Relevant bibliographies by topics / Information security risk / Journal articles
To see the other types of publications on this topic, follow the link: Information security risk.

Journal articles on the topic 'Information security risk'

Author: Grafiati
Published: 4 June 2021
Last updated: 11 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Information security risk.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Kuzminykh, Ievgeniia, Bogdan Ghita, Volodymyr Sokolov, and Taimur Bakhshi. "Information Security Risk Assessment." Encyclopedia 1, no. 3 (July 24, 2021): 602–17. http://dx.doi.org/10.3390/encyclopedia1030050.

Full text
Abstract:
Information security risk assessment is an important part of enterprises’ management practices that helps to identify, quantify, and prioritize risks against criteria for risk acceptance and objectives relevant to the organization. Risk management refers to a process that consists of identification, management, and elimination or reduction of the likelihood of events that can negatively affect the resources of the information system to reduce security risks that potentially have the ability to affect the information system, subject to an acceptable cost of protection means that contain a risk analysis, analysis of the “cost-effectiveness” parameter, and selection, construction, and testing of the security subsystem, as well as the study of all aspects of security.
APA, Harvard, Vancouver, ISO, and other styles
2

Palvia, Pankaj. "Security Risk Management: Building and Information Security Risk." Journal of Information Privacy and Security 7, no. 4 (October 2011): 72–73. http://dx.doi.org/10.1080/15536548.2011.10855925.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Zawiła-Niedźwiecki, Janusz, and Maciej Byczkowski. "Information Security Aspect of Operational Risk Management." Foundations of Management 1, no. 2 (January 1, 2009): 45–60. http://dx.doi.org/10.2478/v10238-012-0010-2.

Full text
Abstract:
Information Security Aspect of Operational Risk ManagementImproving organization means on the one hand searching for adequate product (service) matched to the market, on the other hand shaping the ability to react on risks caused by that activity. The second should consist of identifying and estimating types of risk, and consequently creating solutions securing from possible forms of it's realization (disturbances), following rules of rational choice of security measures as seen in their relation to costs and effectiveness. Activities of creating the security measures should be organized as constantly developing and perfecting and as such they need formal place in organizational structure and rules of management
APA, Harvard, Vancouver, ISO, and other styles
4

Meriah, Ines, and Latifa Ben Arfa Rabai. "Analysing Information Security Risk Ontologies." International Journal of Systems and Software Security and Protection 11, no. 1 (January 2020): 1–16. http://dx.doi.org/10.4018/ijsssp.2020010101.

Full text
Abstract:
This research work presents existing security ontologies and identifies relevant security ontology requirements in information systems. Moreover, it proposes a new classification of security ontologies in which, two main families, namely ontologies-based security standards and ontologies-based security risk assessment, are defined. For each family, a set of related research works is selected and a thorough description of their security ontologies is presented. The purpose of this analysis is to identify security ontology requirements as well as ontological characteristics for each study in order to help a security decision maker to select an ontology based off of their security risks and requirements as well as their needed security models and standards. By selecting the appropriate ontology, security stakeholders support security compliance and risk assessment in an enterprise.
APA, Harvard, Vancouver, ISO, and other styles
5

Bodin, Lawrence D., Lawrence A. Gordon, and Martin P. Loeb. "Information security and risk management." Communications of the ACM 51, no. 4 (April 2008): 64–68. http://dx.doi.org/10.1145/1330311.1330325.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Johnson, M. Eric, Eric Goetz, and Shari Lawrence Pfleeger. "Security through Information Risk Management." IEEE Security & Privacy Magazine 7, no. 3 (May 2009): 45–52. http://dx.doi.org/10.1109/msp.2009.77.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Anton, Nicolae, and Anișor Nedelcu. "Security Information and Risk Management Assessment." Applied Mechanics and Materials 809-810 (November 2015): 1522–27. http://dx.doi.org/10.4028/www.scientific.net/amm.809-810.1522.

Full text
Abstract:
This work approaches the assessment of the security and information risks in order to find the optimal values of the risks by applying and comparing different methods to measure and assess the security risks. By describing structural characteristics of standards and methods implemented in the information security management system (ISMS), this paper underlines the necessity, means and effectiveness of information security modeling. The conclusions of this paper highlights the importance of standards and methods of risk management assessment.
APA, Harvard, Vancouver, ISO, and other styles
8

Murtaza, Mirza B. "Risk Management For Health Information Security And Privacy." American Journal of Health Sciences (AJHS) 3, no. 2 (April 2, 2012): 125–34. http://dx.doi.org/10.19030/ajhs.v3i2.6943.

