information security
Attack modeling for information security and survivability
free download
Many engineering disciplines rely on engineering failure data to improve their designs. Unfortunately, this is not the case with information system engineers, who generally do not use security failure data-particularly attack data-to improve the security and survivability of
Corporate governance and information security
free download
The purpose of this paper is to try to create a direct relationship between corporate governance and information security . In doing this the paper tries to make a case why senior management in a company has no choice but to be committed and responsible for
Five dimensions of information security awareness
free download
Until the era of the information society, information security was a concern mainly for organizations whose line of business demanded a high degree of security . However, the growing use of information tedmology is affecting the status of information security so that it
Information warfare and security
free download
In recent years, information warfare has captured the attention of government officials, information security specialists, and curious onlookers. The term is used to cover a broad spectrum of activity but especially a scenario wherein information terrorists, using not much
Information security management best practice based on ISO/IEC 17799
free download
Security matters have become an integral part of daily life, and organizations need to ensure that they are adequately secured. While legislatures enact corporate governance laws, more and more businesses are seeking assurance that their vendors and partners are properly
Information security management: a new paradigm
free download
Information security management needs a paradigm shift in order to successfully protect information assets. Organisations must change to the holistic management of information security requiring a well-established Information Security Management System (ISMS). An
Technical guide to information security testing and assessment
free download
The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 200 Public Law 107-347. NIST is responsible for developing
A framework for human factors in information security
free download
Any security system, no matter how well designed and implemented, will have to rely on people. The fact that human factors play a crucial part in the majority of accidents is a troubling feature of modern security know-how : We can implement appropriate technical The 21st century is the age of information when information becomes an important strategic resource. The information obtaining, processing and security guarantee capability are playing critical roles in comprehensive national power, and information security is related to
ISO/IEC 27000, 27001 and 27002 for information security management
free download
With the increasing significance of information technology, there is an urgent need for adequate measures of information security . Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and
Information security management system standards: A comparative study of the big five
free download
It cannot be denied that nowadays information is a very important asset for any modern organization. Therefore protecting its security is very important and becoming a top priority for many organizations. Unfortunately there is no single formula that can guarantee 100% of
Programming languages for information security
free download
The widespread use of computers to archive, process, and exchange information via the Internet has led to explosive growth in e-commerce and on-line services. This increasing connectivity of the web means that more and more businesses, individual users, and
The need for effective information security awareness
free download
Security awareness is an often-overlooked factor in an information security program. While organizations expand their use of advanced security technology and continuously train their security professionals, very little is used to increase the security awareness among the
Information security strategies: towards an organizational multi-strategy perspective
free download
There considerable advice in both research and practice oriented literature on the topic of information security . Most of the discussion in literature focuses on how to prevent security attacks using technical countermeasures even though there are a number of other viable
Principles and practice of information security
free download
PART I: DIGITAL LIABILITIES AND RISK MANAGEMENT Chapter 1 Security in a Globally Connected Economy Introduction 1 What Is Information Security 1 Definition 1 Security Goals 1 Applying Conventional Principles to the Cyber World 3 The Digital Liability Management
E-learning and information security management
free download
Many e-learning institutions are rushing into adopting ICT without carefully planning and understanding any related security concerns. E-learning is a new method of learning which ultimately depends on the Internet in its execution. The Internet has become the venue for a
Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability
free download
Four kinds of marginal returns to security investment to protect an information set are decrease, first increase and then decrease (logistic function), increase, and constancy. Gordon, LA and Loeb, M.(ACM Trans. Inf. Syst. Secur., 5: 438 45 2002). find for
Losses, gains, and hyperbolic discounting: An experimental approach to information security attitudes and behavior
free download
Surveys and experiments have uncovered a dichotomy between stated attitudes and actual behavior of individuals facing decisions affecting their privacy and their personal information security . Surveys report that most individuals are concerned about the security of their
A framework for comparing different information security risk analysis methodologies
free download
Organisations wanting to conduct information security risk analysis find selecting a methodology problematic. Currently there are numerous risk analysis methodologies available, some of which are qualitative while others are more quantitative in nature. These
Threats to Information securitypublic health implications
free download
THREATS TO INFORMATION SECURITY n engl j med nejm. org if forced to restore from a backup. The 2017 WannaCry attack that affected the NHS is an example. Other recent examples include an attack on the Hollywood (California) Presbyterian Medical Center that
Implementing information security in the 21st century do you have the balancing factors
free download
JD Nosworthy Computers security 2000 130.18.86.27 Over the last 10 years or so the focus of selling information security has been towards identifying the needfor information security obtaining board approval and senior management support. Once this has been sold and the information security policy statement
Information Security Technology Dont Rely on It. A Case Study in Social Engineering.
