Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
The New Organizational Wealth: Managing and Measuring Knowledge-Based Assets
The New Organizational Wealth: Managing and Measuring Knowledge-Based Assets
Knowledge Management Case Book: Siemens Best Practices
Knowledge Management Case Book: Siemens Best Practices
Working Knowledge: How Organizations Manage What They Know
Working Knowledge: How Organizations Manage What They Know
Why Information Security is Hard-An Economic Perspective
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day
The Economic Incentives for Sharing Security Information
Information Systems Research
Managing Cybersecurity Resources (The Mcgraw-Hill Homeland Security Series)
Managing Cybersecurity Resources (The Mcgraw-Hill Homeland Security Series)
How to think about security failures
Communications of the ACM - Personal information management
ISC'06 Proceedings of the 9th international conference on Information Security
The role of behavioral research and profiling in malicious cyber insider investigations
Digital Investigation: The International Journal of Digital Forensics & Incident Response
| Hi-index | 0.00 |
Knowledge Management (KM), Quality Management (QM) and Safety Management (SM) are mature fields that have evolved and improved over time. Information security management (ISM) has aspects of these fields. E.g. tougher customer demands require continuous quality improvement, while new threats create a need for constantly improved security. Information technology brings new opportunities, but also challenges for KM, as it does for security. Organizations must comply with increasingly stricter safety laws, analogous to ISM requirements given by e.g. the Sarbanes-Oxley act. Research and practical experiences in KM, QM and SM have generated valuable insights that the younger, immature field of ISM can learn from. We present ten lessons and apply them to ISM. Key insights include the emphasis of good implementation over selection of model, the necessity of multi disciplinary teams, long term thinking, measurement, visualizing security costs, benchmarking, continuous improvement, collaboration, going beyond compliance and security as a competitive advantage.