Optus Company: Information Security Model, Risk, and Threat Analysis
VerifiedAdded on 2023/06/12
|13
|2963
|194
Report
AI Summary
This report provides an in-depth analysis of Optus's information security model, security standards (ISO 17799), risk analysis, contingency planning, and IS threats. It discusses the general management and application control systems used by Optus, emphasizing the importance of a robust security m...
Running head: INFORMATION SECURITY AND RISK MANAGEMENT:
Information Security and Risk Management: Optus Company
Name of the student:
Name of the university:
Information Security and Risk Management: Optus Company
Name of the student:
Name of the university:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INFORMATION SECURITY AND RISK MANAGEMENT:
Table of Contents
1. Information Security model for Optus Company........................................................................2
2. Security standard and control (ISO 17799).................................................................................3
3. Risk analysis and contingency planning for Optus......................................................................6
3.1 Risk analysis..........................................................................................................................6
3.2 Contingency plan...................................................................................................................7
4. Analysis for IS threat, vulnerabilities and tools including social engineering............................8
References......................................................................................................................................10
Table of Contents
1. Information Security model for Optus Company........................................................................2
2. Security standard and control (ISO 17799).................................................................................3
3. Risk analysis and contingency planning for Optus......................................................................6
3.1 Risk analysis..........................................................................................................................6
3.2 Contingency plan...................................................................................................................7
4. Analysis for IS threat, vulnerabilities and tools including social engineering............................8
References......................................................................................................................................10
2INFORMATION SECURITY AND RISK MANAGEMENT:
1. Information Security model for Optus Company
Optus is the second largest telecommunication companies in Australia which is a
completely owned subsidiary company that is headquartered in south Wales Australia.
Previously this company was trades under the Optus brand. The general management control
system and application control system used by Optus company is appreciable from the operation
and functional point of view. The information security model used by the company is completely
self- owned and it operates in their own network communications. Besides this the company also
uses the services of broadband network and Telstra (Shi, 2015). The end users of the company
are able to get direct service from the Optus and at the same time defined as a wholesale service
provider. Moreover it can be said that throughout South Wales Australia, it is a well known
broadband and internet (Wireless) service provider.
The security of many others are dependent on this privately owned business thus the
Information Security model used for the company is required o be enough string to maintain the
security of the system. The aim of the Information security model of the company is to deliver
such a security model to the users so that they can resolve the security challenges and also can
close all security threats (Safa, Von Solms & Furnell, 2016). The IS model is the company
provides managed security to free up the business of the users for innovating through staying a
step ahead from the security threats. Another security approach of the company is the accurate
usability of the security technology. The security technology used by the Optus Company can
defend against the corporate level security threats with a very latest robust security system.
The IS model of the company is comprises of security consultants also who provide
ideas to keep their services secured from the external attackers (Shameli-Sendi, Aghababaei-
1. Information Security model for Optus Company
Optus is the second largest telecommunication companies in Australia which is a
completely owned subsidiary company that is headquartered in south Wales Australia.
Previously this company was trades under the Optus brand. The general management control
system and application control system used by Optus company is appreciable from the operation
and functional point of view. The information security model used by the company is completely
self- owned and it operates in their own network communications. Besides this the company also
uses the services of broadband network and Telstra (Shi, 2015). The end users of the company
are able to get direct service from the Optus and at the same time defined as a wholesale service
provider. Moreover it can be said that throughout South Wales Australia, it is a well known
broadband and internet (Wireless) service provider.
The security of many others are dependent on this privately owned business thus the
Information Security model used for the company is required o be enough string to maintain the
security of the system. The aim of the Information security model of the company is to deliver
such a security model to the users so that they can resolve the security challenges and also can
close all security threats (Safa, Von Solms & Furnell, 2016). The IS model is the company
provides managed security to free up the business of the users for innovating through staying a
step ahead from the security threats. Another security approach of the company is the accurate
usability of the security technology. The security technology used by the Optus Company can
defend against the corporate level security threats with a very latest robust security system.
The IS model of the company is comprises of security consultants also who provide
ideas to keep their services secured from the external attackers (Shameli-Sendi, Aghababaei-
3INFORMATION SECURITY AND RISK MANAGEMENT:
Barzegar & Cheriet, 2016). The IS security model of the company can eliminate all security
level gaps also. Moreover, another aim of the company is to let their next generation platform
completely secured. Besides the application platform the IS model can eventually secure the
Intellectual property also. With a secured information security model, different key operational
functionalities can collaborate perform over a single platform (Tsohou, Karyda & Kokolakis,
2015). Besides this the IS model also has proper mobile threat prevention approach which is
powered by the Check point of Optus. With this security application none of the cyber criminals
will be able to access information from the server of the company. Different mobile devices
either android, ios or windows can be prevented with the help of the check point.
In order to stay ahead of security threats, the business of Optus should have to be
innovative in nature. The cyber defense used by the company is quite strong which helps the
business organization to stay ahead of security threats (Ifinedo, 2014). Moreover it can be said
that the company has undertook measurable cyber security steps for defending their
confidentiality from external attacks. In case of the digital business, the very new frontier is the
cloud service provider. In traditional days purchase of new technology was a big deal. However,
due to the integrated work socialization, incredible amount of technology can even by realized.
