Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Business Dynamics
ISC'06 Proceedings of the 9th international conference on Information Security
Critical Infrastructure Protection
Hi-index | 0.00 |
Security Management is a complex task. It requires several interconnected activities: designing, implementing and maintaining a robust technical infrastructure, developing suitable formal procedures and building a widespread, agreed upon security culture. Thus, security managers have to balance and integrate all these activities simultaneously, which involves short and long-term effects and risks. For this reason, security managers need to correctly understand, achieve and maintain a dynamic equilibrium between all of them. The development of a simulation model can be an efficient approach towards this objective, as it involves making explicit key factors in security management and their interconnections to efficiently reduce organizational security risks. This endogenous perspective of the problem can help managers to design and implement more effective policies. This paper presents a methodology for developing simulation models for information security management. The use of this methodology is illustrated through examples.