Information Security: Shangri-La Hotel
VerifiedAdded on 2022/08/26
|11
|3046
|27
AI Summary
i have chosen Shangri-LA hotel for this report . this is one of the luxurious hotels in sydney. Rest everything is well described in a file attached below thanks.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INFORMATION SECURITY
Information Security: Shangri-La Hotel
Name of the Student
Name of the University
Author’s Note:
Information Security: Shangri-La Hotel
Name of the Student
Name of the University
Author’s Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
INFORMATION SECURITY
Executive Summary
The report aims to understand necessary for information security in a popular Sydney based
luxury hotel, Shangri-La. The primary goal of this information security is to sustain CIA or
confidentiality, integrity and availability of the information, so that maximum security is
maintained under every circumstance. It is the major part of information risk management
and also involves prevention of the possibility of inappropriate accessibility of confidential
information. Moreover, this particular aspect of InfoSec is eventually obtained through a
specific structured risk management process, which involves identification of information as
well as related assets to identify every potential threat, vulnerability and its impacts. This
report has provided a proper strategic security policy for Shangri-La hotel and has identified
eight major network threats with their suitable mitigation techniques.
INFORMATION SECURITY
Executive Summary
The report aims to understand necessary for information security in a popular Sydney based
luxury hotel, Shangri-La. The primary goal of this information security is to sustain CIA or
confidentiality, integrity and availability of the information, so that maximum security is
maintained under every circumstance. It is the major part of information risk management
and also involves prevention of the possibility of inappropriate accessibility of confidential
information. Moreover, this particular aspect of InfoSec is eventually obtained through a
specific structured risk management process, which involves identification of information as
well as related assets to identify every potential threat, vulnerability and its impacts. This
report has provided a proper strategic security policy for Shangri-La hotel and has identified
eight major network threats with their suitable mitigation techniques.
2
INFORMATION SECURITY
Table of Contents
1. Introduction............................................................................................................................3
2. Discussion..............................................................................................................................3
2.1 Brief Description of Shangri-LA Hotel............................................................................3
2.2 Formulation, Development as well as Documentation of a Strategic Security Policy for
Shangri-La Hotel....................................................................................................................3
2.3 Identification as well as Assessment of the Potential Vulnerabilities and Risks of the
Organizational Network with their Mitigation Strategies......................................................5
3. Conclusion..............................................................................................................................7
References..................................................................................................................................9
INFORMATION SECURITY
Table of Contents
1. Introduction............................................................................................................................3
2. Discussion..............................................................................................................................3
2.1 Brief Description of Shangri-LA Hotel............................................................................3
2.2 Formulation, Development as well as Documentation of a Strategic Security Policy for
Shangri-La Hotel....................................................................................................................3
2.3 Identification as well as Assessment of the Potential Vulnerabilities and Risks of the
Organizational Network with their Mitigation Strategies......................................................5
3. Conclusion..............................................................................................................................7
References..................................................................................................................................9
3
INFORMATION SECURITY
1. Introduction
Information security could be referred to as a process and methodology that is being
designed as well as deployed for the core purpose of protecting electronic datum or any other
formation of the private and confidential information from the most unauthenticated and
unauthorized accessibility, utilization, misuse, disruption or disclosure (Siponen, Mahmood
and Pahnila 2014). It is even termed as the practising of information protection through
successful mitigation of information risks and threats. The adverse impacts and effects of the
security incidents are well eradicated, and the main focus is being given on maintaining a
balance between information security and management of security policy in the organization
(Peltier 2016). This report will be outlining a brief description on proper management of
information security for a famous hotel, called Shangri-La Hotel in Sydney, Australia with
details regarding strategic security policy and potential threats and their mitigation
techniques.
2. Discussion
2.1 Brief Description of Shangri-LA Hotel
Shangri-La Hotel is one of the most popular and significant hotels in Sydney,
Australia. It is the popular trading entity for Shangri-La International Hotel Management
Limited, which is a Hong Kong-based MNC that was founded by a Malaysian tycoon in the
year of 1971. This particular organization has over one hundred luxury hotels and resorts in
the entire world, including Australia, Asia, Europe, Asia and the Middle East (Shangri-La
Hotel, Sydney. 2020). Apart from the amenities provided, the organizational management has
also ensured the information security of the customers’ data by involving several security
features within their systems and computers.
