Efficiency of corporate security systems in managing information threats
ǂan ǂoverview of the current situation
Abstract
Purpose:
Information security should be a strategic goal of every responsible and safety-conscious organisation that wants to follow current security and technological trends. The purpose of this paper is to summarize the corporate practices in addressing IT risks, to explain the benefits of a comprehensive approach to information security as a business function, and to improve understanding of the current issues associated with its management.
Design/Methods/Approach:
Topics presented in this paper were analysed using descriptive and qualitative analysis of international reports and surveys. The findings obtained using the comparative method and their synthesis are supported by other research in this area.
Findings:
Due to the large volume of information assets, sophisticated IT threats and the heterogeneous nature of security factors, the efficiency of information security is very difficult to achieve. It has been observed that many organisations are at an early stage in developing a comprehensive approach to information security, since, in practice, they are still dealing with the problems of the past, yet they are very consistent with tracking user trends. This disproportionate situation represents a major security challenge for an organisation’s management.
Practical Implications:
The findings of this research are useful for the further analysis and evaluation of information security and victimization of cybercrime, and are also applicable to facilitating strategic planning and decision making.
Originality/Value:
Based on the review of the current corporate state, this paper presents baseline information and security situations in the business environment and evaluates the efficiency of information security as a business tool. Based on the results, contemporary security challenges and organisational guidelines for the future were identified.
Keywords
No keyword data available
Data
| Language: | English |
|---|---|
| Year of publishing: | 2014 |
| Typology: | 1.01 - Original Scientific Article |
| Organization: | UM FVV - Faculty of Criminal Justice |
| UDC: | 004.056 |
| COBISS: |
2832874
|
| ISSN: | 1580-0253 |
| Parent publication: | Varstvoslovje |
| Views: | 467 |
| Downloads: | 33 |
| Average score: | 0 (0 votes) |
| Metadata: |
|
Other data
| Secondary language: | Slovenian |
|---|---|
| Secondary title: | Učinkovitost sistema korporativne varnosti pri upravljanju informacijskih groženj |
| Secondary abstract: | Namen prispevka: Informacijska varnost mora biti cilj vsake organizacije, ki želi odgovorno slediti tehnološkim trendom. Namen prispevka je analizirati prakso organizacij pri soočanju z informacijskimi tveganji, pojasniti prednosti celovite ureditve informacijske varnosti kot poslovne funkcije in izboljšati razumevanje aktualnih problemov, povezanih z njenim upravljanjem. Metode: Uporabljena je deskriptivna metoda in vsebinska analiza mednarodnih poročil in raziskav, povezanih z informacijsko varnostjo. Ugotovitve pridobljene s komparativno metodo in zaključki so podprti z drugimi strokovnimi viri. Ugotovitve: Zaradi velikega obsega informacijskega premoženja, sofisticiranih informacijskih groženj in heterogene narave varnostnih dejavnikov je učinkovitost informacijske varnosti težko uresničljiv cilj. Ugotavljamo, da je veliko organizacij pri celoviti obravnavi informacijske varnosti šele na začetni stopnji, saj se v praksi podjetja še vedno ukvarjajo z zastarelimi problemi, medtem ko je sledenje uporabniškim trendom zelo aktualno. Takšno stanje predstavlja velik izziv za management organizacij. Praktična uporabnost: Ugotovitve prispevka so uporabne na znanstveno-raziskovalnem področju oz. ravni analiziranja in ocenjevanja informacijske varnosti, viktimizacije ter upravljavskem nivoju, za lažje strateško načrtovanje in sprejemanje odločitev. Izvirnost/pomembnost prispevka: Prispevek s pregledom stanja predstavlja izhodiščno informacijskovarnostno situacijo v poslovnem okolju in podaja oceno razvitosti ter učinkovitosti informacijske varnosti kot poslovne funkcije. Na podlagi analize rezultatov so identificirani tudi sodobni varnostni izzivi in organizacijske smernice za prihodnost. |
| Secondary keywords: | informacijska varnost;korporativna varnost;učinkovitost;upravljanje;varnostni izzivi; |
| Type (COBISS): | Scientific work |
| Pages: | str. 128-147 |
| Volume: | ǂLetn. ǂ16 |
| Issue: | ǂšt. ǂ2 |
| Chronology: | 2014 |
| ID: | 11564825 |
Recommended works:
Efficiency of corporate security systems in managing information threats
2014,
ǂan ǂoverview of the current situation
Deanonimizacija uporabnika TOR omrežja, v korporativno varnostnem okolju
2019,
magistrsko delo
Integralna korporativna varnost
2017,
no subtitle data available
Zbornik povzetkov
2018,
no subtitle data available
Vloga korporativne varnosti v procesu združevanja dveh bank
2011,
magistrsko delo