Full text
Abstract:
The challenge of securing large amounts of electronic medical records stored in a variety of forms and in many locations, while still making it available to authorized users, is huge. Pressure to maintain privacy and protection of personal information is a strong motivating force in the development of security policies. It is essential for health care organizations to analyze, assess and ensure security policies to meet these challenges and to develop the necessary policies to ensure the security of medical information.
APA, Harvard, Vancouver, ISO, and other styles
9

Ayatollahi, Haleh, and Ghazal Shagerdi. "Information Security Risk Assessment in Hospitals." Open Medical Informatics Journal 11, no. 1 (September 14, 2017): 37–43. http://dx.doi.org/10.2174/1874431101711010037.

Full text
Abstract:
Background: To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. Objective: The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. Method: This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). Results: The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). Conclusion: The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies.
APA, Harvard, Vancouver, ISO, and other styles
10

Zhang, Chang Lun, and Chao Li. "Information Security Risk Assessment on Complex Information System." Advanced Materials Research 765-767 (September 2013): 1481–85. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1481.

Full text
Abstract:
Risk assessment is the key and core technologies ensuring IT system security. Based on the comprehensive analysis to complex information systems, this paper first summarizes the typical characters of complex information systems and then gives new risk factors that complex system need to face. Furthermore, a new risk assessment method is proposed to evaluate the complex information systems. The method takes full account of the effect of complexity of complex information systems in each process of risk assessment, and utilizes multi-level risk views to carry out in-depth analysis to the risk of complex system.
APA, Harvard, Vancouver, ISO, and other styles
11

Wu, Yong, Linping Wang, Dong Cheng, and Tao Dai. "Information security decisions of firms considering security risk interdependency." Expert Systems with Applications 178 (September 2021): 114990. http://dx.doi.org/10.1016/j.eswa.2021.114990.

Full text
APA, Harvard, Vancouver, ISO, and other styles
12

Revenkov, Pavel, and Dmitry Krupenko. "Mobile banking: Information Security Risk Assessment." Voprosy kiberbezopasnosti, no. 2(30) (2019): 21–28. http://dx.doi.org/10.21681/2311-3456-2019-2-21-28.

Full text
APA, Harvard, Vancouver, ISO, and other styles
13

Gauci, Donald. "Management: Information Security: Risk and Reward." Journal of Petroleum Technology 59, no. 05 (May 1, 2007): 36–39. http://dx.doi.org/10.2118/0507-0036-jpt.

Full text
APA, Harvard, Vancouver, ISO, and other styles
14

Page, V., M. Dixon, and I. Choudhury. "Security risk mitigation for information systems." BT Technology Journal 25, no. 1 (January 2007): 118–27. http://dx.doi.org/10.1007/s10550-007-0014-8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
15

Karabacak, Bilge, and Ibrahim Sogukpinar. "ISRAM: information security risk analysis method." Computers & Security 24, no. 2 (March 2005): 147–59. http://dx.doi.org/10.1016/j.cose.2004.07.004.

Full text
APA, Harvard, Vancouver, ISO, and other styles
16

Wei, June, Binshan Lin, and Meiga Loho-Noya. "Development of an E-Healthcare Information Security Risk Assessment Method." Journal of Database Management 24, no. 1 (January 2013): 36–57. http://dx.doi.org/10.4018/jdm.2013010103.

Full text
Abstract:
This paper developed a method to assess information security risks in e-healthcare. Specifically, it first developed a static E-Healthcare Information Security Risk (EHISR) model to present thirty-three security risk factors by identifying information security threats and their sources in e-healthcare. Second, a dynamic E-Healthcare Information Flow (EHIF) model was developed to logically link these information risk factors in the EHISR model. Pattern analysis showed that information security risks could be classified into two levels, and versatility analysis showed that the overall security risks for eight information flows were close with a range from 55% to 86%. Third, one quantifiable approach based on a relative-weighted assessment model was developed to demonstrate how to assess the information security risks in e-healthcare. This quantitative security risk measurement establishes a reference point for assessing e-healthcare security risks and assists managers in selecting a reliable information flow infrastructure with a lower security risk level.
APA, Harvard, Vancouver, ISO, and other styles
17

Anton, Nicolae, and Anișor Nedelcu. "The Systemic Approach to Information Protection in Relation to Risk in an Integrated Information Security System." Applied Mechanics and Materials 760 (May 2015): 689–94. http://dx.doi.org/10.4028/www.scientific.net/amm.760.689.

