ICT Security Policy

Handbook of Research on Information Communication Technology Policy ◽

10.4018/978-1-61520-847-0.ch020 ◽

2011 ◽

pp. 337-353

Author(s):

Lawan A. Mohammed

Keyword(s):

Security Policy ◽

Computer Crime ◽

Security Policies ◽

Security Challenges ◽

Ict Security

Computer crime is now becoming a major international problem, with continual increases in incidents of cracking, hacking, viruses, worms, bacteria and the like having been reported in recent years. As a result of this massive vulnerabilities and new intrusion techniques, the rate of computer crime has accelerated beyond imagination. It is therefore vital to find policy of reducing and controlling the risk associated with such activities. However, unless the security challenges and countermeasures are well understood, the policy may not yield any fruitful results. This chapter discusses different categories of computer crime for the benefit of individuals and organizations concern with combating the problem. The chapter also discuses some security policies as means of limiting some of the vulnerabilities mentioned.

Download Full-text

CIVIL SERVANTS AWARENESS GUIDELINE TOWARDS COMPUTER SECURITY POLICY: A CASE STUDY AT THE MANPOWER DEPARTMENT, MINISTRY OF HUMAN RESOURCES

Asia-Pacific Journal of Information Technology and Multimedia ◽

10.17576/apjitm-2021-1001-08 ◽

2021 ◽

Vol 10 (01) ◽

pp. 86-99

Author(s):

Dalbir Singh

Keyword(s):

Public Sector ◽

Human Resources ◽

Computer Security ◽

Security Policy ◽

Security Policies ◽

Success Factor ◽

Successful Implementation ◽

The Public ◽

Ict Infrastructure ◽

Ict Security

ICT Security Policy includes information security-related policies, guidelines and best practices that are enforced in the Malaysian public sector. These policies are priority areas that contain guidelines for implementing ICT infrastructure in the public sector. However, there is a significant gap between these policies and awareness towards computer security policy among government servants in the public sector. Therefore a study involving government servants in the Manpower Department, Ministry of Human Resources was carried out to identify the critical success factor of these policies. The study was conducted through quantitative and qualitative methods. A survey was conducted to measure the level of awareness among government servants in agencies against computer security policies. Flaw factors in computer security policy implementation were discussed to obtain strategies to ensure the successful implementation of computer security policies in an agency. The significant factors leading to a successful implementation of computer security policy at the governmental agencies were validated by experts. As a result, a guideline has been prepared to be applied as an improvement proposal to increase the awareness of government servants on ICT security policy in the agencies.

Download Full-text

A Framework for ICT Security Policy Management

Advances in IT Standards and Standardization Research - Frameworks for ICT Policy ◽

10.4018/978-1-61692-012-8.ch001 ◽

2010 ◽

pp. 1-14 ◽

Cited By ~ 3

Author(s):

Sitalakshmi Venkatraman

Keyword(s):

Information And Communication Technologies ◽

Security Policy ◽

Security Policies ◽

Policy Management ◽

Business Operations ◽

Information And Communication ◽

Policy Alignment ◽

Ict Infrastructure ◽

High Level ◽

Ict Security

Organisations around the world are increasingly relying on the potential of information and communication technologies (ICTs) for their business operations as well as competitiveness. Huge amounts of money and time are invested on ICT infrastructure as there exists a high level of business dependency on ICT. Hence, protecting the ICT resources using effective security policies is of utmost importance for the sustenance of organisations. With the recent exponential rise in ICT security threats witnessed worldwide, governments and businesses are trying to successfully develop ICT security policies for their internal and external operations. While ICT security best practices are quite similar globally, ICT security policy management is very much localised and specific to different business scenarios and applications. Moreover, ICT security policies in an organization keep evolving from time to time and more recently changes take place at a much faster pace. This situation warrants a pragmatic framework for the development and management of ICT security policies in an organisation. Much research has focused on formulating frameworks for ICT management in general and there is a paucity of guidelines in literature for ICT security policy management, in particular. This chapter explores ICT security management issues faced in different environments and proposes an integrated framework for managing ICT security policies in an iterative manner. The framework provides the flexibility and adaptability for different organisations to follow the guidelines effectively as it emphasises on policy alignment with business objectives. Since the framework underpins the continuous improvement philosophy, it caters to ICT security policy reform and implementations for the future as well.

