Information security strategies: towards an organizational multi-strategy perspective

Ahmad, Atif; Maynard, Sean B.; Park, Sangseo

doi:10.1007/s10845-012-0683-0

Cited by 83 publications

(62 citation statements)

References 67 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The impact of internal misuse of information within the organization has increased the vulnerability and risks associated with such abuse [44]. A useful strategy is to implement different security concepts to deter any possible internal threats such as employing disciplinary actions to control human behavior and attitude, the use of more monitoring surveillance, perimeter defense, and notably incorporating decoys as a mean of deception to attackers [8].…”

Section: Researchmentioning

confidence: 99%

“…Increased cyber attacks are due to attackers being more sophisticated in this ever evolving and complexed digital economy that has grown exponentially [7]. Exploits have increased tremendously in the past decade which resulted in the increase or property loss, privacy, data theft, which impacted consumer confidence [8]. Exploits increased more than 42% by 2012 with an average of 116 targeted incidents daily [11].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Discovering New Cyber Protection Approaches from a Security Professional Prospective

Loukaka¹,

Rahman²

2017

IJCNC

View full text Add to dashboard Cite

Cybersecurity has become a very hot topic due to high profile breaches that occurred in the past years. Despite the implementation of current known pre-emptive methods such as intrusion detection systems, anti-viruses, and the use of firewalls, hackers still find sophisticated means to steal data or impair an organization by targeting their assets. It is important that security professionals need to "think outside the box" and use new tools and techniques to mitigate threats beyond current known detections and prevention technologies. It is imperative that our infrastructure and assets are impermeable from domestic and foreign attackers. Our best line of defense is the detection of any threats or vulnerability to prevent or minimize damages of our assets from domestic and foreign attackers.

show abstract

Section: Researchmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Discovering New Cyber Protection Approaches from a Security Professional Prospective

Loukaka¹,

Rahman²

2017

IJCNC

View full text Add to dashboard Cite

show abstract

“…Communication security. It has long been a challenging issue in cloud computing on guaranteeing user privacy and service security (Ahmad et al 2014;Khan et al 2013). To provide a secure cloud maintenance service, data security, network security, data locality, data integrity, authentication, and authorization need to be considered and addressed.…”

Section: Discussionmentioning

confidence: 99%

A new paradigm of cloud-based predictive maintenance for intelligent manufacturing

et al. 2015

View full text Add to dashboard Cite

Advances in cloud computing reshape the manufacturing industry into dynamically scalable, on-demand service oriented, and highly distributed cost-efficient business model. However it also poses challenges such as reliability, availability, adaptability, and safety on machines and processes across spatial boundaries. To address these challenges, this paper investigates a cloud-based paradigm of predictive maintenance based on mobile agent to enable timely information acquisition, sharing and utilization for improved accuracy and reliability in fault diagnosis, remaining service life prediction, and maintenance scheduling. In the new paradigm, a low-cost cloud sensing and computing node is firstly developed with embedded Linux operating system, mobile agent middleware, and open source numerical libraries. Information sharing and interaction is achieved by mobile agent to distribute the analysis algorithms to cloud sensing and computing node to locally process data and share analysis results. Comparing to the commonly used clientserver paradigm, the mobile agent approach enhances the system flexibility and adaptability, reduces raw data transmission, and instantaneously responds to dynamic changes of operations and tasks. Finally, the presented cloud-based paradigm of predictive maintenance is validated on a motor tested system.

show abstract

“…A comprehensive and effective information security management (ISM) strategy begins with an accurate information security risk assessment (ISRA). An effective ISRA attempts to provide a prioritized estimation of the likelihood and impact of a range of security scenarios, with each scenario considering potential threats to organizational assets and existing protective controls (Shedden, Ruighaver, & Ahmad, 2010a;Ahmad, Maynard, & Park 2014b). ISRAs then guide the strategic selection of security controls to protect information resources (Dhillon & Backhouse, 2001).…”

Section: Introductionmentioning

confidence: 99%

Asset Identification in Information Security Risk Assessment: A Business Practice Approach

Shedden¹,

Ahmad²,

Smith³

et al. 2016

CAIS

Self Cite

View full text Add to dashboard Cite

Abstract:Organizations apply information security risk assessment (ISRA) methodologies to systematically and comprehensively identify information assets and related security risks. We review the ISRA literature and identify three key deficiencies in current methodologies that stem from their traditional accountancy-based perspective and a limited view of organizational "assets". In response, we propose a novel rich description method (RDM) that adopts a less formal and more holistic view of information and knowledge assets that exist in modern work environments. We report on an in-depth case study to explore the potential for improved asset identification enabled by the RDM compared to traditional ISRAs. The comparison shows how the RDM addresses the three key deficiencies of current ISRAs by providing: 1) a finer level of granularity for identifying assets, 2) a broader coverage of assets that reflects the informal aspects of business practices, and 3) the identification of critical knowledge assets.

show abstract

Information security strategies: towards an organizational multi-strategy perspective

Cited by 83 publications

References 67 publications

Discovering New Cyber Protection Approaches from a Security Professional Prospective

Discovering New Cyber Protection Approaches from a Security Professional Prospective

A new paradigm of cloud-based predictive maintenance for intelligent manufacturing

Asset Identification in Information Security Risk Assessment: A Business Practice Approach

Contact Info

Product

Resources

About