Full text
Abstract:
This paper presents an approach to the risk of information security. By taking into consideration how critical it is for a system, each category of information should be associated with a correspondent level of security risk and each level of security risk must be defined by appropriate measures to control the risks for information security. Equally important is how many levels of security risk are defined for information, or how they are classified. It is critical, however, that the model adopted reflects all the objectives that the system requires.
APA, Harvard, Vancouver, ISO, and other styles
18

Kessler, Stacey R., Shani Pindek, Gary Kleinman, Stephanie A. Andel, and Paul E. Spector. "Information security climate and the assessment of information security risk among healthcare employees." Health Informatics Journal 26, no. 1 (March 14, 2019): 461–73. http://dx.doi.org/10.1177/1460458219832048.

Full text
Abstract:
Since 2009, over 176 million patients in the United States have been adversely impacted by data breaches affecting Health Insurance Portability and Accountability Act–covered institutions. While the popular press often attributes data breaches to external hackers, most breaches are the result of employee carelessness and/or failure to comply with information security policies and procedures. To change employee behavior, we borrow from the organizational climate literature and introduce the Information Security Climate Index, developed and validated using two pilot samples. In this study, four categories of healthcare professionals (certified nursing assistants, dentists, pharmacists, and physician assistants) were surveyed. Likert-type items were used to assess the Information Security Climate Index, information security motivation, and information security behaviors. Study results indicated that the Information Security Climate Index was related to better employee information security motivation and information security behaviors. In addition, there were observed differences between occupational groups with pharmacists reporting a more favorable climate and behaviors than physician assistants.
APA, Harvard, Vancouver, ISO, and other styles
19

Cao, Xiao Li. "Research on Method of Information System Information Security Risk Management." Advanced Materials Research 926-930 (May 2014): 4105–9. http://dx.doi.org/10.4028/www.scientific.net/amr.926-930.4105.

Full text
Abstract:
With the popularity of the Internet and global information continues to advance organizational information systems have become an important strategic resource for the survival of the importance of information security to protect its widespread concern. Once the information security organization information system is destroyed, the Organization for Security attribute information would cause tremendous impact the organization's business operation, the losses include not only economic, but also likely to organize image, reputation is a strategic competitive advantage even fatal injuries. However, the existing information systems of information security risk management approach to information system risk analysis and assessment with specific organizational environment and business background with fragmentation, lack of risk analysis and description of the formation process, carried only consider "technical" factors security decisions, lack of full expression to achieve the desired goal of a number of decisions on organizational decision-making. Therefore, the information system to carry information security risk management is essential.
APA, Harvard, Vancouver, ISO, and other styles
20

Kaushal, Priyanka, and Rizwan Khan. "A Review on Information Security." International Journal of Advanced Research in Computer Science and Software Engineering 8, no. 4 (April 30, 2018): 122. http://dx.doi.org/10.23956/ijarcsse.v8i4.646.

Full text
Abstract:
In now days the concept of the Information risks and Security is becoming a fast-moving discipline. In now days thesystems are assembled on different machines belongsto the same principals with the different interests, information of different machines are now becoming as important to depend on technical design. The information security not only provides the ‘security’ topics such as data loss prevention, bugs, data breaches, spam, and phishing, but also in many other areas such as system dependability (person-to-person design and efforts by testers and programmer)t, and policy (the rights of management). Main aim of this research program has been starting to think over more general security questions (such as law-enforcement strategy, performance), and also the interface between security and the computer sciences. Most commonly and recently the more concern of information security is due to various Information risk. This paper provides you the overview about how we secure our data and our information from unauthorized personsand from hackers. For the practice the various organization will choose many method to overcome the problem of information risk. The promise of this research program is to aware you about the information related risks and how to cope with that.
APA, Harvard, Vancouver, ISO, and other styles
21

Williams, Paul. "Information Security Governance." Information Security Technical Report 6, no. 3 (September 2001): 60–70. http://dx.doi.org/10.1016/s1363-4127(01)00309-0.

