Information Security: Threats, Responses, and Business Impact Analysis
VerifiedAdded on  2022/08/31
|12
|2946
|13
Report
AI Summary
This report provides a comprehensive overview of information security, emphasizing its critical role in protecting organizational data. It defines information security, its importance, and the essential functions it serves, including safeguarding data, enabling secure application operation, and protecting technology assets. The report delves into the core principles of information security, such as confidentiality, integrity, availability, non-repudiation, accountability, and authenticity, and discusses the threats that compromise these principles, including software attacks, identity theft, and insider threats. It also explores various responses to these threats, like mitigation and transfer. The report highlights the importance of risk management and the need for organizations to implement robust security measures to protect their information assets and ensure business continuity. This report underscores the need for organizations to balance security measures with costs and to remain vigilant against evolving threats.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INFORMATION SYSTEM
INFORMATION SYSTEMS
Name of the Student:
Name of the University:
Author Note:
INFORMATION SYSTEMS
Name of the Student:
Name of the University:
Author Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INFORMATION SYSTEMS
Table of Contents
Introduction................................................................................................................................2
Importance of Information Security...........................................................................................2
Confidentiality........................................................................................................................5
Integrity..................................................................................................................................6
Availability.............................................................................................................................6
Non Repudiation....................................................................................................................6
Accountability........................................................................................................................7
Authenticity............................................................................................................................7
Threats of Information Security.................................................................................................7
Responses to the threats.........................................................................................................8
Conclusion..................................................................................................................................9
References................................................................................................................................10
Table of Contents
Introduction................................................................................................................................2
Importance of Information Security...........................................................................................2
Confidentiality........................................................................................................................5
Integrity..................................................................................................................................6
Availability.............................................................................................................................6
Non Repudiation....................................................................................................................6
Accountability........................................................................................................................7
Authenticity............................................................................................................................7
Threats of Information Security.................................................................................................7
Responses to the threats.........................................................................................................8
Conclusion..................................................................................................................................9
References................................................................................................................................10
2INFORMATION SYSTEMS
Introduction
Information Security is practice to protect information by mitigation of information
risks. This is a risk management of information’s part. This involves typically reducing or
preventing probability of inappropriate or unauthorised use, access, disruption, disclosure,
destruction, deletion, modification, corruption, devaluation, recording or inspection.
However, it might involve reducing incidents’ adverse impacts. The information might take
any kind of form, such as electronic, tangible, physical or intangible. Information security’s
main focus is protection for integrity, confidentiality or availability of the data, along with
maintaining focus over policy implementation that is effective, without hampering the
productivity of the organization (Von Solms and Van Niekerk 2013).
It is achieved largely by risk management’s structured process which involves
evaluating risks, identification of information and all related assets along with potential
vulnerabilities, impacts and threats, deciding the procedure to treat or address the risks, which
is avoiding, mitigating, accepting or sharing them, where there is need of risk mitigation,
designing or selecting proper controls of security and implementing those and monitoring
activities, making the adjustments for addressing any kind of changes, issues and
opportunities for improvement (Peltier 2013).
Importance of Information Security
Information security is critical for every organization for protecting their business
data and also conducts the business. It could be defined as protection of system and
information and the hardware which store, transmit and use the information. Four essential
functions are performed by information security for organization that is protect ability for
functioning for the organization, enable applications’ sage operation which are implemented
on IT systems of the organization, protect data which is used and collected by the
Introduction
Information Security is practice to protect information by mitigation of information
risks. This is a risk management of information’s part. This involves typically reducing or
preventing probability of inappropriate or unauthorised use, access, disruption, disclosure,
destruction, deletion, modification, corruption, devaluation, recording or inspection.
However, it might involve reducing incidents’ adverse impacts. The information might take
any kind of form, such as electronic, tangible, physical or intangible. Information security’s
main focus is protection for integrity, confidentiality or availability of the data, along with
maintaining focus over policy implementation that is effective, without hampering the
productivity of the organization (Von Solms and Van Niekerk 2013).
It is achieved largely by risk management’s structured process which involves
evaluating risks, identification of information and all related assets along with potential
vulnerabilities, impacts and threats, deciding the procedure to treat or address the risks, which
is avoiding, mitigating, accepting or sharing them, where there is need of risk mitigation,
designing or selecting proper controls of security and implementing those and monitoring
activities, making the adjustments for addressing any kind of changes, issues and
opportunities for improvement (Peltier 2013).
