Title :
Factors Influencing the Implementation of Information Systems Security Strategies in Organizations
Author :
Park, Sangseo ; Ahmad, Atif ; Ruighaver, Anthonie B.
Author_Institution :
Dept. of Inf. Syst., Univ. of Melbourne, Carlton, VIC, Australia
Abstract :
Many organizations still rely on deterrence to control insider threats and on purely preventive strategies to control outsider threats. Such a simple approach to organizational information security is no longer viable given the increasing operational sophistication of current security threat agents and the complexity of information technology infrastructure. Effective implementation of security requires organizations to select a combination of strategies that work in tandem and best suits their security situation. This paper addresses the identification and classification of factors that influence implementation of security strategies in organizations. In this paper, we develop a preliminary architecture that aims to assist organizations in deciding how strategies can be designed to complement each other to improve the cost-effectiveness of security.
Keywords :
information systems; organisational aspects; security of data; information systems security; insider threats control; operational sophistication; organizations; outsider threats control; preventive strategies; Computer security; Costs; Financial management; Guidelines; Information management; Information security; Information systems; Management information systems; Risk management; Technology management;
Conference_Titel :
Information Science and Applications (ICISA), 2010 International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-5941-4
Electronic_ISBN :
978-1-4244-5943-8
DOI :
10.1109/ICISA.2010.5480261