2.2 Formulation, Development as well as Documentation of a Strategic
Security Policy for Shangri-La Hotel
The organization has its headquarters in Kerry Centre, Quarry Bay. They are doing
business for several years and is considered as one of the most expensive and promising
hotels in Sydney, Australia. Shangri-La Hotel has been providing services to its customers in
the most updated and efficient manner and hence have gained maximum popularity without
much complexity. The major amenities of this particular Sydney based hotel include an
indoor pool, a fitness room and a hot tub with an Asian themed spa (Shangri-La Hotel,
INFORMATION SECURITY
1. Introduction
Information security could be referred to as a process and methodology that is being
designed as well as deployed for the core purpose of protecting electronic datum or any other
formation of the private and confidential information from the most unauthenticated and
unauthorized accessibility, utilization, misuse, disruption or disclosure (Siponen, Mahmood
and Pahnila 2014). It is even termed as the practising of information protection through
successful mitigation of information risks and threats. The adverse impacts and effects of the
security incidents are well eradicated, and the main focus is being given on maintaining a
balance between information security and management of security policy in the organization
(Peltier 2016). This report will be outlining a brief description on proper management of
information security for a famous hotel, called Shangri-La Hotel in Sydney, Australia with
details regarding strategic security policy and potential threats and their mitigation
techniques.
2. Discussion
2.1 Brief Description of Shangri-LA Hotel
Shangri-La Hotel is one of the most popular and significant hotels in Sydney,
Australia. It is the popular trading entity for Shangri-La International Hotel Management
Limited, which is a Hong Kong-based MNC that was founded by a Malaysian tycoon in the
year of 1971. This particular organization has over one hundred luxury hotels and resorts in
the entire world, including Australia, Asia, Europe, Asia and the Middle East (Shangri-La
Hotel, Sydney. 2020). Apart from the amenities provided, the organizational management has
also ensured the information security of the customers’ data by involving several security
features within their systems and computers.
2.2 Formulation, Development as well as Documentation of a Strategic
Security Policy for Shangri-La Hotel
The organization has its headquarters in Kerry Centre, Quarry Bay. They are doing
business for several years and is considered as one of the most expensive and promising
hotels in Sydney, Australia. Shangri-La Hotel has been providing services to its customers in
the most updated and efficient manner and hence have gained maximum popularity without
much complexity. The major amenities of this particular Sydney based hotel include an
indoor pool, a fitness room and a hot tub with an Asian themed spa (Shangri-La Hotel,
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
INFORMATION SECURITY
Sydney. 2020). They have also ensured an upscale restaurant, a cocktail lounge and a café
that provides panoramic city views.
The strategic security policy for Shangri-La hotel should be formulated after
consideration of the probable threats and security issues that might be faced by the hotel. This
particular policy would be the most crucial document that can detail out few steps needed for
Shangri-La hotel for recognition, eradication as well as control of the threats, while
remaining constant (Safa, Von Solms and Furnell 2016). The primary purpose of this policy
would be establishing a general approach for information and eradicate cyber threats
successfully. The most common forms of these information security threats include denial of
service attacks, data breaches, computerized viruses and several others.
These threats are also termed as the major possibility of the most successful cyber-
attacks, which has the aim of obtaining the information or asset by unauthorized or
unauthenticated accessibility, damaging, disruption as well as manipulation of the sensitive
data, intellectual properties and digital networks (Abawajy 2014). Such threats could also
come from inside a company by the most trusted users and even from the remote locations
through unknown third parties. This policy would also be effective for Shangri-La for
detection and forestalling the computer systems or applications and also protect the
organizational reputation concerning the ethical as well as legal responsibilities and also note
the rights of their customer to provide proper mechanisms to respond against complaints in
Shangri-La (Tsohou, Karyda and Kokolakis 2015).
i) Training for Hotel Staff: The first significant aspect that is to be considered as top
priority is the hotel staff. They should be provided with proper training when they would be
joining the hotel regarding the probable issues and threats caused in the organization. Such
training would also be helpful for them as they would be able to identify the probable threats
successfully and cybersecurity would be maintained under every circumstance.
ii) Access Control: There should be different layers and levels of information security
management (Pathan 2016). The software, processes and communication systems of Shangri-
La should be restricted to certain aspect, so that the insider threats and vulnerabilities are
identified successfully. Passwords should be present within the organizational network to
counter the most credible threats and vulnerabilities.
iii) Determination of Resources and Defining Constraints: The organizational
resources and assets should be determined properly so that the most vital constraints are
INFORMATION SECURITY
Sydney. 2020). They have also ensured an upscale restaurant, a cocktail lounge and a café
that provides panoramic city views.
