diplomsko delo
Abstract
Podjetja so zaradi vse večje odvisnosti od informacijskih sistemov in obsežne uporabe podatkovnih omrežij izpostavljena številnim tveganjem, povezanim z informacijsko in kibernetsko varnostjo. Vzpostavitev in vzdrževanje ustreznega nivoja informacijske in kibernetske varnosti je dandanes ključnega pomena pri zagotavljanju neprekinjenega poslovanja sleherne organizacije. Ena od ključnih aktivnosti pri zagotavljanju ustreznega nivoja informacijske varnosti v organizaciji je določitev formalne odgovornosti za to področje. Le-to običajno prevzame t. i. skrbnik za informacijsko varnost.
V tej diplomski nalogi preučujemo ključne vloge, odgovornosti in kompetence skrbnika informacijske varnosti v podjetju X. Njegova glavna naloga je zagotoviti celovito zaščito informacijskih sistemov, omrežij, podatkov in storitev pred kibernetskimi napadi ter zagotoviti skladnost s predpisi in standardi v zvezi z informacijsko varnostjo. S pomočjo literature, intervjujev s strokovnjaki in analize primerov študija smo se osredotočili na identifikacijo izzivov, s katerimi se sooča skrbnik informacijske varnosti pri obvladovanju tveganj in odzivanju na incidente v podjetniškem okolju. Poleg smo preko anketne raziskave preverili, kako vlogo skrbnika za informacijsko varnost razumejo zaposleni v podjetju. Temeljni cilj naloge je podati priporočila za krepitev vloge skrbnika informacijske varnosti v tem okolju in posledično izboljšati skrb za informacijsko varnost.
Keywords
informacijska varnost;kibernetska varnost;skrbnik;vloga;podjetje;
Data
Language: |
Slovenian |
Year of publishing: |
2023 |
Typology: |
2.11 - Undergraduate Thesis |
Organization: |
UM FOV - Faculty of Organizational Sciences |
Publisher: |
[A. Markun] |
UDC: |
004 |
COBISS: |
169842947
|
Views: |
25 |
Downloads: |
3 |
Average score: |
0 (0 votes) |
Metadata: |
|
Other data
Secondary language: |
English |
Secondary title: |
The role of the chief information security officer in company x |
Secondary abstract: |
Businesses are exposed to numerous information and cyber security risks due to their increasing reliance on information systems and extensive use of data networks. Establishing and maintaining an adequate level of information and cyber security is nowadays of paramount importance in ensuring the continued operation of any organization. One of the most important measures to ensure an adequate level of information security within an organization is to establish formal responsibility for this area. This role is usually assumed by the so-called information security officer or officer. In this thesis we examine the key roles, responsibilities, and competences of the information security officer in Company X. The officer’s primary task is to ensure comprehensive protection of information systems, networks, data, and services against cyber-attacks and to ensure compliance with regulations and standards in the field of information security. Using literature, expert interviews and a case study analysis, we have focused on identifying the challenges faced by the information security officer in managing risks and responding to incidents in the corporate environment. In addition, we conducted a survey to investigate how the company’s employees understand the role of the information security officer. The primary objective of this assignment is to provide recommendations on how to strengthen the role of the information security officer in this environment and consequently improve the care for information security. |
Secondary keywords: |
Varnost sistemov;Univerzitetna in visokošolska dela; |
Type (COBISS): |
Bachelor thesis/paper |
Thesis comment: |
Univ. v Mariboru, Fak. za organizacijske vede |
Pages: |
VI, 56 f. |
ID: |
19842927 |