Full text
APA, Harvard, Vancouver, ISO, and other styles
22

Zhao, Xia, Ling Xue, and Andrew B. Whinston. "Managing Interdependent Information Security Risks: Cyberinsurance, Managed Security Services, and Risk Pooling Arrangements." Journal of Management Information Systems 30, no. 1 (July 2013): 123–52. http://dx.doi.org/10.2753/mis0742-1222300104.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Mokhor, Volodymyr, and Vasyl Tsurkan. "Probit-method for information security risk assessment." Collection "Information technology and security" 2, no. 1 (September 30, 2013): 65–71. http://dx.doi.org/10.20535/2411-1031.2013.2.1.58531.

Full text
APA, Harvard, Vancouver, ISO, and other styles
24

M. El Hadi, Mohamed. "Assessing Information Security Risk Management in Organizations." مجلة الجمعیة المصریة لنظم المعلومات وتکنولوجیا الحاسبات 14, no. 14 (April 1, 2014): 18–32. http://dx.doi.org/10.21608/jstc.2014.119449.

Full text
APA, Harvard, Vancouver, ISO, and other styles
25

Gupta, Ayush. "Strategic Dimensions of Information Security Risk Management." Journal of Business Management and Information Systems 6, no. 2 (December 31, 2019): 1–9. http://dx.doi.org/10.48001/jbmis.2019.0602001.

Full text
Abstract:
Information security is thus a big threat to the survival of enterprises. In all context and forms, it is an imperative to provide adequate safeguards and measures to management the risk arising from flow of information and data. The business models of organizations are highly dependent on flow of information during the business processes. The management of information security has several perspectives. In this paper, the legal, quality and human resource perspectives have been discussed. The Information Security Risk Management Model must balance these perspectives to optimize for best value derived out of it.
APA, Harvard, Vancouver, ISO, and other styles
26

Borkhalenko, V. A. "Insurance mechanisms in information security risk management." Экономический анализ: теория и практика 16, no. 2 (February 27, 2017): 379–88. http://dx.doi.org/10.24891/ea.16.2.379.

Full text
APA, Harvard, Vancouver, ISO, and other styles
27

Fazlida, M. R., and Jamaliah Said. "Information Security: Risk, Governance and Implementation Setback." Procedia Economics and Finance 28 (2015): 243–48. http://dx.doi.org/10.1016/s2212-5671(15)01106-5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

GUAN, Ji-zheng, Ming-tao LEI, Xiao-lu ZHU, and Jian-yi LIU. "Knowledge-based information security risk assessment method." Journal of China Universities of Posts and Telecommunications 20 (December 2013): 60–63. http://dx.doi.org/10.1016/s1005-8885(13)60220-4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Poore, Ralph Spencer. "Valuing Information Assets for Security Risk Management." Information Systems Security 9, no. 4 (September 2000): 1–7. http://dx.doi.org/10.1201/1086/43311.9.4.20000910/31364.4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Wangen, Gaute. "Information Security Risk Assessment: A Method Comparison." Computer 50, no. 4 (April 2017): 52–61. http://dx.doi.org/10.1109/mc.2017.107.

Full text
APA, Harvard, Vancouver, ISO, and other styles
31

Ryan, Julie J. C. H., and Daniel J. Ryan. "Performance Metrics for Information Security Risk Management." IEEE Security & Privacy 6, no. 5 (September 2008): 38–44. http://dx.doi.org/10.1109/msp.2008.125.

Full text
APA, Harvard, Vancouver, ISO, and other styles
32

Wei, June, Lai C. Liu, Kai S. Koong, and Yi Li. "A risk assessment model for information security." International Journal of Business and Systems Research 5, no. 2 (2011): 158. http://dx.doi.org/10.1504/ijbsr.2011.038800.

Full text
APA, Harvard, Vancouver, ISO, and other styles
33

Taylor, Richard G. "Potential Problems with Information Security Risk Assessments." Information Security Journal: A Global Perspective 24, no. 4-6 (October 27, 2015): 177–84. http://dx.doi.org/10.1080/19393555.2015.1092620.