Importance of Information Security
Information security is critical for every organization for protecting their business
data and also conducts the business. It could be defined as protection of system and
information and the hardware which store, transmit and use the information. Four essential
functions are performed by information security for organization that is protect ability for
functioning for the organization, enable applications’ sage operation which are implemented
on IT systems of the organization, protect data which is used and collected by the
3INFORMATION SYSTEMS
organization and safeguards the assets of technology that is used within the organization
(Crossler et. al. 2013). However, there are risks and challenges involved in implementation of
information security within organizations.
Information is an essential asset for the organizations. Information must be protected
appropriately. The security is for combining systems, internal controls and operation for
ensuring confidentiality and integrity of data and procedures of the operation within the
organization. Information security is used for protecting the data which is owned by an
individual or the organization from the risks or threats. Goal of information security is
building protection against attackers who could cause damage. Information security is
protecting information and the critical elements, which consists of systems and the hardware
which use, transmit and store the information. It is group of policies, management practices,
technologies and standards which are applied in information for keeping it secure.
Information security enables also applications’ safe operation which are implemented on IT
systems of the organization as for protecting the data, organization would install proper
software that must secure data like antivirus (Siponen, Mahmood and Pahnila 2014). Hence,
it is really crucial within the organization for protecting applications which are implemented
within organizations and also protect data which are stored within the systems. Along with
protecting the data, application which are installed must be protected also as it could
contribute in damages of information.
It would protect data which is used and collected by the organization. If data is left
not protected, anyone could access the data. If information falls in wrong hands, this could
drop business, destroy lives and could be used for doing harm. Programs of information
security would ensure that protection is provided to proper information, both requirements of
legal and business by taking necessary steps for protecting the data of the organization.
Additionally, steps are taken for protecting information of organization to maintain privacy
organization and safeguards the assets of technology that is used within the organization
(Crossler et. al. 2013). However, there are risks and challenges involved in implementation of
information security within organizations.
Information is an essential asset for the organizations. Information must be protected
appropriately. The security is for combining systems, internal controls and operation for
ensuring confidentiality and integrity of data and procedures of the operation within the
organization. Information security is used for protecting the data which is owned by an
individual or the organization from the risks or threats. Goal of information security is
building protection against attackers who could cause damage. Information security is
protecting information and the critical elements, which consists of systems and the hardware
which use, transmit and store the information. It is group of policies, management practices,
technologies and standards which are applied in information for keeping it secure.
Information security enables also applications’ safe operation which are implemented on IT
systems of the organization as for protecting the data, organization would install proper
software that must secure data like antivirus (Siponen, Mahmood and Pahnila 2014). Hence,
it is really crucial within the organization for protecting applications which are implemented
within organizations and also protect data which are stored within the systems. Along with
protecting the data, application which are installed must be protected also as it could
contribute in damages of information.
It would protect data which is used and collected by the organization. If data is left
not protected, anyone could access the data. If information falls in wrong hands, this could
drop business, destroy lives and could be used for doing harm. Programs of information
security would ensure that protection is provided to proper information, both requirements of
legal and business by taking necessary steps for protecting the data of the organization.
Additionally, steps are taken for protecting information of organization to maintain privacy
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INFORMATION SYSTEMS
and would help in preventing identified theft. Within the organization, information is
essential business assets and require proper protection. It is especially essential within
environment of business, where information could be exposed to increasing number and
broader variety of vulnerabilities and threats. Cause damage like computer hacking, DoS
attacks and malicious code became more ambitious, more sophisticated and more common
(Peltier 2016). Hence, by information security’s implementation in the organization, it could
protect assets of technology within the organization.
With respect to protection of the organization’s functionality, both managements are
in charge to implement information security which protects ability of organization for
functioning. Information is an essential element for the organizations for doing business.
Along with it, the information of the customers of the organizations are also kept. Hence, it is
essential for them for protecting information. Without having information, businesses could
not be run (Singh 2013). Through securing information store, this could enable organization
in running business also. Hence, it is crucial to have information security in the organizations.