Download Full-text

Nigeria and the Challenges of Internal Security in the 21st Century

European Journal of Interdisciplinary Studies ◽

10.26417/ejis.v4i2.p15-33 ◽

2018 ◽

Vol 4 (2) ◽

pp. 15

Author(s):

Chris I. Nwagboso

Keyword(s):

National Security ◽

21St Century ◽

Niger Delta ◽

Security Policy ◽

National Security Policy ◽

Boko Haram ◽

Internal Security ◽

Historical Method ◽

Religious Intolerance ◽

Security Challenges

This paper examines the various internal security challenges confronting Nigeria in the 21st century. The paper adopts historical method and content analysis to investigate how the abysmal failure of the poorly formulated and ineffectively implemented National Security Policy has hitherto exacerbated internal security challenges in Nigeria. The paper further attempts a critical review of major internal security challenges hitherto confronting the country; such as the Niger Delta crises, kidnapping in the South-East geo-political zone, Jos crises, Boko Haram crises and crises by Fulani Herdsmen in the Northern part of Nigeria. The result of the analysis shows that these internal security challenges have not only been difficult to address by the National Security Policy, but have also impacted negatively on the country's desired socio-economic development in the 21st century. The paper, therefore, recommends among others, the need for a careful review of the Nigeria's National Security Policy that will not only be integrative/comprehensive in outlook, but will also take cognizance of some domestic factors that are currently responsible for internal security problems in the country; such as unemployment, inequality, poverty, fraudulent electoral process, corruption, skewed federalism, porous nature of the Nigeria’s borders, sabotage among politicalelites, bad governance, religious intolerance, citizen-settler controversies, among others.

Download Full-text

Enterprises that have defined or reviewed their ICT security policy in the last 24 months (2015 and 2019)

Competitiveness in South East Europe 2021 - Competitiveness and Private Sector Development ◽

10.1787/def21eed-en ◽

2021 ◽

Keyword(s):

Security Policy ◽

Ict Security

Download Full-text

Impact of Deterrence and Inertia on Information Security Policy Changes

Journal of Information Systems ◽

10.2308/isys-52400 ◽

2019 ◽

Vol 34 (1) ◽

pp. 123-134

Author(s):

Kalana Malimage ◽

Nirmalee Raddatz ◽

Brad S. Trinkle ◽

Robert E. Crossler ◽

Rebecca Baaske

Keyword(s):

Information Security ◽

Security Policy ◽

Online Survey ◽

Security Policies ◽

Security Measures ◽

Policy Changes ◽

Information Security Policy ◽

Improve Compliance ◽

The Impact

ABSTRACT This study examines the impact of deterrence and inertia on information security policy changes. Corporations recognize the need to prioritize information security, which sometimes involves designing and implementing new security measures or policies. Using an online survey, we investigate the effect of deterrent sanctions and inertia on respondents' intentions to comply with modifications to company information security policies. We find that certainty and celerity associated with deterrent sanctions increase compliance intentions, while inertia decreases respondents' compliance intentions related to modified information security policies. Therefore, organizations must work to overcome employees' reluctance to change in order to improve compliance with security policy modifications. They may also consider implementing certain and timely sanctions for noncompliance.

