information security


Attack modeling for information security and survivability
free download

Many engineering disciplines rely on engineering failure data to improve their designs. Unfortunately, this is not the case with information system engineers, who generally do not use security failure data-particularly attack data-to improve the security and survivability of

Corporate governance and information security
free download

The purpose of this paper is to try to create a direct relationship between corporate governance and information security . In doing this the paper tries to make a case why senior management in a company has no choice but to be committed and responsible for

Five dimensions of information security awareness
free download

Until the era of the information society, information security was a concern mainly for organizations whose line of business demanded a high degree of security . However, the growing use of information tedmology is affecting the status of information security so that it

Information warfare and security
free download

In recent years, information warfare has captured the attention of government officials, information security specialists, and curious onlookers. The term is used to cover a broad spectrum of activity but especially a scenario wherein information terrorists, using not much

Information security management best practice based on ISO/IEC 17799
free download

Security matters have become an integral part of daily life, and organizations need to ensure that they are adequately secured. While legislatures enact corporate governance laws, more and more businesses are seeking assurance that their vendors and partners are properly

Information security management: a new paradigm
free download

Information security management needs a paradigm shift in order to successfully protect information assets. Organisations must change to the holistic management of information security requiring a well-established Information Security Management System (ISMS). An

Technical guide to information security testing and assessment
free download

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 200 Public Law 107-347. NIST is responsible for developing

A framework for human factors in information security
free download

Any security system, no matter how well designed and implemented, will have to rely on people. The fact that human factors play a crucial part in the majority of accidents is a troubling feature of modern security know-how : We can implement appropriate technical The 21st century is the age of information when information becomes an important strategic resource. The information obtaining, processing and security guarantee capability are playing critical roles in comprehensive national power, and information security is related to

ISO/IEC 27000, 27001 and 27002 for information security management
free download

With the increasing significance of information technology, there is an urgent need for adequate measures of information security . Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and

Information security management system standards: A comparative study of the big five
free download

It cannot be denied that nowadays information is a very important asset for any modern organization. Therefore protecting its security is very important and becoming a top priority for many organizations. Unfortunately there is no single formula that can guarantee 100% of

Programming languages for information security
free download

The widespread use of computers to archive, process, and exchange information via the Internet has led to explosive growth in e-commerce and on-line services. This increasing connectivity of the web means that more and more businesses, individual users, and

The need for effective information security awareness
free download

Security awareness is an often-overlooked factor in an information security program. While organizations expand their use of advanced security technology and continuously train their security professionals, very little is used to increase the security awareness among the

Information security strategies: towards an organizational multi-strategy perspective
free download

There considerable advice in both research and practice oriented literature on the topic of information security . Most of the discussion in literature focuses on how to prevent security attacks using technical countermeasures even though there are a number of other viable

Principles and practice of information security
free download

PART I: DIGITAL LIABILITIES AND RISK MANAGEMENT Chapter 1 Security in a Globally Connected Economy Introduction 1 What Is Information Security 1 Definition 1 Security Goals 1 Applying Conventional Principles to the Cyber World 3 The Digital Liability Management

E-learning and information security management
free download

Many e-learning institutions are rushing into adopting ICT without carefully planning and understanding any related security concerns. E-learning is a new method of learning which ultimately depends on the Internet in its execution. The Internet has become the venue for a

Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability
free download

Four kinds of marginal returns to security investment to protect an information set are decrease, first increase and then decrease (logistic function), increase, and constancy. Gordon, LA and Loeb, M.(ACM Trans. Inf. Syst. Secur., 5: 438 45 2002). find for

Losses, gains, and hyperbolic discounting: An experimental approach to information security attitudes and behavior
free download

Surveys and experiments have uncovered a dichotomy between stated attitudes and actual behavior of individuals facing decisions affecting their privacy and their personal information security . Surveys report that most individuals are concerned about the security of their

A framework for comparing different information security risk analysis methodologies
free download

Organisations wanting to conduct information security risk analysis find selecting a methodology problematic. Currently there are numerous risk analysis methodologies available, some of which are qualitative while others are more quantitative in nature. These

Threats to Information securitypublic health implications
free download

THREATS TO INFORMATION SECURITY n engl j med nejm. org if forced to restore from a backup. The 2017 WannaCry attack that affected the NHS is an example. Other recent examples include an attack on the Hollywood (California) Presbyterian Medical Center that

Implementing information security in the 21st century do you have the balancing factors
free download

JD Nosworthy Computers security 2000 130.18.86.27 Over the last 10 years or so the focus of selling information security has been towards identifying the needfor information security obtaining board approval and senior management support. Once this has been sold and the information security policy statement