Information security’s implementation within the organization could protect
information assets and technology used by it by detecting, preventing and responding to both
external and internal threats. Both IT and senior management are in charge for strategy of
information security of the organization. Though within smaller organizations, the job would
sit with security and risk, compliance and data and managers of information security and IT
and the directors (Xu et. al. 2014). For supporting the strategy of information security, it is
essential in improving awareness of issues of information security to the staff members by
initiatives and training. Organizations should also enforce their policies of information
security and review the policies regularly for meeting the security requirements.
Vulnerabilities and threats must be analysed and evaluated which means implementing and
and would help in preventing identified theft. Within the organization, information is
essential business assets and require proper protection. It is especially essential within
environment of business, where information could be exposed to increasing number and
broader variety of vulnerabilities and threats. Cause damage like computer hacking, DoS
attacks and malicious code became more ambitious, more sophisticated and more common
(Peltier 2016). Hence, by information security’s implementation in the organization, it could
protect assets of technology within the organization.
With respect to protection of the organization’s functionality, both managements are
in charge to implement information security which protects ability of organization for
functioning. Information is an essential element for the organizations for doing business.
Along with it, the information of the customers of the organizations are also kept. Hence, it is
essential for them for protecting information. Without having information, businesses could
not be run (Singh 2013). Through securing information store, this could enable organization
in running business also. Hence, it is crucial to have information security in the organizations.
Information security’s implementation within the organization could protect
information assets and technology used by it by detecting, preventing and responding to both
external and internal threats. Both IT and senior management are in charge for strategy of
information security of the organization. Though within smaller organizations, the job would
sit with security and risk, compliance and data and managers of information security and IT
and the directors (Xu et. al. 2014). For supporting the strategy of information security, it is
essential in improving awareness of issues of information security to the staff members by
initiatives and training. Organizations should also enforce their policies of information
security and review the policies regularly for meeting the security requirements.
Vulnerabilities and threats must be analysed and evaluated which means implementing and
5INFORMATION SYSTEMS
establishing procedures and control measures for minimising the risks and also auditing for
measuring the controls’ performance.
Organizations recognised importance to have roadblocks for protecting private
information in becoming public. When community members of information security took part
in Trends Report of Cybersecurity, they were questioned about how they felt with the
security stance. Cybersecurity professionals were concerned about malware, malicious
insiders and phishing attacks (D'Arcy, Herath and Shoss 2014). Organizations are making
efforts for allocating more funds within the budgets for the security. As there is increase in
threats of cybersecurity, experts of information security are pushing more focus to protect the
organizations in losing time as for disruptions in defence of network. Security disruptions
which interfere with essential functioning of the organization is threat which could be fought
against skilled professionals of information security stopping infiltration which went
undetected initially.
It is not only related to securing the information from the unauthorized access. It is
practice to prevent unauthorised use, access, disruption, modification, recording, inspection,
destruction or disclosure of information. Data could be electrical or physical. Several areas of
research are spanned by information security such as cyber forensics, social media, mobile
computing and cryptography (Andress 2014). Programs of information security are created
having 3 objectives, termed as CIA namely, Confidentiality, Integrity and Availability.
Confidentiality
It means there is no disclosure of information to the unauthorised users, process and
entities. For instance, if someone is logging in Gmail account and another guy sees it. In such
case, password is compromised and the confidentiality is breached.
establishing procedures and control measures for minimising the risks and also auditing for
measuring the controls’ performance.
Organizations recognised importance to have roadblocks for protecting private
information in becoming public. When community members of information security took part
in Trends Report of Cybersecurity, they were questioned about how they felt with the
security stance. Cybersecurity professionals were concerned about malware, malicious
insiders and phishing attacks (D'Arcy, Herath and Shoss 2014). Organizations are making
efforts for allocating more funds within the budgets for the security. As there is increase in
threats of cybersecurity, experts of information security are pushing more focus to protect the
organizations in losing time as for disruptions in defence of network. Security disruptions
which interfere with essential functioning of the organization is threat which could be fought
against skilled professionals of information security stopping infiltration which went
undetected initially.
It is not only related to securing the information from the unauthorized access. It is
practice to prevent unauthorised use, access, disruption, modification, recording, inspection,
destruction or disclosure of information. Data could be electrical or physical. Several areas of
research are spanned by information security such as cyber forensics, social media, mobile
computing and cryptography (Andress 2014). Programs of information security are created
having 3 objectives, termed as CIA namely, Confidentiality, Integrity and Availability.