The strategic security policy for Shangri-La hotel should be formulated after
consideration of the probable threats and security issues that might be faced by the hotel. This
particular policy would be the most crucial document that can detail out few steps needed for
Shangri-La hotel for recognition, eradication as well as control of the threats, while
remaining constant (Safa, Von Solms and Furnell 2016). The primary purpose of this policy
would be establishing a general approach for information and eradicate cyber threats
successfully. The most common forms of these information security threats include denial of
service attacks, data breaches, computerized viruses and several others.
These threats are also termed as the major possibility of the most successful cyber-
attacks, which has the aim of obtaining the information or asset by unauthorized or
unauthenticated accessibility, damaging, disruption as well as manipulation of the sensitive
data, intellectual properties and digital networks (Abawajy 2014). Such threats could also
come from inside a company by the most trusted users and even from the remote locations
through unknown third parties. This policy would also be effective for Shangri-La for
detection and forestalling the computer systems or applications and also protect the
organizational reputation concerning the ethical as well as legal responsibilities and also note
the rights of their customer to provide proper mechanisms to respond against complaints in
Shangri-La (Tsohou, Karyda and Kokolakis 2015).
i) Training for Hotel Staff: The first significant aspect that is to be considered as top
priority is the hotel staff. They should be provided with proper training when they would be
joining the hotel regarding the probable issues and threats caused in the organization. Such
training would also be helpful for them as they would be able to identify the probable threats
successfully and cybersecurity would be maintained under every circumstance.
ii) Access Control: There should be different layers and levels of information security
management (Pathan 2016). The software, processes and communication systems of Shangri-
La should be restricted to certain aspect, so that the insider threats and vulnerabilities are
identified successfully. Passwords should be present within the organizational network to
counter the most credible threats and vulnerabilities.
iii) Determination of Resources and Defining Constraints: The organizational
resources and assets should be determined properly so that the most vital constraints are
5
INFORMATION SECURITY
defined ad control choices are evaluated successfully (Conklin et al. 2015). For this purpose,
Shangri-La should monitor the major metrics for control, so that threats are identified and
mitigated successfully within the organizational network, assets and resources.
2.3 Identification as well as Assessment of the Potential Vulnerabilities and
Risks of the Organizational Network with their Mitigation Strategies
A cybersecurity threat or information security threat is referred to as a malicious
activity, which seeks to damage the data, steal the data and even disrupt the respective
digitalized world (Narain Singh, Gupta and Ojha 2014). Shangri-La Hotel, although has
involved several popular and significant techniques for being sure that their confidential data
and information is absolutely safe or secured; there are chances that the organizational
network could be affected through certain threats and vulnerabilities that are needed to be
mitigated and eradicated on an immediate basis (Abawajy 2014). The most important and
significant potential threats that are present within the organizational network are as follows:
i) Malware: The first and the foremost potential threat that is eventually present inside
the organizational network of Shangri-La Hotel is malware. It is malicious software, which is
being sent to the organizational system for causing major harm to the data or information
(Vance et al. 2014). These distinct malicious programs could eventually perform several
functionalities like stealing, encryption as well as deletion of sensitive data, hijacking the
core computing functionalities and even monitoring the computerized activities without any
type of permission.
ii) Computer Viruses: The second popular and significant potential threat that is
eventually present inside the organizational network of Shangri-La Hotel would be computer
viruses. It is a computerized program, which when executed, eventually replicates itself after
modification of the other computer programs as well as insertion of its source code (Gupta,
Agrawal and Yamaguchi 2016). As soon as this replication becomes successful, the
respective affected areas are referred to as infected with the computer virus and Shangri-La
would not be able to manage it properly.
iii) Spyware: The third noteworthy and vital potential threat that is eventually present
inside the organizational network of Shangri-La Hotel is spyware. It is the unwanted
software, which subsequently infiltrates the computing device for stealing their internet usage
information (Rebollo et al. 2015). The hacker can use spyware for tracing and selling the
Internet usage and customer data of Shangri-La and also capture details of the credit card and
INFORMATION SECURITY
defined ad control choices are evaluated successfully (Conklin et al. 2015). For this purpose,
Shangri-La should monitor the major metrics for control, so that threats are identified and
mitigated successfully within the organizational network, assets and resources.
