Information systems security research agenda: Exploring the gap between research and practice
This paper undertakes a systematic review of the Information Systems Security literature.
The literature review consists of three parts: First, we perform topic modeling of major …
The literature review consists of three parts: First, we perform topic modeling of major …
State of the art in information security policy development
Despite the prevalence of research that exists under the label of “information security
policies”(ISPs), there is no consensus on what an ISP means or how ISPs should be …
policies”(ISPs), there is no consensus on what an ISP means or how ISPs should be …
Managing compliance with privacy regulations through translation guardrails: A health information exchange case study
Abstract Information privacy is increasingly important in our digitally connected world,
particularly in healthcare, and privacy regulations are ramping up to promote appropriate …
particularly in healthcare, and privacy regulations are ramping up to promote appropriate …
It is not my job: exploring the disconnect between corporate security policies and actual security practices in SMEs
Purpose This paper aims to present empirical results exemplifying challenges related to
information security faced by small and medium enterprises (SMEs). It uses guidelines …
information security faced by small and medium enterprises (SMEs). It uses guidelines …
[PDF][PDF] The concept of cybersecurity culture
K Reegård, C Blackett, V Katta - 29th European Safety and …, 2019 - researchgate.net
Due to a growing understanding that cybersecurity needs to be addressed also through
organizational measures and not by technical measures alone, cybersecurity culture is …
organizational measures and not by technical measures alone, cybersecurity culture is …
[HTML][HTML] Software compliance requirements, factors, and policies: A systematic literature review
Background Recent statistics reveal that 56% of software attacks are caused by insider
negligence and 26% are caused by malicious insiders. They also show that 67% of …
negligence and 26% are caused by malicious insiders. They also show that 67% of …
IT Risk Management: Towards a System for Enhancing Objectivity in Asset Valuation that Engenders a Security Culture
In today's technology-centric business environment, where organizations encounter
numerous cyber threats, effective IT risk management is crucial. An objective risk …
numerous cyber threats, effective IT risk management is crucial. An objective risk …
[HTML][HTML] Requirements for computerized tools to design information security policies
Abstract Information security is a hot topic nowadays, and while top-class technology exists
to safeguard information assets, organizations cannot rely on technical controls alone …
to safeguard information assets, organizations cannot rely on technical controls alone …
Policy components–a conceptual model for modularizing and tailoring of information security policies
Policy components – a conceptual model for modularizing and tailoring of information security
policies | Emerald Insight Books and journals Case studies Expert Briefings Open Access …
policies | Emerald Insight Books and journals Case studies Expert Briefings Open Access …
Financial information security behavior in online banking
The ubiquitous use of information technology in modern life leads to many problems of
financial information security. Such security issues could be due to users' insecure …
financial information security. Such security issues could be due to users' insecure …