Title :
Enhancing IT security in organizations through knowledge management
Author :
AlHogail, Areej ; Berri, Jawad
Author_Institution :
Dept. of Inf. Syst., Imam Mohammed Bin Saud Univ., Riyadh, Saudi Arabia
Abstract :
Security of Information Systems (IS) is a major concern for organizations nowadays as security related risks may affect the organization´s information assets badly. Security systems in organizations can benefit a great deal from knowledge and experiences of security experts, practitioners and professionals if this knowledge is acquired, encoded into a knowledge management system and distilled appropriately to help decision making in IS security management. This paper proposes to enhance security of information systems through the development of an architecture sustaining knowledge of IT security within an organization. The architecture uses a tailored set of security processes, policies and solutions to protect the organization´s business. The proposed architecture is used to capture the security related knowledge in order to share it and transfer it across the organization. The goal is to increase the efficiency of handling security incidents and to minimize the dependency on security expert personal.
Keywords :
knowledge management; security of data; IT security system; information systems; knowledge management system; security expert personal; security processes; Information security; Knowledge engineering; Knowledge management; Organizations; Standards organizations; Information security; Knowledge acquisition; Knowledge management;
Conference_Titel :
Information Technology and e-Services (ICITeS), 2012 International Conference on
Conference_Location :
Sousse
Print_ISBN :
978-1-4673-1167-0
DOI :
10.1109/ICITeS.2012.6216677
