Information security: protecting the global enterprise
Information security: protecting the global enterprise
Enemy at the gate: threats to information security
Communications of the ACM - Program compaction
Information security standards focus on the existence of process, not its content
Communications of the ACM - Music information retrieval
Security in Computing (4th Edition)
Security in Computing (4th Edition)
Embedding Information Security into the Organization
IEEE Security and Privacy
An audit framework to support information system security management
International Journal of Electronic Security and Digital Forensics
Hi-index | 0.00 |
Information security (IS) management is both complex and challenging. The complexity stems from the pervasive and multi-functional nature of IS, first, to protect organisations' valued assets, in order to achieve secure and dependable information assurance, and second, to advance business relations for the organisation by creating platforms for trust, business alliance and collaboration. Further, the ever-growing dependence of organisations on technology to drive businesses and to create a competitive advantage makes IS management for organisations extremely challenging. These challenges facing organisations in managing IS are numerous and inherently diverse. A traditional approach in addressing these challenges includes the use of technical controls to treat risks. Whilst technical controls are helpful in protecting valued assets, unfortunately, technical controls alone are insufficient in providing dependable security and information assurance required in a contemporary global enterprise. Global outsourcing, consumer-centricity, security compliance and legislation as emerging global business drivers have imposed new security requirements that complicate traditional perspective in security management.