Security concerns of system users: a study of perceptions of the adequacy of security
Information and Management
A framework for information security evaluation
Information and Management
Computer crime: a crimefighter's handbook
Computer crime: a crimefighter's handbook
Development of security policies
Computers and Security
Security threats to internet: a Korean multi-industry investigation
Information and Management
Computer System and Network Security
Computer System and Network Security
A framework for using insurance for cyber-risk management
Communications of the ACM
Enemy at the gate: threats to information security
Communications of the ACM - Program compaction
The IS risk analysis based on a business model
Information and Management
Why there aren't more information security research studies
Information and Management
Information Security Risk Analysis
Information Security Risk Analysis
Investigating factors affecting the adoption of anti-spyware systems
Communications of the ACM - Spyware
Systems Design, Process Performance, and Economic Outcomes in International Banking
Journal of Management Information Systems
An integrative study of information systems security effectiveness
International Journal of Information Management: The Journal for Information Professionals
NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems
NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems
An empirical investigation of anti-spyware software adoption: A multitheoretical perspective
Information and Management
Estimating the market impact of security breach announcements on firm values
Information and Management
Expert Systems with Applications: An International Journal
Detecting complex account fraud in the enterprise: The role of technical and non-technical controls
Decision Support Systems
International Journal of Information Management: The Journal for Information Professionals
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Towards an empirical examination of IT security infrastructures in SME
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Countermeasure graphs for software security risk assessment: An action research
Journal of Systems and Software
Perceived information security of internal users in Indian IT services industry
Information Technology and Management
| Hi-index | 0.00 |
IS security threats have increased significantly in recent years. We identified the gaps between manager perceptions of IS security threats and the security countermeasures adopted by firms by collecting empirical data from 109 Taiwanese enterprises. Industry type and organizational use of IT were seen as the two factors that affected the motivation of firms to adopt security countermeasures, but their implementation did not necessarily affect the threat perceptions of the managers. Analyses of responses suggested that the scope of the countermeasures adopted were not commensurate with the severity of the perceived threats. Among the threats, networks were rated as contributing the most severe threat and yet had the lowest level of protection, this was followed by threats due to personnel and administrative issues. We therefore addressed threat mitigation strategies, specifically in terms of the differences between industries.