Download Full-text

An Examination of Global Municipal Government Privacy and Security Policies

Public Sector Reform Using Information Technologies ◽

10.4018/978-1-60960-839-2.ch006 ◽

2013 ◽

pp. 102-114

Author(s):

Aroon Manoharan ◽

Marc Fudge

Keyword(s):

Longitudinal Study ◽

Security Policy ◽

Municipal Government ◽

Security Policies ◽

The Internet ◽

Privacy And Security ◽

Security Practices ◽

The World ◽

Research Findings ◽

Number Of Individuals

This chapter highlights the research findings of a longitudinal study of online privacy and security practices among global municipalities conducted in 2005 and 2007. As cities worldwide implement sophisticated e-government platforms to increasingly provide services online, many barriers still inhibit the adoption of such strategies by the citizen users, and one such factor is the availability of a comprehensive privacy policy. The survey examines cities throughout the world based upon their population size, the total number of individuals using the Internet, and the percentage of individuals using the Internet. Specifically, we examined if the website has a privacy or security policy, does the website utilize digital signatures and if the website has a policy addressing the use of cookies to track users. Overall, results indicate that cities are increasingly emphasizing on privacy and security policies with major improvements in 2007, along with significant changes in the top ranking cities in when compared to the 2005 study.

Download Full-text

Security Policies and Procedures

Strategic Information Systems ◽

10.4018/978-1-60566-677-8.ch149 ◽

2011 ◽

pp. 2352-2364

Author(s):

Yvette Ghormley

Keyword(s):

Information Systems ◽

Security Policy ◽

Security Policies ◽

Human Element ◽

Weakest Link ◽

Adoption And Implementation ◽

Policies And Procedures ◽

Management Commitment ◽

Physical Assets ◽

And Training

The number and severity of attacks on computer and information systems in the last two decades has steadily risen and mandates the use of security policies by organizations to protect digital as well as physical assets. Although the adoption and implementation of such policies still falls far short, progress is being made. Issues of management commitment, flexibility, structural informality, training, and compliance are among the obstacles that currently hinder greater and more comprehensive coverage for businesses. As security awareness and security-conscious cultures continue to grow, it is likely that research into better methodologies will increase with concomitant efficiency of security policy creation and implementation. However, attacks are becoming increasingly more sophisticated. While the human element is often the weakest link in security, much can be done to mitigate this problem provided security policies are kept focused and properly disseminated, and training and enforcement are applied.

Download Full-text

16. The External Dimension of the European Union’s Internal Security

International Relations and the European Union ◽

10.1093/hepl/9780198737322.003.0016 ◽

2017 ◽

Cited By ~ 1

Author(s):

Sarah Wolff

Keyword(s):

Economic Integration ◽

Security Policy ◽

Global Level ◽

Internal Security ◽

Internal Process ◽

Security Challenges ◽

Legal Challenges ◽

Dynamic Policy ◽

External Dimension ◽

The Eu

This chapter examines the external dimension of the European Union's internal security, with particular emphasis on the Justice and Home Affairs that has evolved from a side product of European economic integration to a complex and dynamic policy area. It begins with a discussion of the internal process of constructing both the EU's Area of Freedom, Security, and Justice (AFSJ) and its external dimension, along with the normative, national, institutional, policy, and legal challenges that have emerged from this process. It then considers the policy dynamism and institutional developments that have taken place since the Treaty of Lisbon before proceeding with an assessment of how the EU copes with the global security challenges of counterterrorism, migration, refugees, and cybercriminality. It also explores how the EU pursues its security policy within the international arena and the effect it has at the global level.

Download Full-text

Security Policies and Risk Analysis

Securing the Information Infrastructure ◽

10.4018/978-1-59904-379-1.ch008 ◽

2008 ◽

pp. 137-160

Author(s):

Joseph Kizza ◽

Florence Migga Kizza

Keyword(s):

Network Security ◽

Risk Analysis ◽

Best Practices ◽

Security Policy ◽

Security Policies ◽

Communication Infrastructure ◽

Security Personnel ◽

Good Policy

In the last chapter, we discussed the basics of network security. Among the issues that we briefly touched on are the techniques and best practices that are currently being used by many security personnel in a variety of networks that make up the communication infrastructure. In this chapter, we are going to start with what is considered to be the most basic of all security techniques—security.policy. We will discuss several issues about security policy, like what constitutes a good policy and how to formulate, develop, write implement, and maintain a security policy.

Download Full-text