Embedding Information Security into the Organization

Authors:
M. Eric Johnson;Eric Goetz
Affiliations:
Center for Digital Strategies, Tuck School of Business at Dartmouth College;Institute for Information Infrastructure Protection (13P) at Dartmouth College
Venue:
IEEE Security and Privacy
Year:
2007

Citing 1
Cited 7

The economic cost of publicly announced information security breaches: empirical evidence from the stock market

Journal of Computer Security - IFIP 2000

A three-layered model to implement data privacy policies

Computer Standards & Interfaces
Information Risk of Inadvertent Disclosure: An Analysis of File-Sharing Risk in the Financial Supply Chain

Journal of Management Information Systems
Challenges and complexities of managing information security

International Journal of Electronic Security and Digital Forensics
The compliance budget: managing security behaviour in organisations

Proceedings of the 2008 workshop on New security paradigms
Firm objectives, IT alignment, and information security

IBM Journal of Research and Development
Managing Information Access in Data-Rich Enterprises with Escalation and Incentives

International Journal of Electronic Commerce
Cyber-risk decision models: To insure IT or not?

Decision Support Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Risk and business have always been inseparable, but new information security risks pose unknown challenges. How should firms organize and manage to improve enterprise security? Here, the authors describe how CISOs are working to build secure organizations.