Information security tools and practices: what works?

Ryan, Julie J.C.H.

doi:10.1109/tc.2004.45

Cited by 15 publications

(13 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Earlier research predominantly focused on addressing information security risk by examining the vulnerability of the firm. However, two approaches are generally used in managing information security risks (Ryan 2004). One is to reduce the likelihood of occurrence by reducing the vulnerability of the system.…”

Section: Research Design-group Model-building Workhopsmentioning

confidence: 99%

Managing information security risks during new technology adoption

Qian

Fang

González

2012

Computers & Security

View full text Add to dashboard Cite

In the present study, we draw on previous system dynamics research on operational transition and change of vulnerability to investigate the role of incident response capability in controlling the severity of incidents during the adoption of new technology.Towards this end, we build a system dynamics model using the Norwegian Oil and Gas Industry as the context. The Norwegian Oil and Gas Industry has started to adopt new information communication technology to connect its offshore platforms, onshore control centers, and suppliers. In oil companies, the management is generally aware of the increasing risks associated with operational transition; however, to date, investment in incident response capability has not been highly prioritized because of the uncertainty related to risks and the present reactive mental model of security risk management. The model simulation shows that a reactive approach to security risk management might trap the organization into blindness to minor incidents and low incident response capability, which can lead to severe incidents. The system dynamics model can serve as a means to promote proactive investment in incident response capability.

show abstract

Section: Research Design-group Model-building Workhopsmentioning

confidence: 99%

Managing information security risks during new technology adoption

Qian

Fang

González

2012

Computers & Security

View full text Add to dashboard Cite

show abstract

“…The ICT professionals have based their risk perceptions on ISO 17799, while the SCADA professionals have based their risk perceptions on IEC 61508. In addition the responsibility of ICT and SCADA systems are placed in different organizational silos, with little collaboration and few common risk perceptions [17]. Interviews with experts in security management showed that the platform management teams had not worked to proactively identify risks related to integration of ICT and SCADA systems or improve IR capability when the operation transition started.…”

Section: The Platform Under Studymentioning

confidence: 99%

“…Here we summarize them in Table 1. There are two approaches to manage the risk [17]. One is to control the threat by reducing the likelihood of occurrence, i.e.…”

Section: The Platform Under Studymentioning

confidence: 99%

Managing Emerging Information Security Risks during Transitions to Integrated Operations

Qian

Fang

Jaatun

et al. 2010

2010 43rd Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…To protect the main IS assets held in such systems from misuse, abuse and destruction; organizations often utilize a variety of methods such as installing firewalls, updating anti-virus software, backing up their systems, maintaining and restricting access controls, using encryption keys, using surge protectors, and using wide-ranging monitoring systems (Ryan, 2004;Workman, Bommer and Straub, 2008;Lee and Larsen, 2009). However, the said methods offer a technological or technical solution to the problem, and are hardly sufficient in providing total protection of IS organizational resources (Rhodes, 2001;Sasse et al, 2004;Stanton, Stam, Mastrangelo, and Jolton 2005;Herath and Rao, 2009).…”

Section: Introductionmentioning

confidence: 99%

Technology Of Trust: Safely In, Securely Out System (E-Siso)

Razak¹

2018

The European Proceedings of Social and Behavioural Sciences

View full text Add to dashboard Cite

Nowdays, integrity and trust is raised and expanded. In making sure that the system to be successful, these two elements are needed. It is the main task as a service provider to guarantee a system that is always free from any errors. Due to this reason, a system called SAFELY IN, SECURELY OUT SYSTEM (E-SISO) is created. E-SISO is a security system focusing on thumbprint method that is specially created for Immigration Department of Malaysia in convincing the public that they are "Doing It Right the First Time". E-SISO is concentrating into solving and diminishing any arise issues during the arresting procedures of PATI up to their releasing day. The main highlight of E-SISO is the promising process that resulted to zero error. This can only be done when the PATI (suspect or "OKT") is "Safely In" throughout the whole processes and they are "Securely Out" during releasing day without any complaints for any loss that covering the individuals and their belongings. There are lots of advantages and benefits of E-SISO from being paperless to guaranteeing software interoperability and meeting current standards. As for novelty factor, E-SISO will be the first to be implemented in Immigration Department of Malaysia which can be a model for generalization purposes to other public security departments.

show abstract

Information security tools and practices: what works?

Cited by 15 publications

References 0 publications

Managing information security risks during new technology adoption

Managing information security risks during new technology adoption

Managing Emerging Information Security Risks during Transitions to Integrated Operations

Technology Of Trust: Safely In, Securely Out System (E-Siso)

Contact Info

Product

Resources

About