Conceptualizing the Domain and an Empirical Analysis of Operations Security Management

2022 ◽  
pp. 533-560
Author(s):  
Winfred Yaokumah
Keyword(s):  
Information Systems ◽  
Empirical Analysis ◽  
Security Management ◽  
Information Systems Security ◽  
Computing Environment ◽  
Maturity Level ◽  
Security Controls ◽  
Systems Security ◽  
Level 3 ◽  
State Of Practice

Operations security management integrates the activities of all the information systems security controls. It ensures that the entire computing environment is adequately secured. This chapter conducts an in-depth review of scholarly and practitioner works to conceptualize the domain of operations security management. Drawing upon the existing information systems security literature, the chapter classifies operations security management into 10 domains. Following, the chapter performs an empirical analysis to investigate the state-of-practice of operations security management in organizations. The findings show that the maturity level of operations security management is at the Level 3 (well-defined). The maturity levels range from Level 0 (not performed) to Level 5 (continuously improving). The results indicate that operations security processes are documented, approved, and implemented organization-wide. Backup and malware management are the most applied operations security controls, while logging, auditing, monitoring, and reviewing are the least implemented controls.

Conceptualizing the Domain and an Empirical Analysis of Operations Security Management

2019 ◽  
pp. 304-330
Author(s):  
Winfred Yaokumah
Keyword(s):  
Information Systems ◽  
Empirical Analysis ◽  
Security Management ◽  
Information Systems Security ◽  
Computing Environment ◽  
Maturity Level ◽  
Security Controls ◽  
Systems Security ◽  
Level 3 ◽  
State Of Practice

Operations security management integrates the activities of all the information systems security controls. It ensures that the entire computing environment is adequately secured. This chapter conducts an in-depth review of scholarly and practitioner works to conceptualize the domain of operations security management. Drawing upon the existing information systems security literature, the chapter classifies operations security management into 10 domains. Following, the chapter performs an empirical analysis to investigate the state-of-practice of operations security management in organizations. The findings show that the maturity level of operations security management is at the Level 3 (well-defined). The maturity levels range from Level 0 (not performed) to Level 5 (continuously improving). The results indicate that operations security processes are documented, approved, and implemented organization-wide. Backup and malware management are the most applied operations security controls, while logging, auditing, monitoring, and reviewing are the least implemented controls.

scholarly journals Challenges Facing Information Systems Security Management in Higher Learning Institutions: A Case Study of the Catholic University of Eastern Africa - Kenya

2014 ◽  
Vol 3 (1) ◽  
pp. 336-349
Author(s):  
Bichanga Walter Okibo ◽  
Obara Brigit Ochiche
Keyword(s):  
Information System ◽  
Information Systems ◽  
Security Management ◽  
System Security ◽  
Higher Learning ◽  
Eastern Africa ◽  
Information Systems Security ◽  
Information System Security ◽  
Systems Security ◽  
Learning Institutions

With the popularity of internet applications, many organizations are facing unprecedented security challenges. Security techniques and management tools have caught a lot of attention from both academia and practitioners. However, there is lacking a theoretical framework for the challenges facing information security management in higher learning institutions. Thus this research looked into the challenges facing information systems security management in higher learning institutions. The study was guided by understanding the major challenges facing Information Systems Security Management and establishing the extent of the use of Information Systems Security Management in higher learning institutions. The study used descriptive survey design. It targeted information systems projects managers, administrators or top management and other users (staff) of the systems in key departments. Systematic sampling strategy was used. Descriptive statistics of SPSS were used to analyze the data. Factor analysis technique was used to identify the major challenges that affect management of an institution’s information system security. Pearson’s Chi-Square was used to test the relationships that exist between the categorical variables. The study found out that system vulnerability, computer crime and abuse, environmental security and financial backing/security are key challenges institutions of higher learning are experiencing in the management of their information systems. The study recommends the implementation of new policies and procedures to guide information system security. Programs for monitoring and evaluating information systems security in relation to performance indicators should be put in place. Institutions should invest heavily in developing their staff through training programmes such as seminars, workshops and conferences to further develop staff skills and abilities on information systems security issues.

Sign in / Sign up

Export Citation Format

Share Document