Full text
APA, Harvard, Vancouver, ISO, and other styles
34

Fenz, Stefan, Johannes Heurix, Thomas Neubauer, and Fabian Pechstein. "Current challenges in information security risk management." Information Management & Computer Security 22, no. 5 (November 10, 2014): 410–30. http://dx.doi.org/10.1108/imcs-07-2013-0053.

Full text
Abstract:
Purpose – The purpose of this paper is to give an overview of current risk management approaches and outline their commonalities and differences, evaluate current risk management approaches regarding their capability of supporting cost-efficient decisions without unnecessary security trade-offs, outline current fundamental problems in risk management based on industrial feedback and academic literature and provide potential solutions and research directions to address the identified problems. Despite decades of research, the information security risk management domain still faces numerous challenges which hinder risk managers to come up with sound risk management results. Design/methodology/approach – To identify the challenges in information security risk management, existing approaches are compared against each other, and as a result, an abstracted methodology is derived to align the problem and solution identification to its generic phases. The challenges have been identified based on literature surveys and industry feedback. Findings – As common problems at implementing information security risk management approaches, we identified the fields of asset and countermeasure inventory, asset value assignment, risk prediction, the overconfidence effect, knowledge sharing and risk vs. cost trade-offs. The reviewed risk management approaches do not explicitly provide mechanisms to support decision makers in making an appropriate risk versus cost trade-offs, but we identified academic approaches which fulfill this need. Originality/value – The paper provides a reference point for professionals and researchers by summing up the current challenges in the field of information security risk management. Therefore, the findings enable researchers to focus their work on the identified real-world challenges and thereby contribute to advance the information security risk management domain in a structured way. Practitioners can use the research results to identify common weaknesses and potential solutions in information security risk management programs.
APA, Harvard, Vancouver, ISO, and other styles
35

Chan, C. L. "Information Security Risk Modeling Using Bayesian Index." Computer Journal 54, no. 4 (July 30, 2010): 628–38. http://dx.doi.org/10.1093/comjnl/bxq059.

Full text
APA, Harvard, Vancouver, ISO, and other styles
36

El Hadi, Mohamed M. "Assessing Information Security Risk Management in Organizations." Compunet ( The Egyptian Information Journal ) 13, no. 14 (April 2014): 18–32. http://dx.doi.org/10.12816/0014066.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

Kochar, Subir, Sachin Goyal, Ratish Agarwal, and Mahesh Pawar. "Enhancing Information Security Risk Management for Organizations." International Journal of Computer & Organization Trends 19, no. 1 (April 25, 2015): 36–41. http://dx.doi.org/10.14445/22492593/ijcot-v19p306.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Shameli-Sendi, Alireza, Rouzbeh Aghababaei-Barzegar, and Mohamed Cheriet. "Taxonomy of information security risk assessment (ISRA)." Computers & Security 57 (March 2016): 14–30. http://dx.doi.org/10.1016/j.cose.2015.11.001.

Full text
APA, Harvard, Vancouver, ISO, and other styles
39

Zahoruyko, L. V., T. A. Martʹyanova, and A. V. Skyrda. "Models of information technology security risk analysis." Optoelectronic information-power technologies 40, no. 2 (2021): 16–20. http://dx.doi.org/10.31649/1681-7893-2020-40-2-16-20.

Full text
APA, Harvard, Vancouver, ISO, and other styles
40

Mitchell, Ruth C., Rita Marcella, and Graeme Baxter. "Corporate information security management." New Library World 100, no. 5 (September 1, 1999): 213–27. http://dx.doi.org/10.1108/03074809910285888.

Full text
Abstract:
To ensure business continuity the security of corporate information is extremely important. Previous studies have shown that corporate information is vulnerable to security attacks. Companies are losing money through security breaches. This paper describes an MSc project that aimed to investigate the issues surrounding corporate information security management. Postal questionnaires and telephone interviews were used. Findings indicate that companies are not proactively tackling information security management and thus are not prepared for security incidents when they occur. Reasons for this lack of action include: awareness of information security threats is restricted; management and awareness of information security is concentrated around the IT department; electronic information is viewed as an intangible business asset; potential security risks of Internet access have not been fully assessed; and surveyed companies have not yet encountered security problems, and therefore are unprepared to invest in security measures. The recommendations include that companies: carry out a formal risk analysis; move information security management from being an IT‐centric function; and alter perceptions towards electronic information so that information is viewed as a valuable corporate asset.
APA, Harvard, Vancouver, ISO, and other styles
41

Mejias, Roberto J., and Pierre A. Balthazard. "A Model of Information Security Awareness for Assessing Information Security Risk for Emerging Technologies." Journal of Information Privacy and Security 10, no. 4 (October 2, 2014): 160–85. http://dx.doi.org/10.1080/15536548.2014.974407.

