

Author(s):

Apostol-Mates R.

Keyword(s):

Human Error ◽

Human Factor ◽

Large Array ◽

Human Errors ◽

Leading Role ◽

Starting Point ◽

Marine Accidents ◽

The Impact

The maritime field is, like many other fields, an interrelationship between technology and the human factor. And as it is predictable, the human factor holds the leading role. As Dr. Anita M. Rothblum says, „The maritime system is a people system‟, and human errors are often the starting point for different accidents. Among the large array of factors leading to human errors when facing a situation or a decision onboard ship, fatigue is one of the main disruptive cause. The present work aims to analyze the impact of fatigue on crew members in situations leading to accidents

Download Full-text

The Impact of Information Security Breach Incidents on CIO Turnover

Journal of Information Systems ◽

10.2308/isys-52532 ◽

2019 ◽

Vol 33 (3) ◽

pp. 309-329 ◽

Cited By ~ 1

Author(s):

Rajiv D. Banker ◽

Cecilia (Qian) Feng

Keyword(s):

Information Security ◽

Human Error ◽

Chief Information Officer ◽

Performance Expectations ◽

Security Breaches ◽

It Performance ◽

Turn Over ◽

Market Consequences ◽

The Impact ◽

The Relationship

ABSTRACT We investigate the relationship between security breaches and chief information officer (CIO) turnover. Because CIOs are directly responsible for IT performance, we argue that their turnover likelihood is higher when they fail to meet IT performance expectations, as reflected by information security breaches. Specifically, we find that breaches caused by system deficiency increase CIO turnover likelihood by 72 percent. However, we find no such association for breaches caused by criminal fraud or human error. We extend our analyses to other executives and document that CEOs are more likely to turn over following breaches caused by both system deficiency and human error, consistent with their broader role within the firm. By contrast, we find no evidence suggesting that CFOs are more likely to turn over following breaches. The findings indicate negative labor market consequences for executives who fail to meet performance expectations within the scope of their duties.

Download Full-text

Research on the Impact of Information Security Certification and Concealment on Financial Performance

Journal of Global Information Management ◽

10.4018/jgim.20220701.oa2 ◽

2022 ◽

Vol 30 (3) ◽

pp. 1-16

Author(s):

Wenqing Wu ◽

Kun Shi ◽

Chia-Huei Wu ◽

Jiayue Liu

Keyword(s):

Information Security ◽

Financial Performance ◽

Positive Impact ◽

Rapid Development ◽

International Standards ◽

Corporate Decisions ◽

Using Data ◽

The Impact ◽

The Relationship ◽

Iso 27001

Download Full-text

Information security of children and adolescents in understanding parents and teachers

Psychology and Law ◽

10.17759/psylaw.2015050301 ◽

2015 ◽

Vol 5 (3) ◽

pp. 1-13

Author(s):

I.B. Bovina ◽

N.V. Dvoryanchikov ◽

S.V. Budykin

Keyword(s):

Information Security ◽

Mass Media ◽

Children And Adolescents ◽

Social Representations ◽

Psychological Aspects ◽

The Internet ◽

Naive Theories ◽

Concept Of Information ◽

The Impact ◽

Theory Of Social Representations

The article presents the first part of the work devoted to the study of ordinary representations of parents and teachers about information security of children and adolescents. It is about addressing the problem of information security of children and adolescents, discuss the effects of observing violence in the mass media on the subsequent behaviour of viewers, refers to directing television roles on the example of transfer schemes by S. Milgram in the context of television game (experiment J. L. Beauvois with colleagues). This paper examines the impact on users has the Internet, discusses the main directions of action in relation to ensuring information security of children and adolescents, focusing on psychological aspects of the concept of information security of children, demonstrates the importance of studying "naive theories" that govern the actions aimed at ensuring information security of children. The authors explain the prospect of studying problems of information security of children in the framework of the theory of social representations.

Download Full-text

Business Impacts of International Standards for Information Security Management. Lessons from Case Companies

Journal of ICT Standardization ◽

10.13052/jicts2245-800x.122 ◽

2013 ◽

pp. 25-40

Author(s):

Robert M. van Wessel ◽

Henk J. De Vries

Keyword(s):

Information Security ◽

Success Factors ◽

Security Management ◽

International Standards ◽

Information Security Management ◽

Financial Benefits ◽

Business Opportunities ◽

New Business ◽

Iec 27001 ◽

Iec 27002

This paper describes the business impact of two international standards for information security management: ISO/IEC 27001 and ISO/IEC 27002. Six company cases show that companies had different reasons for wanting to implement these standards, but that they achieved most of their objectives. Benefits include improved service quality, higher customer satisfaction, and in some cases, new business opportunities. A number of common success factors ensure the objectives can be achieved, and financial and non-financial benefits can indeed be obtained. The lessons learnt from these cases can help other companies to also reap such benefits.

Download Full-text

Comparison of Life-Cycle Assessment Tools for Road Pavement Infrastructure

Transportation Research Record Journal of the Transportation Research Board ◽

10.3141/2646-04 ◽

2017 ◽

Vol 2646 (1) ◽

pp. 28-38 ◽

Cited By ~ 6

Author(s):

João Miguel Oliveira dos Santos ◽

Senthilmurugan Thyagarajan ◽

Elisabeth Keijzer ◽

Rocío Fernández Flores ◽

Gerardo Flintsch

Keyword(s):

Life Cycle Assessment ◽

Life Cycle ◽

Impact Assessment ◽

International Standards ◽

Assessment Tools ◽

Negative Effects ◽

Road Pavement ◽

Life Cycle Stages ◽

Project Construction ◽

The Impact

Road pavements have considerable environmental burdens associated with their initial construction, maintenance, and usage, which have led the pavement stakeholder community to join efforts to understand and mitigate these negative effects better. Life-cycle assessment (LCA) is a versatile methodology for quantifying the effect of decisions regarding the selection of resources and processes. However, there is a considerable variety of tools for conducting pavement LCA. This paper provides the pavement stakeholder community with insights into the potential differences in the life-cycle impact assessment results of a pavement by applying American and European LCA tools, namely, PaLATE Version 2.2, the Virginia Tech Transportation Institute–University of California asphalt pavement LCA model, GaBi, DuboCalc, and ECORCE-M, to a Spanish pavement reconstruction project. Construction and maintenance life-cycle stages were considered in the comparison. On the basis of the impact assessment methods adopted by the various tools, the following indicators and impact categories were analyzed: energy consumption, climate change, acidification, eutrophication, and photochemical ozone creation. The results of the case study showed the need to develop ( a) a standardized framework for performing a road pavement LCA that can be adapted to various tools and ( b) local databases of materials and processes that follow national and international standards.

Download Full-text