Confidentiality
It means there is no disclosure of information to the unauthorised users, process and
entities. For instance, if someone is logging in Gmail account and another guy sees it. In such
case, password is compromised and the confidentiality is breached.
6INFORMATION SYSTEMS
Integrity
It means maintaining completeness and accuracy of data. It means data could not be
edited or altered in unauthorised process. For instance, if a specific organization is left by an
employee, in such case, data of the employee in every department such as accounts, must be
updated for reflecting status as LEFT, as the data must be complete and additionally, only
authorised user must be allowed for editing data of employee (Safa, Von Solms and Furnell
2016).
Availability
It means information should be available whenever required. For instance, if someone
needs in accessing information of particular employee for checking if employee outstand
quantity of leaves, in such case, this needs collaboration from many separate organizational
tams like development operations, policy change management, network operations and
incident response. Attack of DoS is one factor which could hamper information’s availability.
Apart from these, one principle is also there which governs programs of information
security, which is Non repudiation.
Non Repudiation
It means that one party could not deny to receive a transaction or message nor other
party could deny to send a transaction or a message. For instance, It is enough to show in
cryptography that the messages show digital signatures that are signed with private key of the
sender and the sender might have sent a message and no one could have changed it while
transmitting (Chen, Ramamurthy and Wen 2015). Data authenticity and data integrity are pre-
requisites of Non repudiation.
Integrity
It means maintaining completeness and accuracy of data. It means data could not be
edited or altered in unauthorised process. For instance, if a specific organization is left by an
employee, in such case, data of the employee in every department such as accounts, must be
updated for reflecting status as LEFT, as the data must be complete and additionally, only
authorised user must be allowed for editing data of employee (Safa, Von Solms and Furnell
2016).
Availability
It means information should be available whenever required. For instance, if someone
needs in accessing information of particular employee for checking if employee outstand
quantity of leaves, in such case, this needs collaboration from many separate organizational
tams like development operations, policy change management, network operations and
incident response. Attack of DoS is one factor which could hamper information’s availability.
Apart from these, one principle is also there which governs programs of information
security, which is Non repudiation.
Non Repudiation
It means that one party could not deny to receive a transaction or message nor other
party could deny to send a transaction or a message. For instance, It is enough to show in
cryptography that the messages show digital signatures that are signed with private key of the
sender and the sender might have sent a message and no one could have changed it while
transmitting (Chen, Ramamurthy and Wen 2015). Data authenticity and data integrity are pre-
requisites of Non repudiation.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INFORMATION SYSTEMS
Accountability
It means that this must be possible for tracing actions for entity unique to the entity.
For instance, not all employees must be given access to make changes within data of other
employees (Ahmad, Maynard and Park 2014). For this, separate department is there within
the organization which is responsible to make the changes and while request is received by
them for change, then the letter should be signed by the higher authority.
Authenticity
It means verification that the identity of the users and input arriving towards the
destination is received from trusted source. The principle if follows makes sure that genuine
and valid message is received from the trusted source by valid transmission. As instance, if
message is sent by the sender with the digital signature that was generated by using private
key and message’s hash value (Kolkowska and Dhillon 2013). Now at side of receiver, the
digital signature should be decrypted by using public key which generates hash value and the
message is hashed again for generating hash value.
Threats of Information Security
Threats of information security are of several different forms. Few of most known
threats are the attacks of software, identity theft, intellectual property’s theft, sabotage,
information extortion and theft of information or equipment. Software attacks like these are
experienced by most people. Worms, Trojan houses, viruses and phishing attacks are few
known examples of the attacks of software. Intellectual property’s theft is extensive issue of
several businesses in field of IT. Theft of identity is the attempt in acting as anyone else for
obtaining personal information of that person or for taking advantage of the access for
important information by social engineering (AlHogail 2015). The theft of information or
equipment is becoming more prevalent as maximum devices are mobile, which are prone for
Accountability
It means that this must be possible for tracing actions for entity unique to the entity.
For instance, not all employees must be given access to make changes within data of other
employees (Ahmad, Maynard and Park 2014). For this, separate department is there within
the organization which is responsible to make the changes and while request is received by
them for change, then the letter should be signed by the higher authority.
Authenticity
It means verification that the identity of the users and input arriving towards the
destination is received from trusted source. The principle if follows makes sure that genuine
and valid message is received from the trusted source by valid transmission. As instance, if
message is sent by the sender with the digital signature that was generated by using private
key and message’s hash value (Kolkowska and Dhillon 2013). Now at side of receiver, the
digital signature should be decrypted by using public key which generates hash value and the
message is hashed again for generating hash value.