2. Security standard and control (ISO 17799)
ISO 17799 is not a security standard rather it is a control list and it also defines the
information in terms of asset which are existing in different organizations. The main aim of
Information security is to secure the confidential assets from being damaged or misused by
different unwanted external users (Soomro, Shah & Ahmed, 2016). It will help the company to
minimize commercial, social, and environmental issues through maximizing the rate of return on
Barzegar & Cheriet, 2016). The IS security model of the company can eliminate all security
level gaps also. Moreover, another aim of the company is to let their next generation platform
completely secured. Besides the application platform the IS model can eventually secure the
Intellectual property also. With a secured information security model, different key operational
functionalities can collaborate perform over a single platform (Tsohou, Karyda & Kokolakis,
2015). Besides this the IS model also has proper mobile threat prevention approach which is
powered by the Check point of Optus. With this security application none of the cyber criminals
will be able to access information from the server of the company. Different mobile devices
either android, ios or windows can be prevented with the help of the check point.
In order to stay ahead of security threats, the business of Optus should have to be
innovative in nature. The cyber defense used by the company is quite strong which helps the
business organization to stay ahead of security threats (Ifinedo, 2014). Moreover it can be said
that the company has undertook measurable cyber security steps for defending their
confidentiality from external attacks. In case of the digital business, the very new frontier is the
cloud service provider. In traditional days purchase of new technology was a big deal. However,
due to the integrated work socialization, incredible amount of technology can even by realized.
2. Security standard and control (ISO 17799)
ISO 17799 is not a security standard rather it is a control list and it also defines the
information in terms of asset which are existing in different organizations. The main aim of
Information security is to secure the confidential assets from being damaged or misused by
different unwanted external users (Soomro, Shah & Ahmed, 2016). It will help the company to
minimize commercial, social, and environmental issues through maximizing the rate of return on
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INFORMATION SECURITY AND RISK MANAGEMENT:
Investment rate. According to the ISO 17799, the information security policy is used for the
prevention of the following assets:
Confidentiality: Confidentiality of information ensures that it is not accessible by any
unauthorized users or unwanted assaults (McShane, Gregory & Wilson, 2016). The people who
are authorized can access information from the storage can only fetch data whenever needed
however rest of the users are allowed to retrieve any information easily.
Availability: Information availability assures that those are authorized and all associated
authorized users are allowed to access information from the server whenever required.
Integrity: Integrity of the information is about safeguarding the completeness and
accuracy of information and also about processing that information in a mannered way.
Based on standard ISO 17799 risk assessment it has been found that for the very new
world of mobile cloud, powerful, open as well as flexible WI FI service is required that is served
by Optus (Nugrah & Sastrosubroto, 2015). The security standard used by Optus is free of
different system complexity. The security system used by the company is very much important
from the mobile device perspective, BYOD, guest access and IOT devices. With the help of
programmable network infrastructure the access control system used by the company will be
enforced accordingly (Al-Isma’ili et al., 2016). The network infrastructure for the offload is
completely responsible from the end user perspectives that may automate and orchestrate the
security process of the company. This approach is completely time-saving and cost managing as
well.
Investment rate. According to the ISO 17799, the information security policy is used for the
prevention of the following assets:
Confidentiality: Confidentiality of information ensures that it is not accessible by any
unauthorized users or unwanted assaults (McShane, Gregory & Wilson, 2016). The people who
are authorized can access information from the storage can only fetch data whenever needed
however rest of the users are allowed to retrieve any information easily.
Availability: Information availability assures that those are authorized and all associated
authorized users are allowed to access information from the server whenever required.
Integrity: Integrity of the information is about safeguarding the completeness and
accuracy of information and also about processing that information in a mannered way.
Based on standard ISO 17799 risk assessment it has been found that for the very new
world of mobile cloud, powerful, open as well as flexible WI FI service is required that is served
by Optus (Nugrah & Sastrosubroto, 2015). The security standard used by Optus is free of
different system complexity. The security system used by the company is very much important
from the mobile device perspective, BYOD, guest access and IOT devices. With the help of
programmable network infrastructure the access control system used by the company will be
enforced accordingly (Al-Isma’ili et al., 2016). The network infrastructure for the offload is
completely responsible from the end user perspectives that may automate and orchestrate the
security process of the company. This approach is completely time-saving and cost managing as
well.
5INFORMATION SECURITY AND RISK MANAGEMENT:
With the help of proper security policy, control and organizational security policies all
information stored in Optus’s server can keep secured. The components should have been
measured by securing the information is as follows:
Accountability and integrity
Security responsibility with security responsibility
Training and development programs
Incident management and system acceptance
Planned capacity and malicious codes
Authenticated nodes with defining routing
Proper network segregation
Controlled network connection
For Optus the control programs are not much different from others. It provides unified
communication approach to the users that help to realize the product level benefits. The business
grade voice and video can eventually supported by the mobile access. In many large business
organizations throughout Australia proven capability has been served to business grades (Kafle
et al., 2016). It has been found that, few numbers of wired desktop as well as desk phones
implies the requirement for the edge kevel switches those are lessened. It can also eliminate the
PBX and all other conferencing system. The moves and changes implemented for the system are
completely easy according to the security standard and control.
