Title :
Protecting Information in a Connected World: A Question of Security and of Confidence in Security
Author :
Ghernaouti-Hélie, Solange ; Simms, David ; Tashi, Igli
Abstract :
The infrastructures and services related to information and telecommunications are crucial constitutive elements of our society. These elements require not only ICT security but also confidence in that security. This paper explores at a macroscopic and integrated level the main challenges, obstacles and constitutive elements that contribute to building confidence in information security. The aims of this paper are to identify some key technological elements and impacts that drive the development of information security from a long-term risk management perspective, point out the complexities in applying security to vulnerable ICT environments, clarify the need to master indicators and methodologies that contribute to identifying and applying good risk and security management practices and confidence in these, show how legislation can contribute to limiting or enhancing information security effectiveness, analyse the relationships, differences and interactions between security, confidence and compliance, and discuss how the audit process and the input of auditors can help in building confidence.
Keywords :
risk management; security of data; ICT security; audit process; connected world; information protection; information security effectiveness; legislation; long-term risk management perspective; security confidence; security management practices; Information security; Organizations; Reliability; Risk management; Standards organizations; Networked society; audit; complexity; compliance; confidence; dependency; information security; risk management; security doctrine; vulnerability;
Conference_Titel :
Network-Based Information Systems (NBiS), 2011 14th International Conference on
Conference_Location :
Tirana
Print_ISBN :
978-1-4577-0789-6
Electronic_ISBN :
2157-0418
DOI :
10.1109/NBiS.2011.38
