Challenges and complexities of managing information security

Onwubiko, Cyril; Lenaghan, Andrew

doi:10.1504/ijesdf.2009.027524

Cited by 11 publications

(5 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recent years have seen a significant increase in the complexity and challenges of managing electronic data. The complexity stems from IS's ubiquitous and multifunctional character, which attempts to safeguard and rely on information assurance to protect an organisation's valuable assets while also advancing commercial interactions by creating trust, business alliances, and collaboration platforms [113]. We have identified the following three crucial management issues that need to be addressed in order to fully resolve this issue: (1) compromising system security by addressing risks after the whole system is established; (2) security and information systems are designed in parallel; (3) inadequate thinking is used to shape solutions [114].…”

Section: Open Problems-electronic Information Security In Mobile Networkmentioning

confidence: 99%

“…tect an organisation's valuable assets while also advancing commercial interactions by creating trust, business alliances, and collaboration platforms [113]. We have identified the following three crucial management issues that need to be addressed in order to fully resolve this issue: (1) compromising system security by addressing risks after the whole system is established; (2) security and information systems are designed in parallel; (3) inadequate thinking is used to shape solutions [114].…”

Section: Open Problems-electronic Information Security In Mobile Networkmentioning

confidence: 99%

See 1 more Smart Citation

A Systematic Review on Machine Learning and Deep Learning Models for Electronic Information Security in Mobile Networks

Gupta

Johri

Srinivasan

et al. 2022

Sensors

View full text Add to dashboard Cite

Today’s advancements in wireless communication technologies have resulted in a tremendous volume of data being generated. Most of our information is part of a widespread network that connects various devices across the globe. The capabilities of electronic devices are also increasing day by day, which leads to more generation and sharing of information. Similarly, as mobile network topologies become more diverse and complicated, the incidence of security breaches has increased. It has hampered the uptake of smart mobile apps and services, which has been accentuated by the large variety of platforms that provide data, storage, computation, and application services to end-users. It becomes necessary in such scenarios to protect data and check its use and misuse. According to the research, an artificial intelligence-based security model should assure the secrecy, integrity, and authenticity of the system, its equipment, and the protocols that control the network, independent of its generation, in order to deal with such a complicated network. The open difficulties that mobile networks still face, such as unauthorised network scanning, fraud links, and so on, have been thoroughly examined. Numerous ML and DL techniques that can be utilised to create a secure environment, as well as various cyber security threats, are discussed. We address the necessity to develop new approaches to provide high security of electronic data in mobile networks because the possibilities for increasing mobile network security are inexhaustible.

show abstract

Section: Open Problems-electronic Information Security In Mobile Networkmentioning

confidence: 99%

Section: Open Problems-electronic Information Security In Mobile Networkmentioning

confidence: 99%

A Systematic Review on Machine Learning and Deep Learning Models for Electronic Information Security in Mobile Networks

Gupta

Johri

Srinivasan

et al. 2022

Sensors

View full text Add to dashboard Cite

show abstract

“…The hierarchical relation between the concepts assists organizations with regard to an implementation of the right combination of protection controls to mitigate security risks. In practice, the implementation of a conceptual model, richly represents security concepts and their relationships in terms of threats, attacks, vulnerabilities, assets and countermeasures, and thus facilitates a more efficient management of information systems security [24]. The advantages of this approach to organizations are:…”

Section: A Conceptual Model Developed In the Context Of Is Security Rmentioning

confidence: 99%

Insider Threats: The Major Challenge to Security Risk Management

Pereira

Santos

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Security risk management is by definition, a subjective and complex exercise and it takes time to perform properly. Human resources are fundamental assets for any organization, and as any other asset, they have inherent vulnerabilities that need to be handled, i.e. managed and assessed. However, the nature that characterize the human behavior and the organizational environment where they develop their work turn these task extremely difficult, hard to accomplish and prone to errors. Assuming security as a cost, organizations are usually focused on the efficiency of the security mechanisms implemented that enable them to protect against external attacks, disregarding the insider risks, which are much more difficult to assess. All these demands an interdisciplinary approach in order to combine technical solutions with psychology approaches in order to understand the organizational staff and detect any changes in their behaviors and characteristics. This paper intends to discuss some methodological challenges to evaluate the insider threats and its impacts, and integrate them in a security risk framework, that was defined according to the security standard ISO/IEC_JTC1, to support the security risk management process.

show abstract

“…It has been stated that an appropriate security culture can be maintained by a good awareness-program (Schlienger & Teufel, 2003). Thus, achievement of a secure environment of IT assets is largely dependent on the organization's security awareness, protection, monitoring, investigative, assurance and survivability plans afforded to its valued assets (Onwubiko & Lenaghan, 2009).…”

Section: Is Security Culturementioning

confidence: 99%

Identifying Vulnerabilities of Advanced Persistent Threats

Nicho

Khan

2014

International Journal of Information Security and Privacy

View full text Add to dashboard Cite

One of the most serious and persistent threat that has emerged in recent years combining technical as well as non-technical skills is the Advanced Persistent Threat, commonly known as APT where hackers circumvent the organizational defenses and instead target the naivety of the employees in making an unintentional mistake. While this threat has gained prominence in recent years, research on its cause and mitigation is still at the infancy stage. In this paper the authors explore APT vulnerabilities from an organizational perspective to create a taxonomy of non-technical and technical vulnerabilities. The objective is to enhance awareness and detection of APT vulnerabilities by managers and end users. To this end, the authors conducted interviews with senior IT managers in three large organizations in Dubai, United Arab Emirates. The analysis of the findings suggested that the APT threat environment is affected by multiple factors spanning primarily non-technical as well as technical vulnerabilities.

show abstract

Challenges and complexities of managing information security

Cited by 11 publications

References 7 publications

A Systematic Review on Machine Learning and Deep Learning Models for Electronic Information Security in Mobile Networks

A Systematic Review on Machine Learning and Deep Learning Models for Electronic Information Security in Mobile Networks

Insider Threats: The Major Challenge to Security Risk Management

Identifying Vulnerabilities of Advanced Persistent Threats

Contact Info

Product

Resources

About