2.3 Identification as well as Assessment of the Potential Vulnerabilities and
Risks of the Organizational Network with their Mitigation Strategies
A cybersecurity threat or information security threat is referred to as a malicious
activity, which seeks to damage the data, steal the data and even disrupt the respective
digitalized world (Narain Singh, Gupta and Ojha 2014). Shangri-La Hotel, although has
involved several popular and significant techniques for being sure that their confidential data
and information is absolutely safe or secured; there are chances that the organizational
network could be affected through certain threats and vulnerabilities that are needed to be
mitigated and eradicated on an immediate basis (Abawajy 2014). The most important and
significant potential threats that are present within the organizational network are as follows:
i) Malware: The first and the foremost potential threat that is eventually present inside
the organizational network of Shangri-La Hotel is malware. It is malicious software, which is
being sent to the organizational system for causing major harm to the data or information
(Vance et al. 2014). These distinct malicious programs could eventually perform several
functionalities like stealing, encryption as well as deletion of sensitive data, hijacking the
core computing functionalities and even monitoring the computerized activities without any
type of permission.
ii) Computer Viruses: The second popular and significant potential threat that is
eventually present inside the organizational network of Shangri-La Hotel would be computer
viruses. It is a computerized program, which when executed, eventually replicates itself after
modification of the other computer programs as well as insertion of its source code (Gupta,
Agrawal and Yamaguchi 2016). As soon as this replication becomes successful, the
respective affected areas are referred to as infected with the computer virus and Shangri-La
would not be able to manage it properly.
iii) Spyware: The third noteworthy and vital potential threat that is eventually present
inside the organizational network of Shangri-La Hotel is spyware. It is the unwanted
software, which subsequently infiltrates the computing device for stealing their internet usage
information (Rebollo et al. 2015). The hacker can use spyware for tracing and selling the
Internet usage and customer data of Shangri-La and also capture details of the credit card and
6
INFORMATION SECURITY
bank account information of these customers. It is being done by monitoring the internet
activities and tracking the information of login and password of their customers.
iv) Adware: It is yet another big potential threat that is eventually present inside the
organizational network of Shangri-La Hotel. It is an advertising-supported software
eventually generates revenue for the developer by automatic generation of online
advertisements within the user interface of the software or over a screen that is being
presented to the specific user during the completion of the installation process (Lowry and
Moody 2015). Since, Shangri-La is a hotel, adware could be extremely common for their
network.
v) Trojan Horses: Trojan horse is a downloaded as well as installed program, which
appears harmless, however, is highly malicious for the organizational network. The most
unexpected changes to the computerized settings are stronger indications that Trojan is
residing within the system of Shangri-La.
vi) Worms: A computer worm is a specific malware computerized program, which
eventually replicates itself for spreading to the other computer systems (Montesdioca and
Maçada 2015). These worms could cause at least some harm to the network of Shangri-La
after consuming its bandwidth and changing or modifying customers’ data; however, the
security analysts would not be able to identify it under any circumstance.
vii) Phishing: Since Shangri-La is a hotel, phishing is one of the most widespread and
common network security threats that could occur for the organizational networks (Siponen,
Mahmood and Pahnila 2014). It is a fraud practice to send emails after purporting to be from
the most reputable organizations for inducing the individuals for revealing personal data of
their customers like credit card details and passwords.
viii) Denial of Service Attacks: It is a DoS attack, where the perpetrator seeks in
making a network resource or machine temporarily unavailable to the intended users after
disrupting the services of the host (Tøndel, Line and Jaatun 2014). As a result, the customers
would not be getting the amenities and services of the hotel.
