scholarly journals Information and Knowledge Management in the Scope of the Information Security Practices: The Human Factor within Organizations

2020 ◽  
Vol 10 (11) ◽  
Author(s):  
Mohd Sharulnizam Kamarulzaman ◽  
Norhayati Hussin ◽  
Mohd Shamsul Mohd Shoid ◽  
Azmi Ab Rahman ◽  
Mohd Nazir Ahmad ◽  
...  
Keyword(s):  
Knowledge Management ◽  
Information Security ◽  
Human Factor ◽  
Security Practices ◽  
Information And Knowledge Management ◽  
Information Security Practices

Information Security Practices in Small-to-Medium Sized Businesses

2021 ◽  
pp. 576-596
Author(s):  
Kent Marett ◽  
Tim Barnett
Keyword(s):  
North America ◽  
Information Security ◽  
Hot Spot ◽  
Business Owners ◽  
Cold Spot ◽  
Security Practices ◽  
Business Networking ◽  
Spot Analysis ◽  
Information Security Practices

Small to medium-sized enterprises (SMEs) in North America do not always adequately address security. Based on responses from 232 SME owners and managers, the authors found that the adoption of security recommendations made by experts appear to be significantly influenced by the decisions of other local SMEs. A hot-spot analysis of information security practices suggested that local trends lead to prioritizing certain security practices and not adopting others. Follow-up interviews with business owners and Chamber of Commerce directors provided insights on how security hotspots developed or not. The study identified both hot spot and cold spot communities, and sought to assess how local business networking conduits like chambers of commerce help promote best security practices

A Conceptual Overview on the Relationship Between Information Security Practices and Organizational Agility

2015 ◽  
Vol 21 (5) ◽  
pp. 1289-1292
Author(s):  
Muhamad Khairulnizam Zaini ◽  
Mohamad Noorman Masrek ◽  
Mad Khir Johari Abdullah Sani
Keyword(s):  
Information Security ◽  
Organizational Agility ◽  
Security Practices ◽  
The Relationship ◽  
Conceptual Overview ◽  
Information Security Practices

scholarly journals Information Security Practices in Public Organizations in Albania

2018 ◽  
Vol 9 (4) ◽  
pp. 53-57
Author(s):  
Elda Kuka ◽  
Rovena Bahiti ◽  
Ezmolda Barolli
Keyword(s):  
Information Security ◽  
Social Development ◽  
Everyday Life ◽  
Real Time ◽  
Public Institutions ◽  
Added Value ◽  
Crucial Issue ◽  
Security Practices ◽  
It Departments ◽  
Information Security Practices

Abstract Nowadays real time communication is defining and conditioning our everyday life. Increased communication constitutes an added value to economic and social development of the country, but, at the same time, it exposes it to the risk of cyber nature with state and non-state actors. This is the reason why information security has become an important and crucial issue. In this paper we examine Information Security practices among IT departments in public institutions in Albania, using a survey and interviews conducted with IT staff.

scholarly journals Information Security Practices in a Hospital

2014 ◽  
Author(s):  
Sabina Santos ◽  
Luís Rodrigues ◽  
Domingos Pereira
Keyword(s):  
Information Security ◽  
Security Practices ◽  
Information Security Practices

Employee Information Security Practices

2020 ◽  
Vol 12 (2) ◽  
pp. 1-14
Author(s):  
Eli Hustad ◽  
Frode Mathias Bekkevik ◽  
Ole Reidar Holm ◽  
Polyxeni Vassilakopoulou
Keyword(s):  
Information Security ◽  
Organizational Support ◽  
Personal Characteristics ◽  
Security Practices ◽  
Employee Information ◽  
Security Incidents ◽  
Over Time ◽  
Structural Arrangements ◽  
Information Security Practices

Employee information security practices are pivotal to prevent, detect, and respond to security incidents. This article synthesizes insights from research on challenges related to employee information security practices and measures to address them. The challenges identified are associated to idiosyncratic aspects of communities and individuals within organizations (culture and personal characteristics) and to systemic aspects of organizations (procedural and structural arrangements). The measures aimed to enhance systemic capabilities and to adapt security mechanisms to the idiosyncratic characteristics and are categorized as: (a) measures of training and awareness; (b) measures of organizational support; and (c) measures of rewards and penalties. Further research is needed to explore the dynamics related to how challenges emerge, develop, and get addressed over time and also, to explore the interplay between systemic and idiosyncratic aspects. Additionally, research is needed on the role of security managers and how it can be reconfigured to suit flatter organizations.

Practical Action and Mindfulness in Health Information Security

2011 ◽  
pp. 1454-1471
Author(s):  
Jeff Collmann ◽  
Ted Cooper
Keyword(s):  
Information Security ◽  
Health Information ◽  
Case Studies ◽  
Security Measures ◽  
Good Information ◽  
Practical Action ◽  
Organizational Conditions ◽  
Security Practices ◽  
Information Security Practices ◽  
Healthcare Leaders

Although it is sometimes tempting to treat information security as a domain of its own, this approach will inevitably yield failures of information security and failures for the organization. This occurs because serious breaches may originate from organizational conditions not obviously related to information security policies, procedures or practices and because information security practices operate in, and are affected by the context of their parent organization. For these reasons, healthcare leaders must comply with but look beyond good industry practices alone while planning, implementing, and evaluating information security programs. In this chapter, we demonstrate that a consensus exists on key good information security measures that all healthcare leaders should, and often do use in designing their information security programs. We follow this analysis with two case studies that demonstrate the limitations of focusing only on good information security practices. These case studies help explain the mutual interaction between health information security programs and their wider organizational context by introducing key concepts about organizational performance, including “practical action,” “practical resistance,” “sponsored social movement,” and “mindfulness” and examining them at the individual, group, organizational, and cross domain levels of organizational life.

Challenges and Measures for Information Security Practices: A Literature Review on Systemic and Idiosyncratic Aspects

2019 ◽  
Author(s):  
Eli Hustad ◽  
Frode Matihas Bekkevik ◽  
Ole Reidar Holm ◽  
Polyxeni Vassilakopoulou
Keyword(s):  
Information Security ◽  
Literature Review ◽  
Organizational Support ◽  
Security Breaches ◽  
Operational Risks ◽  
Support Measures ◽  
Security Practices ◽  
Organizational Concern ◽  
Security Incidents ◽  
Information Security Practices

Information security is becoming a key organizational concern in light of increasingly demanding regulations, customers’ apprehension, and, significant operational risks. The information security practices of employees are pivotal for preventing, detecting, and responding to security incidents. This paper is synthesizing the insights from prior research based on a systematic literature review that explores challenges related to information security practices in organizations and the ways these challenges are managed to avoid security breaches. Four general challenges are identified: (1) security rules and procedures, (2) individual and personal risks, (3) culture and security awareness, and (4) organizational and power relations. To manage these challenges, three types of measures are prominent: measures related to training and awareness, measures related to organizational support, measures related to rewards and penalties. These measures aim to enhance systemic capabilities and to adapt security mechanisms to the idiosyncratic characteristics of organizations.

Sign in / Sign up

Export Citation Format

Share Document