Threats of Information Security
Threats of information security are of several different forms. Few of most known
threats are the attacks of software, identity theft, intellectual property’s theft, sabotage,
information extortion and theft of information or equipment. Software attacks like these are
experienced by most people. Worms, Trojan houses, viruses and phishing attacks are few
known examples of the attacks of software. Intellectual property’s theft is extensive issue of
several businesses in field of IT. Theft of identity is the attempt in acting as anyone else for
obtaining personal information of that person or for taking advantage of the access for
important information by social engineering (AlHogail 2015). The theft of information or
equipment is becoming more prevalent as maximum devices are mobile, which are prone for
8INFORMATION SYSTEMS
theft and thus become desirable as there is increment in amount of capacity of data. Sabotage
includes destruction of website of the organization in attempt for causing confidence’s loss
on part of the customers. The information extortion includes theft of information or property
of an organization in attempt for receiving payment n exchange to return the property or
information back to the owner as ransomware. Several ways are thee for helping to protect
from such attacks, however a functional precaution is conducting awareness to periodical
user (Soomro, Shah and Ahmed 2016). Most known threat for any company is internal
employees or users, they are known as insider threats also.
Governments, corporations, military, hospitals, non-profitable organizations, private
businesses and financial institutions amass great deal about confidential information related
to the customers, products, employees, financial status and research. Should confidential data
about finances or customers of the business or the new product fall in hands of competitors,
the business along with the customers could face many issues, irreparable of financial loss
along with damage to organization’s reputation. From perspective of business, information
security should be balanced with cost (Yang, Shieh and Tzeng 2013). Model of Gordon Loeb
provides approach of mathematical economy to address this issue. For individual, there is
significant effect of information security over privacy that is viewed quite differently in
several cultures.
Responses to the threats
Possible responses for security risk or threats are:
ď‚· Mitigate or reduce: Implement countermeasures or safeguards for eliminating the
vulnerabilities or for blocking the threats.
ď‚· Transfer or assign: Place cost of threat into other organization or entity like
outsourcing or purchasing insurance.
theft and thus become desirable as there is increment in amount of capacity of data. Sabotage
includes destruction of website of the organization in attempt for causing confidence’s loss
on part of the customers. The information extortion includes theft of information or property
of an organization in attempt for receiving payment n exchange to return the property or
information back to the owner as ransomware. Several ways are thee for helping to protect
from such attacks, however a functional precaution is conducting awareness to periodical
user (Soomro, Shah and Ahmed 2016). Most known threat for any company is internal
employees or users, they are known as insider threats also.
Governments, corporations, military, hospitals, non-profitable organizations, private
businesses and financial institutions amass great deal about confidential information related
to the customers, products, employees, financial status and research. Should confidential data
about finances or customers of the business or the new product fall in hands of competitors,
the business along with the customers could face many issues, irreparable of financial loss
along with damage to organization’s reputation. From perspective of business, information
security should be balanced with cost (Yang, Shieh and Tzeng 2013). Model of Gordon Loeb
provides approach of mathematical economy to address this issue. For individual, there is
significant effect of information security over privacy that is viewed quite differently in
several cultures.
Responses to the threats
Possible responses for security risk or threats are:
ď‚· Mitigate or reduce: Implement countermeasures or safeguards for eliminating the
vulnerabilities or for blocking the threats.
ď‚· Transfer or assign: Place cost of threat into other organization or entity like
outsourcing or purchasing insurance.
9INFORMATION SYSTEMS
ď‚· Accept: Evaluate it if cost of countermeasure overweighs possible loss for cost due to
threat or risk.
Conclusion
Information security is used within the organizations to maintain confidentiality,
integrity and availability (CIA) of information, making sure that the information is not altered
or modified when there are any crucial issues. Such issues consist of natural disasters,
physical theft and server or computer manipulation. The specialists apply the information
security into technology. Specialists of IT security are found within major organizations due
to value and nature of data in larger businesses. Information security’s field has evolved in
last few years. This offers several parts for specialization, which include securing allied
infrastructure and networks, securing databases and applications, digital forensics and
security testing.
ď‚· Accept: Evaluate it if cost of countermeasure overweighs possible loss for cost due to
threat or risk.