The mitigation techniques of these network security threats in Shangri-La hotel are as
follows:
i) Mitigation for Malware: Regular training of the hotel staff and employees
regarding the most common forms of malware and process to avoid them is referred to as an
INFORMATION SECURITY
bank account information of these customers. It is being done by monitoring the internet
activities and tracking the information of login and password of their customers.
iv) Adware: It is yet another big potential threat that is eventually present inside the
organizational network of Shangri-La Hotel. It is an advertising-supported software
eventually generates revenue for the developer by automatic generation of online
advertisements within the user interface of the software or over a screen that is being
presented to the specific user during the completion of the installation process (Lowry and
Moody 2015). Since, Shangri-La is a hotel, adware could be extremely common for their
network.
v) Trojan Horses: Trojan horse is a downloaded as well as installed program, which
appears harmless, however, is highly malicious for the organizational network. The most
unexpected changes to the computerized settings are stronger indications that Trojan is
residing within the system of Shangri-La.
vi) Worms: A computer worm is a specific malware computerized program, which
eventually replicates itself for spreading to the other computer systems (Montesdioca and
Maçada 2015). These worms could cause at least some harm to the network of Shangri-La
after consuming its bandwidth and changing or modifying customers’ data; however, the
security analysts would not be able to identify it under any circumstance.
vii) Phishing: Since Shangri-La is a hotel, phishing is one of the most widespread and
common network security threats that could occur for the organizational networks (Siponen,
Mahmood and Pahnila 2014). It is a fraud practice to send emails after purporting to be from
the most reputable organizations for inducing the individuals for revealing personal data of
their customers like credit card details and passwords.
viii) Denial of Service Attacks: It is a DoS attack, where the perpetrator seeks in
making a network resource or machine temporarily unavailable to the intended users after
disrupting the services of the host (Tøndel, Line and Jaatun 2014). As a result, the customers
would not be getting the amenities and services of the hotel.
The mitigation techniques of these network security threats in Shangri-La hotel are as
follows:
i) Mitigation for Malware: Regular training of the hotel staff and employees
regarding the most common forms of malware and process to avoid them is referred to as an
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
INFORMATION SECURITY
essential technique to mitigate malware threats. Moreover, the security analysts of Shangri-
La should enable automatic upgradations of the software for this purpose.
ii) Mitigation for Computer Viruses: Utilization of spam filters and successful
installation of antivirus software would be highly useful for Shangri-La to eradicate computer
virus successfully from their network (Tsohou et al. 2015).
iii) Mitigation for Spyware: The organization should make a spyware protection
policy and also implement different applications for an anti-spyware technique for ensuring
that the network is free from any type of spyware (Siponen, Mahmood and Pahnila 2014).
Moreover, systems should be locked down entirely with a layered defence.
iv) Mitigation for Adware: To eradicate adware from the organizational network of
Shangri-La, they should adjust their browser settings with high-security aspects and also
install a firewall, so that such threats are identified even before they enter into the system
(Gupta, Agrawal and Yamaguchi 2016).
v) Mitigation for Trojan Horses: There are few programs called Trojan banker and
Trojan rootkits, which are highly effective for prevention of Trojan horses (Safa, Von Solms
and Furnell 2016). These programs are also helpful in detecting the malware or any type of
malicious activities within the network.
vi) Mitigation for Worms: The most effective and suitable mitigation techniques for
avoiding computer worms in the system of Shangri-La would be ACLs within switches and
routers and involvement of packet filters.
vii) Mitigation for Phishing: They should not use a single domain for their URL and
email and should create at least 3 or 4 for this purpose (Narain Singh, Gupta and Ojha 2014).
Moreover, the staff should not check or download files, when it is not necessary.
viii) Mitigation for Denial of Service Attacks: This type of network security attack
could be eradicated by Shangri-La through the process of IP whitelisting or blacklisting
(Pathan 2016). This particular process is helpful in identifying only legitimate IP addresses
and also blocking the IP addresses from the attackers.
3. Conclusion
Hence, from this above discussion, a conclusion could be drawn that InfoSec is one of
the major and the most significant and vital need in an organization for ensuring that better
INFORMATION SECURITY
essential technique to mitigate malware threats. Moreover, the security analysts of Shangri-
La should enable automatic upgradations of the software for this purpose.
ii) Mitigation for Computer Viruses: Utilization of spam filters and successful
installation of antivirus software would be highly useful for Shangri-La to eradicate computer
virus successfully from their network (Tsohou et al. 2015).
iii) Mitigation for Spyware: The organization should make a spyware protection
policy and also implement different applications for an anti-spyware technique for ensuring
that the network is free from any type of spyware (Siponen, Mahmood and Pahnila 2014).
