Organizational information security as a complex adaptive system: insights from three agent-based models
The management of information security can be conceptualized as a complex adaptive
system because the actions of both insiders and outsiders co-evolve with the organizational …
system because the actions of both insiders and outsiders co-evolve with the organizational …
Foundations for an intelligence-driven information security risk-management system
Abstract Information security risk management (ISRM) methods aim to protect organizational
information infrastructure from a range of security threats by using the most effective and cost …
information infrastructure from a range of security threats by using the most effective and cost …
A system dynamics model of information security investments
Abstract Information security management has become an increasingly serious and high-
stake challenge to organizations, due to growing reliance on the Internet as the business …
stake challenge to organizations, due to growing reliance on the Internet as the business …
Information security policy: An organizational-level process model
KJ Knapp, RF Morris Jr, TE Marshall, TA Byrd - Computers & security, 2009 - Elsevier
To protect information systems from increasing levels of cyber threats, organizations are
compelled to institute security programs. Because information security policies are a …
compelled to institute security programs. Because information security policies are a …
Continuous improvement of information security management: an organisational learning perspective
This study explores ways to empower organisations to continuously improve their
information security management (ISM). Drawing upon the dynamic capabilities approach …
information security management (ISM). Drawing upon the dynamic capabilities approach …
Dynamics of organizational information security
A Dutta, R Roy - System Dynamics Review: The Journal of the …, 2008 - Wiley Online Library
While technology is important, organizational and human factors also play a crucial role in
achieving information security. In this paper we develop a system dynamics model of the …
achieving information security. In this paper we develop a system dynamics model of the …
Organizational information security policies: a review and research framework
A major stream of research within the field of information systems security examines the use
of organizational policies that specify how users of information and technology resources …
of organizational policies that specify how users of information and technology resources …
Operationalizing cybersecurity—Framing efforts to secure US information systems
DD Goss - The Cyber Defense Review, 2017 - JSTOR
Society has become utterly dependent on information systems (IS) to power everyday life.
While this seismic shift has taken place, the security of those IS and their consequential …
While this seismic shift has taken place, the security of those IS and their consequential …
Information security governance: Integrating security into the organizational culture
L Corriss - Proceedings of the 2010 Workshop on Governance of …, 2010 - dl.acm.org
We finally got what we wished for: executive managers are aware of the need to protect their
organizational data. However, we still have problems; for example, database breaches …
organizational data. However, we still have problems; for example, database breaches …
[PDF][PDF] Cultivating and assessing an organizational information security culture; an empirical study
A Al Hogail - International Journal of Security and Its Applications, 2015 - researchgate.net
An information security-aware culture will minimize internal threats to information assets
through the construction of appropriate information security beliefs and values that guide …
through the construction of appropriate information security beliefs and values that guide …