Conclusion
Information security is used within the organizations to maintain confidentiality,
integrity and availability (CIA) of information, making sure that the information is not altered
or modified when there are any crucial issues. Such issues consist of natural disasters,
physical theft and server or computer manipulation. The specialists apply the information
security into technology. Specialists of IT security are found within major organizations due
to value and nature of data in larger businesses. Information security’s field has evolved in
last few years. This offers several parts for specialization, which include securing allied
infrastructure and networks, securing databases and applications, digital forensics and
security testing.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10INFORMATION SYSTEMS
References
Ahmad, A., Maynard, S.B. and Park, S., 2014. Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
pp.357-370.
AlHogail, A., 2015. Design and validation of information security culture framework.
Computers in Human Behavior, 49, pp.567-575.
Andress, J., 2014. The basics of information security: understanding the fundamentals of
InfoSec in theory and practice. Syngress.
Chen, Y.A.N., Ramamurthy, K.R.A.M. and Wen, K.W., 2015. Impacts of comprehensive
information security programs on information security culture. Journal of Computer
Information Systems, 55(3), pp.11-19.
Crossler, R.E., Johnston, A.C., Lowry, P.B., Hu, Q., Warkentin, M. and Baskerville, R.,
2013. Future directions for behavioral information security research. computers & security,
32, pp.90-101.
D'Arcy, J., Herath, T. and Shoss, M.K., 2014. Understanding employee responses to stressful
information security requirements: A coping perspective. Journal of Management
Information Systems, 31(2), pp.285-318.
Kolkowska, E. and Dhillon, G., 2013. Organizational power and information security rule
compliance. Computers & Security, 33, pp.3-11.
Peltier, T.R., 2013. Information security fundamentals. CRC press.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
References
Ahmad, A., Maynard, S.B. and Park, S., 2014. Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
pp.357-370.
AlHogail, A., 2015. Design and validation of information security culture framework.
Computers in Human Behavior, 49, pp.567-575.
Andress, J., 2014. The basics of information security: understanding the fundamentals of
InfoSec in theory and practice. Syngress.
Chen, Y.A.N., Ramamurthy, K.R.A.M. and Wen, K.W., 2015. Impacts of comprehensive
information security programs on information security culture. Journal of Computer
Information Systems, 55(3), pp.11-19.
Crossler, R.E., Johnston, A.C., Lowry, P.B., Hu, Q., Warkentin, M. and Baskerville, R.,
2013. Future directions for behavioral information security research. computers & security,
32, pp.90-101.
D'Arcy, J., Herath, T. and Shoss, M.K., 2014. Understanding employee responses to stressful
information security requirements: A coping perspective. Journal of Management
Information Systems, 31(2), pp.285-318.
Kolkowska, E. and Dhillon, G., 2013. Organizational power and information security rule
compliance. Computers & Security, 33, pp.3-11.
Peltier, T.R., 2013. Information security fundamentals. CRC press.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
11INFORMATION SYSTEMS
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. computers & security, 56, pp.70-82.
Singh, G., 2013. A study of encryption algorithms (RSA, DES, 3DES and AES) for
information security. International Journal of Computer Applications, 67(19).
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), pp.215-225.
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security.
computers & security, 38, pp.97-102.
Xu, L., Jiang, C., Wang, J., Yuan, J. and Ren, Y., 2014. Information security in big data:
privacy and data mining. Ieee Access, 2, pp.1149-1176.
Yang, Y.P.O., Shieh, H.M. and Tzeng, G.H., 2013. A VIKOR technique based on
DEMATEL and ANP for information security risk control assessment. Information Sciences,
232, pp.482-500.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. computers & security, 56, pp.70-82.
Singh, G., 2013. A study of encryption algorithms (RSA, DES, 3DES and AES) for
information security. International Journal of Computer Applications, 67(19).
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), pp.215-225.
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security.
computers & security, 38, pp.97-102.
Xu, L., Jiang, C., Wang, J., Yuan, J. and Ren, Y., 2014. Information security in big data:
privacy and data mining. Ieee Access, 2, pp.1149-1176.
Yang, Y.P.O., Shieh, H.M. and Tzeng, G.H., 2013. A VIKOR technique based on
DEMATEL and ANP for information security risk control assessment. Information Sciences,
232, pp.482-500.
1 out of 12
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.