Moreover, systems should be locked down entirely with a layered defence.
iv) Mitigation for Adware: To eradicate adware from the organizational network of
Shangri-La, they should adjust their browser settings with high-security aspects and also
install a firewall, so that such threats are identified even before they enter into the system
(Gupta, Agrawal and Yamaguchi 2016).
v) Mitigation for Trojan Horses: There are few programs called Trojan banker and
Trojan rootkits, which are highly effective for prevention of Trojan horses (Safa, Von Solms
and Furnell 2016). These programs are also helpful in detecting the malware or any type of
malicious activities within the network.
vi) Mitigation for Worms: The most effective and suitable mitigation techniques for
avoiding computer worms in the system of Shangri-La would be ACLs within switches and
routers and involvement of packet filters.
vii) Mitigation for Phishing: They should not use a single domain for their URL and
email and should create at least 3 or 4 for this purpose (Narain Singh, Gupta and Ojha 2014).
Moreover, the staff should not check or download files, when it is not necessary.
viii) Mitigation for Denial of Service Attacks: This type of network security attack
could be eradicated by Shangri-La through the process of IP whitelisting or blacklisting
(Pathan 2016). This particular process is helpful in identifying only legitimate IP addresses
and also blocking the IP addresses from the attackers.
3. Conclusion
Hence, from this above discussion, a conclusion could be drawn that InfoSec is one of
the major and the most significant and vital need in an organization for ensuring that better
8
INFORMATION SECURITY
effectiveness and efficiency in maintained under every circumstance. The CIA of the
organizational information is eventually maintained without hampering the organizational
productivity. It is also useful in the evaluation of the risks to decide the procedure of
addressing or treating the threats for subsequent avoidance, mitigation, sharing as well as
accepting them so that it becomes easier to monitor them and improve the opportunities of
business growth and development. Different policies and standards for passwords, antivirus
software, encryption software and firewall are required for better security awareness and
training within the respective organization. The above-provided report has appropriately
analyzed the information security aspect for the organization of the Shangri-La Hotel in
Sydney, Australia, with relevant details about information security threats and mitigation
techniques.
INFORMATION SECURITY
effectiveness and efficiency in maintained under every circumstance. The CIA of the
organizational information is eventually maintained without hampering the organizational
productivity. It is also useful in the evaluation of the risks to decide the procedure of
addressing or treating the threats for subsequent avoidance, mitigation, sharing as well as
accepting them so that it becomes easier to monitor them and improve the opportunities of
business growth and development. Different policies and standards for passwords, antivirus
software, encryption software and firewall are required for better security awareness and
training within the respective organization. The above-provided report has appropriately
analyzed the information security aspect for the organization of the Shangri-La Hotel in
Sydney, Australia, with relevant details about information security threats and mitigation
techniques.
9
INFORMATION SECURITY
References
Abawajy, J., 2014. User preference of cyber security awareness delivery methods. Behaviour
& Information Technology, 33(3), pp.237-248.
Conklin, W.A., White, G., Cothren, C., Davis, R. and Williams, D., 2015. Principles of
computer security. McGraw-Hill Education Group.
Gupta, B., Agrawal, D.P. and Yamaguchi, S. eds., 2016. Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI global.
Lowry, P.B. and Moody, G.D., 2015. Proposing the control‐reactance compliance model
(CRCM) to explain opposing motivations to comply with organizational information security
policies. Information Systems Journal, 25(5), pp.433-463.
Montesdioca, G.P.Z. and Maçada, A.C.G., 2015. Measuring user satisfaction with
information security practices. Computers & Security, 48, pp.267-280.
Narain Singh, A., Gupta, M.P. and Ojha, A., 2014. Identifying factors of “organizational
information security management”. Journal of Enterprise Information Management, 27(5),
pp.644-667.
Pathan, ASK ed., 2016. Security of self-organizing networks: MANET, WSN, WMN, VANET.
CRC press.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Rebollo, O., Mellado, D., Fernández-Medina, E. and Mouratidis, H., 2015. Empirical
evaluation of a cloud computing information security governance framework. Information
and Software Technology, 58, pp.44-57.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. computers & security, 56, pp.70-82.