Full text
APA, Harvard, Vancouver, ISO, and other styles
42

Michelberger, Pál, and Ágnes Kemendi. "DATA, INFORMATION AND IT SECURITY - SOFTWARE SUPPORT FOR SECURITY ACTIVITIES." Problems of Management in the 21st Century 15, no. 2 (December 10, 2020): 108–24. http://dx.doi.org/10.33225/pmc/20.15.108.

Full text
Abstract:
Data protection, information and IT security became number one priorities in these fast- paced days that top management needs to focus on. A number of IT solutions have been developed on the market to address the security challenges that require prompt actions. These solutions contribute to a control environment that is robust and stand the potential threats. This research describes the framework of governance, risk and compliance and provides an integrated, holistic approach which helps to increase process performance and to ensure that the organization follows its own rules, risk appetite, and complies with external regulations. These systems fulfil a core role in the enterprise’s defense system. This research reviews the features of security packages relevant to IT GRC and provides an overview of the security elements and describes their main characteristics. This review covers the configuration database related to the enterprise business model; the business impact analysis; the risk management-, governance and compliance functions; the data security; the data protection and GDPR; the business continuity management; the network -, IoT - and industrial control system safety, the access - and log management. Embedding these solutions to the business and operations processes strengthens the response of an organization to the various risks and requirements that it faces and reduces the likelihood of major non-compliance or security gaps. Keywords: data protection, GRC software solutions, information security
APA, Harvard, Vancouver, ISO, and other styles
43

Somepalli, Sri Harsha, Sai Kishore Reddy Tangella, and Santosh Yalamanchili. "Information Security Management." HOLISTICA – Journal of Business and Public Administration 11, no. 2 (August 1, 2020): 1–16. http://dx.doi.org/10.2478/hjbpa-2020-0015.

Full text
Abstract:
AbstractInformation security management is a very important issue for anyone working in the field of technology, or for anyone at risk of security breach, who understands the implications of these vulnerabilities. Many organizations are always on the constant threat of a security breach. It is easy for an organization to experience a data breach that can seriously compromise their data. With the evolving threats of data security, organizations are always working to ensure that their data is protected. Frameworks associated with information security can be pivotal to an organization. Frameworks employed in organizations helps to protect the employee and user information which is essential as it puts employees and clients at ease that their information is secure. Identifying the ideal frameworks for an organization is important. However, this process can be a bit tricky as a lot has to be considered to identify the best framework for the organization.
APA, Harvard, Vancouver, ISO, and other styles
44

Labuschagne, L., and J. H. P. Eloff. "Electronic commerce: the information‐security challenge." Information Management & Computer Security 8, no. 3 (August 1, 2000): 154–57. http://dx.doi.org/10.1108/09685220010372582.

Full text
Abstract:
The major reason why most people are still sceptical about electronic commerce is the perceived security risks associated with electronic transactions over the Internet. The Internet, however, holds many opportunities that could mean survival or competitive advantage for many organisations. To exploit these opportunities, it is important to first analyse the risks they hold. Electronic commerce is based on business as well as technological risks, making it a very difficult environment to secure. Apart from these two types of risk categories there are several other issues and problems that need to be addressed.
APA, Harvard, Vancouver, ISO, and other styles
45

Michael, Katina. "Security Risk Management: Building an Information Security Risk Management Program from the Ground Up." Computers & Security 31, no. 2 (March 2012): 249–50. http://dx.doi.org/10.1016/j.cose.2011.12.011.

Full text
APA, Harvard, Vancouver, ISO, and other styles
46

Shamala, Palaniappan, Rabiah Ahmad, Ali Hussein Zolait, and Shahrin bin Sahib. "Collective information structure model for Information Security Risk Assessment (ISRA)." Journal of Systems and Information Technology 17, no. 2 (May 11, 2015): 193–219. http://dx.doi.org/10.1108/jsit-02-2015-0013.

