Information Security Management Systems

Susanto, Heru; Almunawar, Mohammad Nabil

doi:10.1201/9781315232355

Cited by 38 publications

(16 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Living in a digital age, including SC, in which most knowledge and information are now becoming extremely important. No one is able to deny that information and knowledge are valuable assets to be secured from unauthorized access including hackers, phishers, social engineers, viruses, and worms that endanger organizations from different angles via the use of intranet, extranet, and the internet [10]. Information systems (IS) are important in the operations of the organization.…”

Section: Impact Of Iot Implementation In Smart Cities Towards Informamentioning

confidence: 99%

“…This policy will ensure the security of information assets and information technology with a particular process to facilitate the goals and objectives of an organization. It consists of strategies, processes, and technological measures used to avoid unauthorized access to IS, modification, stealing, or physical harm [6,10].…”

Section: Citizen's Acceptancementioning

confidence: 99%

“…Quality assurance shall ensure that all decisions, processes, and activities remain in accordance with requirements to prevent service risks prior to their occurrence [82]. In order to ensure compliance with information security policies, standards and procedures, rules, regulations or contractual requirements of each company, the implementation of auditing and digital forensic processes is therefore critical [10].…”

Section: Governancementioning

confidence: 99%

See 2 more Smart Citations

Challenges in IoT Technology Adoption into Information System Security Management of Smart Cities: A Review

2021

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

Sustainable urban development and utilization of Internet of Things (IoT) technology is driving cities globally to evolve into Smart Cities (SC). The power of IoT services and applications will enable public agencies to provide personalized services to the citizens and inevitably improves their much-needed quality of life. However, although the use of IoT technology proves to be advantageous to citizens, it is not without challenges, particularly concerning with the management of information security. As agencies prepare towards SCs with the utilization of IoT, their Information Systems (IS) security management is even more critical. Current IS security management approaches must be reviewed and potentially revise appropriately in tandem with the increasing commercial use of the IoT technology. Therefore, this paper aims to discuss challenges in the IS management specifically in protecting and assuring information accuracy and completeness. Document analysis on relevant literature has been carried out to identify and analyse the challenges. The result discusses that the IS security management for IoT-enabled SC is challenged in five aspects: governance, integrity, interoperability, personalization, and self-organizing. Considerations of these challenges will support SC development concerning the IS security management in IoT-enabled SC.

show abstract

Section: Impact Of Iot Implementation In Smart Cities Towards Informamentioning

confidence: 99%

Section: Citizen's Acceptancementioning

confidence: 99%

Section: Governancementioning

confidence: 99%

See 1 more Smart Citation

Challenges in IoT Technology Adoption into Information System Security Management of Smart Cities: A Review

2021

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

show abstract

“…Susanto and Almunawar 31 show the importance of standard compliance and propose the information security framework (ISF). The framework is a semi-automated tool developed to assist organizations to assess their compliance with ISO 27001.…”

Section: Related Workmentioning

confidence: 99%

Security standard compliance and continuous verification for Industrial Internet of Things

Bicaku

Tauber

Delsing

2020

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Due to globalization and digitalization of industrial systems, standard compliance is gaining more attention. In order to stay competitive and remain in business, different sectors within industry are required to comply with multiple regulations. Compliance aims to fulfill regulations by including all measures imposed by laws and standards. Every device, application, or service implements several technologies at many levels, and standards support interoperability across them. They help to create global markets for industries and enable networked development in order to be successful and sustainable. This work highlights the importance of standard compliance and continuous verification in industrial Internet of Things and implements an automatic monitoring and standard compliance verification framework. In this work, we focus on security, safety, and organizational aspects of industrial Internet of Things. We identify a number of standards and best practice guidelines, which are used to extract security, safety, and organizational measurable indicator points. In addition, a metric model is provided that forms the basis for the necessary information needed for compliance verification, including requirements, standards, and metrics. Also, we present the prototype of the monitoring and standard compliance verification framework used to show the security compliance of an industrial Internet of Things use case.

show abstract

“…Another purpose of this standard is to verify the proper selection of proportionate security controls to provide an acceptable amount of protection for assets. In sum, its main features are information security policies, communication, and operational management, access control, information system acquisition, organization of information security, asset management, business continuity management, human resources security and physical security [34].…”

Section: Security Standardsmentioning

confidence: 99%

Multiple Layers of Fuzzy Logic to Quantify Vulnerabilities in IoT

Shojaeshafiei¹,

Etzkorn²,

Anderson³

2020

Computer Science &Amp; Information Technology

View full text Add to dashboard Cite

Quantifying vulnerabilities of network systems has been a highly controversial issue in the fields of network security and IoT. Much research has been conducted on this purpose; however, these have many ambiguities and uncertainties. In this paper, we investigate the quantification of vulnerability in the Department of Transportation (DOT) as our proof of concept. We initiate the analysis of security requirements, using Security Quality Requirements Engineering (SQUARE) for security requirements elicitation. Then we apply published security standards such as NIST SP-800 and ISO 27001 to map our security factors and sub-factors. Finally, we propose our Multi-layered Fuzzy Logic (MFL) approach based on Goal question Metrics (GQM) to quantify network security and IoT (Mobile Devices) vulnerability in DOT.

show abstract

Information Security Management Systems

Cited by 38 publications

References 0 publications

Challenges in IoT Technology Adoption into Information System Security Management of Smart Cities: A Review

Challenges in IoT Technology Adoption into Information System Security Management of Smart Cities: A Review

Security standard compliance and continuous verification for Industrial Internet of Things

Multiple Layers of Fuzzy Logic to Quantify Vulnerabilities in IoT

Contact Info

Product

Resources

About