Shangri-La Hotel, Sydney. 2020. [online]. Accessed from
https://www.googleadservices.com/pagead/aclk?
sa=L&ai=DChcSEwjE5c7k8vrmAhXEaSoKHTDQASsYABAAGgJ0bQ&ohost=www.googl
e.com&cid=CAASE-
RolP8KwD0ftN3K5vKIc607pZ8&sig=AOD64_2Q7HvOxkPRcRV85bSaidHLAkBFOA&q=
INFORMATION SECURITY
References
Abawajy, J., 2014. User preference of cyber security awareness delivery methods. Behaviour
& Information Technology, 33(3), pp.237-248.
Conklin, W.A., White, G., Cothren, C., Davis, R. and Williams, D., 2015. Principles of
computer security. McGraw-Hill Education Group.
Gupta, B., Agrawal, D.P. and Yamaguchi, S. eds., 2016. Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI global.
Lowry, P.B. and Moody, G.D., 2015. Proposing the control‐reactance compliance model
(CRCM) to explain opposing motivations to comply with organizational information security
policies. Information Systems Journal, 25(5), pp.433-463.
Montesdioca, G.P.Z. and Maçada, A.C.G., 2015. Measuring user satisfaction with
information security practices. Computers & Security, 48, pp.267-280.
Narain Singh, A., Gupta, M.P. and Ojha, A., 2014. Identifying factors of “organizational
information security management”. Journal of Enterprise Information Management, 27(5),
pp.644-667.
Pathan, ASK ed., 2016. Security of self-organizing networks: MANET, WSN, WMN, VANET.
CRC press.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Rebollo, O., Mellado, D., Fernández-Medina, E. and Mouratidis, H., 2015. Empirical
evaluation of a cloud computing information security governance framework. Information
and Software Technology, 58, pp.44-57.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. computers & security, 56, pp.70-82.
Shangri-La Hotel, Sydney. 2020. [online]. Accessed from
https://www.googleadservices.com/pagead/aclk?
sa=L&ai=DChcSEwjE5c7k8vrmAhXEaSoKHTDQASsYABAAGgJ0bQ&ohost=www.googl
e.com&cid=CAASE-
RolP8KwD0ftN3K5vKIc607pZ8&sig=AOD64_2Q7HvOxkPRcRV85bSaidHLAkBFOA&q=
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
INFORMATION SECURITY
&ved=2ahUKEwj1zcHk8vrmAhVEILcAHZNTCRMQ0Qx6BAgXEAE&adurl [Accessed on
11 January 2020].
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
Tøndel, I.A., Line, M.B. and Jaatun, M.G., 2014. Information security incident management:
Current practice as reported in the literature. Computers & Security, 45, pp.42-57.
Tsohou, A., Karyda, M. and Kokolakis, S., 2015. Analyzing the role of cognitive and cultural
biases in the internalization of information security policies: Recommendations for
information security awareness programs. Computers & security, 52, pp.128-141.
Tsohou, A., Karyda, M., Kokolakis, S. and Kiountouzis, E., 2015. Managing the introduction
of information security awareness programmes in organizations. European Journal of
Information Systems, 24(1), pp.38-58.
Vance, A., Anderson, B., Kirwan, C.B. and Eargle, D., 2014. Using measures of risk
perception to predict information security behavior: Insights from electroencephalography
(EEG). Association for Information Systems.
INFORMATION SECURITY
&ved=2ahUKEwj1zcHk8vrmAhVEILcAHZNTCRMQ0Qx6BAgXEAE&adurl [Accessed on
11 January 2020].
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
Tøndel, I.A., Line, M.B. and Jaatun, M.G., 2014. Information security incident management:
Current practice as reported in the literature. Computers & Security, 45, pp.42-57.
Tsohou, A., Karyda, M. and Kokolakis, S., 2015. Analyzing the role of cognitive and cultural
biases in the internalization of information security policies: Recommendations for
information security awareness programs. Computers & security, 52, pp.128-141.
Tsohou, A., Karyda, M., Kokolakis, S. and Kiountouzis, E., 2015. Managing the introduction
of information security awareness programmes in organizations. European Journal of
Information Systems, 24(1), pp.38-58.
Vance, A., Anderson, B., Kirwan, C.B. and Eargle, D., 2014. Using measures of risk
perception to predict information security behavior: Insights from electroencephalography
(EEG). Association for Information Systems.
1 out of 11
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.