INFORMATION SECURITY RISK MANAGEMENT: AN INTELLIGENCE- DRIVEN APPROACH

被引:0
|
作者
Webb, Jeb [1 ]
Maynard, Sean [1 ]
Ahmad, Atif [1 ]
Shanks, Graeme [1 ]
机构
[1] Univ Melbourne, Melbourne Sch Engn, Dept Comp & Informat Syst, Melbourne, Vic, Australia
来源
AUSTRALASIAN JOURNAL OF INFORMATION SYSTEMS | 2014年 / 18卷 / 03期
关键词
Information; Security; Risk Management; Enterprise Situation Awareness; Intelligence;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Three deficiencies exist in the organisational practice of information security risk management: risk assessments are commonly perfunctory, security risks are estimated without investigation; risk is assessed on an occasional (as opposed to continuous) basis. These tendencies indicate that important data is being missed and that the situation awareness of decision- makers in many organisations is currently inadequate. This research-in-progress paper uses Endsley's situation awareness theory, and examines how the structure and functions of the US national security intelligence enterprise-a revelatory case of enterprise situation awareness development in security and risk management- correspond with Endsley's theoretical model, and how facets of the US enterprise might be adapted to improve situation awareness in the information security risk management process of organisations.
引用
收藏
页码:391 / 404
页数:14
相关论文
共 50 条
  • [1] An Enhanced Threat Intelligence Driven Hybrid Model for Information Security Risk Management
    Amin, Habib E. L.
    Samhat, Abed Ellatif
    Chamoun, Maroun
    Oueidat, Lina
    Feghali, Antoine
    [J]. PROCEEDINGS 2024 IEEE 25TH INTERNATIONAL SYMPOSIUM ON A WORLD OF WIRELESS, MOBILE AND MULTIMEDIA NETWORKS, WOWMOM 2024, 2024, : 5 - 12
  • [2] An economic modelling approach to information security risk management
    Bojanc, Rok
    Jerman-Blazic, Borka
    [J]. INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT, 2008, 28 (05) : 413 - 422
  • [3] Agile Approach with Kanban in Information Security Risk Management
    Dorca, Vasile
    Popescu, Sorin
    Munteanu, Radu, Jr.
    Chioreanu, Adrian
    Peleskei, Claudius
    [J]. PROCEEDING OF 2016 IEEE INTERNATIONAL CONFERENCE ON AUTOMATION, QUALITY AND TESTING, ROBOTICS (AQTR), 2016, : 19 - 24
  • [4] Towards a Systemic Approach for Information Security Risk Management
    Naudet, Yannick
    Mayer, Nicolas
    Feltus, Christophe
    [J]. PROCEEDINGS OF 2016 11TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, (ARES 2016), 2016, : 177 - 186
  • [5] Artificial Intelligence- Studies and Uses in Information Science in Brazil
    Pinheiro, Mayara
    Oliveira, Hamilton
    [J]. REVISTA IBERO-AMERICANA DE CIENCIA DA INFORMACAO, 2022, 15 (03): : 950 - 968
  • [6] Implementing a risk management approach for optimizing information security systems
    Petrescu, Marius
    Stegaroiu, Ion
    Braboveanu, Mioara
    Petrescu, Anca-Gabriela
    Sirbu, Nicoleta
    [J]. BUSINESS TRANSFORMATION THROUGH INNOVATION AND KNOWLEDGE MANAGEMENT: AN ACADEMIC PERSPECTIVE, VOLS 1-2, 2010, : 304 - 309
  • [7] The Information Security Risk Management
    Semin, Valeriy G.
    Shmakova, Elena G.
    Los, Lexei B.
    [J]. PROCEEDINGS OF THE 2017 INTERNATIONAL CONFERENCE QUALITY MANAGEMENT,TRANSPORT AND INFORMATION SECURITY, INFORMATION TECHNOLOGIES (IT&QM&IS), 2017, : 106 - 109
  • [8] Information security and risk management
    Bodin, Lawrence D.
    Gordon, Lawrence A.
    Loeb, Martin P.
    [J]. COMMUNICATIONS OF THE ACM, 2008, 51 (04) : 64 - 68
  • [9] A Data-driven Assessment Model for Information Systems Security Risk Management
    Feng, Nan
    Yu, Xue
    [J]. JOURNAL OF COMPUTERS, 2012, 7 (12) : 3103 - 3109
  • [10] Information driven entrepreneurship: A competitive Intelligence Approach
    Olayemi, Olalekan Moses
    Yacob, Haliso
    Olayemi, Kemi Jummai
    [J]. JOURNAL OF BUSINESS & FINANCE LIBRARIANSHIP, 2022, 27 (03) : 159 - 175
12345