Information Security Technology Dont Rely on It. A Case Study in Social Engineering.
free download

Many companies spend hundreds of thousands of dollars to ensure corporate computer security . The security protects company secrets, assists in compliance with federal laws, and enforces privacy of company clients. Unfortunately, even the best security mechanisms can

Economic aspects of information security : An emerging field of research
free download

Abstract This paper chronicles the development of eco- nomics of information security as an academic area of research. It also describes the contributions of the papers in the special section of this issue devoted to the topic Keywords Information security . Economic aspect . Security

On the Gordon Loeb model for information security investment.
free download

In this paper we discuss a simple and general model for evaluating optimal investment level in information security proposed by Gordon and Loeb . The authors leave an open question, whether there exists some universal upper limit for the level of optimal security

Human factors and information security : individual, culture and security environment
free download

The application of information security technologies do not always result in improved security . Human factors play a significant role in computer security ; factors such as individual difference, cognitive abilities and personality traits can impact on behaviour. Information

E-learning: Incorporating information security governance.
free download

The global society is living in the electronic age where electronic transactions such as e- mail, e-banking, e-commerce and e-learning are becoming more and more prominent. This paper primarily focuses on e-learning and how important it is to ensure that proper

Does information security attack frequency increase with vulnerability disclosure An empirical analysis
free download

Research in information security risk management and investment has grown in importance over the last few years. However, without reliable estimates on attack probabilities, risk management is difficult to do in practice. Using a novel data set, we provide estimates on

A signature based information security system for vitality proficient information accumulation in wireless sensor systems
free download

Information conglomeration procedures have been generally utilized as a part of wireless sensor systems (WSNs) to take care of the vitality imperative issues of sensor hubs. They can preserve the huge measure of vitality by decreasing information bundle transmission

The economic consequences of sharing security information
free download

The increasing pervasiveness and ubiquity of the Internet has provided cyber attackers with more opportunities to misappropriate or corrupt an organizations data resources. As e- commerce continues to grow, so does cyber crime. According to Jupiter Media Metrix, cyber

A framework for the implementation of socio-ethical controls in information security
free download

The advent of electronic business ( E-business , for short) has not only created an ever- growing demand for information security but also given information security ( infosec , for short) a new dimension. The author of this paper has opted for the term E-business to be

Privacy and security of personal information
free download

Several technological approaches have been proposed to solve the problem of personal privacy. In almost any conceivable scenario-when making purchases, browsing the Internet, responding to surveys, or completing medical tests-the identity of an individual can be

Information security activities of college students: An exploratory study
free download

Academic institutions prepare students for their professional field of study, but student awareness of Information Technology (IT) security issues continues to be poor (McQuade, 2007; Livermore). Most college students communicate via email and social

Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method
free download

Abstract Information security risk analysis becomes an increasingly essential component of organizations operations. Traditional information security risk analysis is quantitative and qualitative analysis methods. Quantitative and qualitative analysis methods have some

Information assurance and security
free download

Background Information assurance contains all the elements of information security (confidentiality) but also includes elements of availability, and integrity1. Information assurance provides a view of information protection that includes defensive measures in all Recent studies suggest that the number of information security incidents has increased dramatically and has caused significant economic loss worldwide. Awareness of the significance of information security is evidenced by a rapid increase in information security

ITIL V3 and information security
free download

This paper discusses the role and importance to the business of effective Information Security Management (ISM), how it is supported by an extensive family of global standards and the way these harmonize with ITIL The intended readership is business and IT managers familiar

An Integrated Framework for Information Security Management.
free download

Today information assets face more potential security breaches than at any time in history. To help mitigate the effect of the threats, information security management (ISM) is a very important part of a successful organizations strategic plan. Due to a significant increase in

Information security management: understanding ISO 17799
free download

Background ISO 17799 is a direct descendant of the British Standard Institute (BSI) Information Security Management standard BS 7799. The BSI (www. bsi-global. com) has long been proactive in the evolving arena of Information Security . In response to industry

The impact of information security breaches on financial performance of the breached firms: an empirical investigation
free download

This study investigates the impact of information security breaches on firm performance. Unlike previous studies that used an event study methodology, we used a matched-sample comparison analysis to investigate the impact of security breaches on firm performance. To

Leadership styles and information security compliance behavior: The mediator effect of information security awareness
free download

Leadership styles play an important role to enhance employees information security awareness and lead to proper information security compliance behavior. Therefore, the current study aims to investigate the indirect effect of leadership styles on users information