Factors Influencing the Implementation of Information Systems Security Strategies in Organizations

Park, Sangseo; Ahmad, Atif; Ruighaver, Anthonie B.

doi:10.1109/icisa.2010.5480261

Cited by 4 publications

(5 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For effective and successful implementation of security, organizations need to support business objectives, and security needs. 15 In most organizations, security policy defines who has access to which resources and how this access has to be regulated and managed. In the RBAC model, organizations' security policy explains how permissions can be associated with the roles.…”

Section: Access Control Managementmentioning

confidence: 99%

Developing an access control management metamodel for secure digital enterprise architecture modeling

Nahar

Gill

Roach³

2021

Security and Privacy

View full text Add to dashboard Cite

There is an increasing interest in embedding the security in the design of digital enterprise architecture (EA) modeling platform to secure the digital assets.Access control management (ACM) is one of the key aspects of a secure digital enterprise architecture modeling platform design. Typical enterprise architecture modeling approaches mainly focus on the modeling of business, information, and technology elements. This draws our attention to this important question: how to model ACM for a secure digital EA modeling platform to ensure secure access to digital assets? This article aims to address this important research question in collaboration with our industry partner and developed an ontology-based ACM metamodel that can be used by enterprises to model their ACM for a particular situation. This research has been conducted using the well-known action-design research (ADR) method to develop and evaluate the ACM metamodel for the secure digital EA modeling platform.

show abstract

Section: Access Control Managementmentioning

confidence: 99%

Developing an access control management metamodel for secure digital enterprise architecture modeling

Nahar

Gill

Roach³

2021

Security and Privacy

View full text Add to dashboard Cite

show abstract

“…A systematic review has been done regarding this research to retrieve what factors trigger insider threats to commit and attack an organization's data. To identify potential factors that influence the successful implementation of strategies, we first identified as many factors as possible that influence the implementation of security in organizations (Park et al, 2010). This phase was necessary because extracted factors will be used to build an architecture of ISS strategies, which implies that they need to be examined using organizational, architectural, and information systems standpoints (Park et al, 2010).…”

Section: Literature Reviewmentioning

confidence: 99%

“…To identify potential factors that influence the successful implementation of strategies, we first identified as many factors as possible that influence the implementation of security in organizations (Park et al, 2010). This phase was necessary because extracted factors will be used to build an architecture of ISS strategies, which implies that they need to be examined using organizational, architectural, and information systems standpoints (Park et al, 2010). An initial examination of factors in the literature review reveals that factors can be grouped based on their features and roles (Park et al, 2010).…”

Section: Literature Reviewmentioning

confidence: 99%

“…This phase was necessary because extracted factors will be used to build an architecture of ISS strategies, which implies that they need to be examined using organizational, architectural, and information systems standpoints (Park et al, 2010). An initial examination of factors in the literature review reveals that factors can be grouped based on their features and roles (Park et al, 2010).…”

Section: Literature Reviewmentioning

confidence: 99%

See 1 more Smart Citation

A confirmatory analysis of the prevention insider threat in organization information system

Abu Bakar,

Rahmatullah,

Munastiwi

et al. 2021

J TECHNOL HUM

View full text Add to dashboard Cite

Many issues related to insider threat in organization had been debated ever since. Although insider attacks may not occur as frequently as external attacks, they have a higher rate of success, go undetected, and pose a much greater risk than external adversaries. In relation to that, it is undeniably the fact that many mechanisms have been proposed to be an initiative to protect data from outside attacks. However, those mechanisms could not protect data from authorized users who may misuse their privileges. Due to that circumstances, the development of mechanisms that protect sensitive data from insiders somehow become pitch demand as in method to prevent harm caused by malicious insiders. The method of this research is the quantitative method using a questionnaire. The findings have contributed to developing a framework that will be used to prevent insider threat in an organization in the future.

show abstract

“…The latest security technologies, such as biometrics, firewalls, smartcards, and encryption, have been implemented by many organizations (Kreicberga, 2010), but employees' attitudes towards information security are still influenced by human error, which leads to information security problems (Park, Ruighaver and Ahamad, 2010). This is corroborated by data showing that human mistake accounts for 90% of cybersecurity issues (Kemper, 2019).…”

Section: Introductionmentioning

confidence: 99%

Assessing Information Security Competencies of Firm Leaders towards Improving Procedural Information Security Countermeasure: Awareness and Cybersecurity Protective Behavior

Alghazo

Humaidi

Noranee

2023

IMBR

View full text Add to dashboard Cite

Cybersecurity threats are a serious issue faced by many organizations in this new information era. Therefore, security leaders play a significant role not only to ensure that all their employees are practicing good security behavior to protect organizational information assets but also to ensure that security technology has been installed properly to protect network infrastructure. This study aims to examine cybersecurity protective behavior (CPB) among employees in the organization and focus on the role of leadership competencies and information security countermeasure awareness. The questionnaires were distributed via email and self-administered, and the study managed to obtain 245 responses. Partial Least Squares-Structural Equation Modeling (PLS-SEM) analysis was used to analyze the final data. Confirmatory factor analysis (CFA) testing shows that all the measurement items of each construct were adequate in their validity individually based on their factor loading value. Moreover, each construct is valid based on its parameter estimates and statistical significance. The research findings show that Procedural Information Security Countermeasure (PCM) awareness strongly influences CPB compared to a leader's information security competencies (ISI). Meanwhile, ISI significantly influences PCM awareness. This study adapts the theory of leadership competencies in the context of cybersecurity, which is particularly beneficial to any industry in improving organizational information security strategic plans.

show abstract

Factors Influencing the Implementation of Information Systems Security Strategies in Organizations

Cited by 4 publications

References 29 publications

Developing an access control management metamodel for secure digital enterprise architecture modeling

Developing an access control management metamodel for secure digital enterprise architecture modeling

A confirmatory analysis of the prevention insider threat in organization information system

Assessing Information Security Competencies of Firm Leaders towards Improving Procedural Information Security Countermeasure: Awareness and Cybersecurity Protective Behavior

Contact Info

Product

Resources

About