free download
Many companies spend hundreds of thousands of dollars to ensure corporate computer security . The security protects company secrets, assists in compliance with federal laws, and enforces privacy of company clients. Unfortunately, even the best security mechanisms can
Economic aspects of information security : An emerging field of research
free download
Abstract This paper chronicles the development of eco- nomics of information security as an academic area of research. It also describes the contributions of the papers in the special section of this issue devoted to the topic Keywords Information security . Economic aspect . Security
On the Gordon Loeb model for information security investment.
free download
In this paper we discuss a simple and general model for evaluating optimal investment level in information security proposed by Gordon and Loeb . The authors leave an open question, whether there exists some universal upper limit for the level of optimal security
Human factors and information security : individual, culture and security environment
free download
The application of information security technologies do not always result in improved security . Human factors play a significant role in computer security ; factors such as individual difference, cognitive abilities and personality traits can impact on behaviour. Information
E-learning: Incorporating information security governance.
free download
The global society is living in the electronic age where electronic transactions such as e- mail, e-banking, e-commerce and e-learning are becoming more and more prominent. This paper primarily focuses on e-learning and how important it is to ensure that proper
Does information security attack frequency increase with vulnerability disclosure An empirical analysis
free download
Research in information security risk management and investment has grown in importance over the last few years. However, without reliable estimates on attack probabilities, risk management is difficult to do in practice. Using a novel data set, we provide estimates on
A signature based information security system for vitality proficient information accumulation in wireless sensor systems
free download
Information conglomeration procedures have been generally utilized as a part of wireless sensor systems (WSNs) to take care of the vitality imperative issues of sensor hubs. They can preserve the huge measure of vitality by decreasing information bundle transmission
The economic consequences of sharing security information
free download
The increasing pervasiveness and ubiquity of the Internet has provided cyber attackers with more opportunities to misappropriate or corrupt an organizations data resources. As e- commerce continues to grow, so does cyber crime. According to Jupiter Media Metrix, cyber
A framework for the implementation of socio-ethical controls in information security
free download
The advent of electronic business ( E-business , for short) has not only created an ever- growing demand for information security but also given information security ( infosec , for short) a new dimension. The author of this paper has opted for the term E-business to be
Privacy and security of personal information
free download
Several technological approaches have been proposed to solve the problem of personal privacy. In almost any conceivable scenario-when making purchases, browsing the Internet, responding to surveys, or completing medical tests-the identity of an individual can be
Information security activities of college students: An exploratory study
free download
Academic institutions prepare students for their professional field of study, but student awareness of Information Technology (IT) security issues continues to be poor (McQuade, 2007; Livermore). Most college students communicate via email and social
Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method
free download
Abstract Information security risk analysis becomes an increasingly essential component of organizations operations. Traditional information security risk analysis is quantitative and qualitative analysis methods. Quantitative and qualitative analysis methods have some
Information assurance and security
free download
Background Information assurance contains all the elements of information security (confidentiality) but also includes elements of availability, and integrity1. Information assurance provides a view of information protection that includes defensive measures in all Recent studies suggest that the number of information security incidents has increased dramatically and has caused significant economic loss worldwide. Awareness of the significance of information security is evidenced by a rapid increase in information security
ITIL V3 and information security
free download
This paper discusses the role and importance to the business of effective Information Security Management (ISM), how it is supported by an extensive family of global standards and the way these harmonize with ITIL The intended readership is business and IT managers familiar
An Integrated Framework for Information Security Management.
free download
Today information assets face more potential security breaches than at any time in history. To help mitigate the effect of the threats, information security management (ISM) is a very important part of a successful organizations strategic plan. Due to a significant increase in
Information security management: understanding ISO 17799
free download
Background ISO 17799 is a direct descendant of the British Standard Institute (BSI) Information Security Management standard BS 7799. The BSI (www. bsi-global. com) has long been proactive in the evolving arena of Information Security . In response to industry
The impact of information security breaches on financial performance of the breached firms: an empirical investigation
free download
This study investigates the impact of information security breaches on firm performance. Unlike previous studies that used an event study methodology, we used a matched-sample comparison analysis to investigate the impact of security breaches on firm performance. To
Leadership styles and information security compliance behavior: The mediator effect of information security awareness
free download
Leadership styles play an important role to enhance employees information security awareness and lead to proper information security compliance behavior. Therefore, the current study aims to investigate the indirect effect of leadership styles on users information