Full text
Abstract:
Purpose – Information security has become an essential entity for organizations across the globe to eliminate the possible risks in their organizations by conducting information security risk assessment (ISRA). However, the existence of numerous different types of risk assessment methods, standards, guidelines and specifications readily available causes the organizations to face the daunting tasks in determining the most suitable method that would augur well in meeting their needs. Therefore, to overcome this tedious process, this paper suggests collective information structure model for ISRA. Design/methodology/approach – The proposed ISRA model was developed by deploying a questionnaire using close-ended questions administrated to a group of information security practitioners in Malaysia (N = 80). The purpose of the survey was to strengthen and add more relevant additional features to the existing framework, as it was developed based on secondary data. Findings – Previous comparative and analyzed studies reveals that all the six types of ISRA methodologies have features of the same kind of information with a slight difference in form. Therefore, questionnaires were designed to insert additional features to the research framework. All the additional features chosen were based on high frequency of more than half percentage agreed responses from respondents. The analyses results inspire in generating a collective information structure model which more practical in the real environment of the workplace. Practical implications – Generally, organizations need to make comparisons between methodologies and decide on the best due to the inexistence of agreed reference benchmark in ISRA methodologies. This tedious process leads to unwarranted time, money and energy consumption. Originality/value – The collective information structure model for ISRA aims to assist organizations in getting a general view of ISRA flow and gathering information on the requirements to be met before risk assessment can be conducted successfully. This model can be conveniently used by organizations to complete all the required planning as well as to select the suitable methods to complete the ISRA.
APA, Harvard, Vancouver, ISO, and other styles
47

SHAHBAZYAN, Marine. "Information Security in the System of Ensuring National Security." WISDOM 9, no. 2 (December 25, 2017): 92–97. http://dx.doi.org/10.24234/wisdom.v9i2.193.

Full text
Abstract:
As a system-building factor for a modern and dynamically developing society, the information sphere significantly influences the political, economic, cultural, protective, and ideological general state and elements of the states', nations' and individuals' life security, which highlights the importance of information security in the national security system. Information security is a state of national community where the comprehensive and safe protection of a person, society and state is guaranteed from all sorts of information risks and threats, radically oriented political and social forces. Consequently, information security is a complex process to gradually overcome any information risk. The challenges and threats the information security faces determine the specific content of the practical steps and measures that ensure the national security.
APA, Harvard, Vancouver, ISO, and other styles
48

Anton, Nicolae, and Anişor Nedelcu. "Security risk analysis and management." MATEC Web of Conferences 178 (2018): 08015. http://dx.doi.org/10.1051/matecconf/201817808015.

Full text
Abstract:
The management system of informational security is a part of the management system of an organization, that approaches the management of risk from the point of view of the involved information, approach that is used in order to set, to implement, to function, to monitor, to revise, to maintain and to improve the informational security at the organizational level, referring to the progress of the processes required by the management of risk in order to guarantee the security of the information. The appreciation of the efficiency of the security system represents a difficult problem and it contains many elements of subjectiveness, because the analysis of the security risks of information implies using some interviewing techniques based on questionnaires provided by experts in security, that in most of the cases come from outside the organization. This study does not analyse the risk concept, it focuses more on the analysis and the risk management on the practical part using AHP method. Managing the risk and the security requirements are connected by a set of practices and management tools generally used in order to manage the security risk of information. It is essential that the tool and the model used should reflect the objective needs of the organization from the point of view of the management of risk.
APA, Harvard, Vancouver, ISO, and other styles
49

Mokhor, Volodymyr, Oleksandr Bakalynskyi, and Vasyl Tsurkan. "Risk assessment presentation of information security by the risks map." Collection "Information technology and security" 6, no. 2 (December 30, 2018): 94–104. http://dx.doi.org/10.20535/2411-1031.2018.6.2.153494.

Full text
APA, Harvard, Vancouver, ISO, and other styles
50

Collmann, J. "Assessing information security risk in dual-use health information systems." International Congress Series 1281 (May 2005): 296–301. http://dx.doi.org/10.1016/j.ics.2005.03.364.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Information security risk' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography