Development of the Information Security Management System Standard for Public Sector Organisations in Estonia

Seeba, Mari; Matulevičius, Raimundas; Toom, Ilmar

doi:10.52825/bis.v1i.43

Bus. Inf. Sys.

2021

DOI: 10.52825/bis.v1i.43

|View full text |Cite

Development of the Information Security Management System Standard for Public Sector Organisations in Estonia

Mari Seeba

Raimundas Matulevičius

Ilmar Toom³

Abstract: Standardisation gives us a common understanding or processes to do something in a commonly accepted way. In information security management, it means to achieve the appropriate security level in the context of known and unknown risks. Each government’s goal should be to provide digital services to its citizens with the acceptable level of confidentiality, integrity and availability. This study elicits the EU countries’ requirements for information security management system (ISMS) standards and provides the st… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2021

Publication Types

Select...

Article1

Relationship

Self Cite0

Independent1

Authors

Journals

Cited by 1 publication

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Cyber Security Culture Level Assessment Model in the Information System

Skiter¹

2021

Cybersecurity

View full text Add to dashboard Cite

The paper sets the task of formalizing the processes of assessing the culture of cybersecurity of the information system of the organization. The basis is a comprehensive model that takes into account the technical and organizational parameters of the information system and the risks associated with them. The level of security culture of the information system is assessed on the basis of building an additive model. The model includes the characteristics of system state clusters. Clusters are formed on the basis of arrays of factors that correspond to different classes of information security culture. Classes are formed on the basis of sets of factors. Their impact is assessed using the severity of the consequences for the level of cybersecurity of the information system. In addition, the probability of manifestation of this factor in a particular information system is determined. The value of coefficients and probability distributions for each cluster and set of factors is estimated by expert methods and on the basis of a survey. A feature of the formation of arrays of factors is the inclusion in each cluster of a factor that reflects the passive behavior of the user to negative factors. Thus, the model introduces the probability of rejection of negative factors and the probability of ideal behavior for the formation of the appropriate class of threats. It is proposed to determine the average weights of the factors of the level of influence on the cybersecurity of the information system on the basis of the weighted average indicator. A method of estimating weights based on the equally probable distribution of negative factors within the cluster

show abstract

Cyber Security Culture Level Assessment Model in the Information System

Skiter¹

2021

Cybersecurity

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Development of the Information Security Management System Standard for Public Sector Organisations in Estonia

Cited by 1 publication

References 2 publications

Cyber Security Culture Level Assessment Model in the Information System

Cyber Security Culture Level Assessment Model in the Information System

Contact Info

Product

Resources

About