Setting Priorities in Your Security Program

Schatz, Derek

doi:10.1201/9781420067101.ch7

Cited by 6 publications

(7 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This, however, was impossible because the DTT security survey data had changing information security concerns over the years (see DTT-Global Security Survey, 2005;). However, this reality is consistent with rationale as IS security concerns in organizations never remain static (Kritzinger and Smith;Schatz, 2008). As such, this research had to use cross-sectional data i.e.…”

Section: An Exploratory Study Of the Relationships Between Selected Cmentioning

confidence: 83%

“…As well, a modified version of the Carnegie Mellon's Capacity Maturity Model (CMMI) can be used for assessing security programs in GFSI. Insights fiom the work of Schatz (2008) as well as items from the 2009 DTT survey permit us to suggest that both the CMMI and COBIT models informed the composition of items used for the DTT survey. The 13 security concerns investigated and reported in the 2009 DTT survey are highlighted in Table 1.…”

Section: Background Of the Studymentioning

confidence: 99%

See 1 more Smart Citation

An Exploratory Study of the Relationships between Selected Contextual Factors and Information Security Concerns in Global Financial Services Institutions

Ifinedo¹

2011

Journal of Information Privacy and Security

View full text Add to dashboard Cite

This paper examines the relationships between three contextual factors i.e. transparency levels, information and communication technologies (ICT) use laws, and national legal systems efficiency and information security concerns in the global financial services institutions (GFSI). This research essentially seeks to expand the breadth of knowledge provided in the 2009 Deloitte Touche Tohmatsu (DTT) survey, which reported on information security issues in GFSI. This current study used secondaly data sources for its analysis. The inference from the 2009 DTT survey was that information security concerns across GFSI are being informed solely by industryrelated standards or imperatives. To that end, perceptions and attitudes toward such issues were thought to remain unchanged in differing national contexts. However, this study's data analysis showed that the perceptions of information security concerns among GFSI employees across the world compare somewhat and also difler, in other respects. Also, this research's findings indicated that GFSI practitioners need to be aware of two information security concerns: a) how information security and business initiatives are appropriately aligned in their organizations, b) the issue of who has the responsibility for privacy in their setups. Against the backdrop of the countries used in this study and the three contextual factors considered, this study found that these two issues to be signz3cantly relevant to the management of security and privacy concerns in GFSI. The implications of the study' findings for practitioners and academic researchers are discussed, and possible areas of kture research outlined.

show abstract

Section: An Exploratory Study Of the Relationships Between Selected Cmentioning

confidence: 83%

Section: Background Of the Studymentioning

confidence: 99%

An Exploratory Study of the Relationships between Selected Contextual Factors and Information Security Concerns in Global Financial Services Institutions

Ifinedo¹

2011

Journal of Information Privacy and Security

View full text Add to dashboard Cite

show abstract

“…Background and literature review IT security concerns and issues Scholars such as Dhillon and Backhouse (2001), Straub and Welke (1998) and Siponen (2005) suggest that the high incidence of security breaches in organizations could be IMCS 17,5 attributed to their inability to adequately focus on non-technical issues. Such non-technical concerns and issues include the basic policies, procedures, practices, and strategies that organizations put in place to minimize threats and control any loss that may arise from breaches (Siponen, 2005;McPhee, 2008;Schatz, 2008). Not surprisingly then, 79 percent of participants in the 2007 DTT survey noted that human factors (non-technical issues) are the root cause of information security failures in the GFSI industry.…”

Section: Introductionmentioning

confidence: 99%

Information technology security management concerns in global financial services institutions

Ifinedo

2009

Information Management &Amp; Computer Security

View full text Add to dashboard Cite

Purpose -The purpose of this paper is to add a layer of understanding to a previous survey of information technology (IT) security concerns and issues in global financial services institutions (GFSI). Design/methodology/approach -This paper uses data obtained from a secondary source. The dimensions of national culture used in this paper come from Hofstede's work. Two analyses are performed on the data. First, a non-parametric test is conducted to determine whether there are significant differences on the 13 IT security concerns when the dimensions of national culture are used to group responses. Second, a correlation analysis is carried out between the study's variables. Findings -First, the results indicate that the dimensions of national culture are not statistically important in differentiating responses and perceptions of IT security concerns across GFSI. Second, some of the dimensions of national culture are found to have significant correlations with a few of the IT security concerns investigated.Research limitations/implications -The use of a secondary data source introduces some limitations. The views captured in the survey are those of management team, it is likely that end-users' perceptions may vary considerably. Nonetheless, the main finding of the paper for corporate managers in the financial services industry is that IT security concerns appear to be uniform across cultures. Further, the data show that the dimension of uncertainty avoidance deserves further attention with regard to the assessment of security concerns in GFSI. This information may be useful for decision making and planning purposes in the financial services industry. Originality/value -This paper is believed to be among the first to examine the impacts of national culture on IT security concerns in GFSI. The paper's conclusions may offer useful insights to corporate managers in the industry.

show abstract

“…This, however, was impossible because the DTTL security survey data reflected changing information security concerns over the years [1], [7][8][9]. This reality is consistent with this study's rationale as IS security concerns in organizations never remain static [5]. As such, this research had to use cross-sectional data i.e.…”

Section: Limitations and Directions For Future Researchmentioning

confidence: 99%

“…Hence, corporate managers, including those in the financial services industry, are advised to constantly assess their risk environments, gain an understanding of which risks need to be prioritized, and adjust their programs to address new security concerns or threats [5], [6]. Threats in the financial services industry can manifest in several forms such as the introduction of malwares, industrial espionage, cyber crimes, and so forth.…”

Section: Introductionmentioning

confidence: 99%

Relationships Between Relevant Contextual Influences and Information Security Threats and Controls in Global Financial Services Industry

Ifinedo

2013

CIT

View full text Add to dashboard Cite

Businesses operating in the Global Financial Services Industry (GFSI) know the importance of protecting information assets from ever-growing security threats and risks. This paper aims at shedding light on the relationships between four relevant contextual factors i.e. national legal infrastructure, transparency levels, ethical behavior of firms, and capacity for innovation, on the one hand, and information security threats and controls, on the other. To some extent, this study enriches the information provided in the 2012 Deloitte Touche Tohmatsu Limited (DTTL) survey. This study's findings indicated that contextual factors such as national transparency levels and ethical behavior of firms do have positive associations with, and effects on some information security threats and controls. Information provided in this study is beneficial to both practitioners and academicians.

show abstract

Setting Priorities in Your Security Program

Cited by 6 publications

References 0 publications

An Exploratory Study of the Relationships between Selected Contextual Factors and Information Security Concerns in Global Financial Services Institutions

An Exploratory Study of the Relationships between Selected Contextual Factors and Information Security Concerns in Global Financial Services Institutions

Information technology security management concerns in global financial services institutions

Relationships Between Relevant Contextual Influences and Information Security Threats and Controls in Global Financial Services Industry

Contact Info

Product

Resources

About