The general access control system and application control system of the company are
well managed as well as automated by the ISO 17799. Optus need not to supply different kinds
of corporate level phones and laptops as BYOD is adopted by the company. This can lead to
With the help of proper security policy, control and organizational security policies all
information stored in Optus’s server can keep secured. The components should have been
measured by securing the information is as follows:
Accountability and integrity
Security responsibility with security responsibility
Training and development programs
Incident management and system acceptance
Planned capacity and malicious codes
Authenticated nodes with defining routing
Proper network segregation
Controlled network connection
For Optus the control programs are not much different from others. It provides unified
communication approach to the users that help to realize the product level benefits. The business
grade voice and video can eventually supported by the mobile access. In many large business
organizations throughout Australia proven capability has been served to business grades (Kafle
et al., 2016). It has been found that, few numbers of wired desktop as well as desk phones
implies the requirement for the edge kevel switches those are lessened. It can also eliminate the
PBX and all other conferencing system. The moves and changes implemented for the system are
completely easy according to the security standard and control.
The general access control system and application control system of the company are
well managed as well as automated by the ISO 17799. Optus need not to supply different kinds
of corporate level phones and laptops as BYOD is adopted by the company. This can lead to
6INFORMATION SECURITY AND RISK MANAGEMENT:
major operational and capital saving significant changes (Jouini et al., 2014). The frequently
growing adoption for the mobile devices and laptops are increasing the number of different
corporate as well as functional operations. It can also change the real work practice for the
companies who are adopting the services given by Optus. Different present challenges in terms
of activity based working are also eventually grow up with their standard security and control
approach (Omar, 2017). In this kind of environments the company is required to look into certain
components that may cause major risks for the organization and also for the companies those are
using their services.
3. Risk analysis and contingency planning for Optus
3.1 Risk analysis
Around the world cyber crime is making news headlines for different high profile
companies rather victims ranging industries to companies or groups. Due to lack risk
management and contingency management approach the companies are facing major issues in
terms of consumer information loss, production failure and tattered reputation (AlHogail, 2015).
In order to reduce the rate of attack it is necessary for the company to implement coordinative
response from the different functionalities together.
Additionally the intra organizational culture is also needed to be developed accordingly.
In order to develop a cyber security hub Optus has partnered with the well known Macquarie
University. Collaboratively they have developed a company board which is responsible to create
trust whenever the company will face serious cyber security risks (Ifinedo, 2014). For analyzing
the risks that the company is facing the attributes those should be considered are as follows:
major operational and capital saving significant changes (Jouini et al., 2014). The frequently
growing adoption for the mobile devices and laptops are increasing the number of different
corporate as well as functional operations. It can also change the real work practice for the
companies who are adopting the services given by Optus. Different present challenges in terms
of activity based working are also eventually grow up with their standard security and control
approach (Omar, 2017). In this kind of environments the company is required to look into certain
components that may cause major risks for the organization and also for the companies those are
using their services.
3. Risk analysis and contingency planning for Optus
3.1 Risk analysis
Around the world cyber crime is making news headlines for different high profile
companies rather victims ranging industries to companies or groups. Due to lack risk
management and contingency management approach the companies are facing major issues in
terms of consumer information loss, production failure and tattered reputation (AlHogail, 2015).
In order to reduce the rate of attack it is necessary for the company to implement coordinative
response from the different functionalities together.
Additionally the intra organizational culture is also needed to be developed accordingly.
In order to develop a cyber security hub Optus has partnered with the well known Macquarie
University. Collaboratively they have developed a company board which is responsible to create
trust whenever the company will face serious cyber security risks (Ifinedo, 2014). For analyzing
the risks that the company is facing the attributes those should be considered are as follows:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INFORMATION SECURITY AND RISK MANAGEMENT:
Experience and skills of the employees: The employees working for Optus should have
enough skills and experience about cyber security from both the social and legal business
context. They must have parallel experience about their competitors and based on that the
business strategies are to be prepared (Tsohou, Karyda & Kokolakis, 2015). Alongside most
suitable business practices should be adopted by Optus to resolve all managerial issues.
Obligation management system: Cyber security can impact the regulatory, legislative
and similarly stock exchange obligations. Thus, OMS system should be adopted to mitigate these
risks.
Proper risk assessment tools: Lack of cyber security risk assessment is Optus is other
serious issue for the company (Nugraha & Sastrosubroto, 2015). External experts are needed to
be appointed to resolve these high level risks. However, high capital is needed to be invested for
appointing such professional experts.
Strategy development with performance goals: After analyzing the performance goal
business strategies should be developed by Optus. Cyber security strategy place along with
proper performance indicators are needed to be implemented by the company.
Relationship with third party: The senior executives of Optus should create strong
relationship with the third party (Safa, Von Solms & Furnell, 2016). Not only this but also proper
measures for stakeholder communication are to be undertaken for building trust among the
employees and consumers who are working for the company.
3.2 Contingency plan
In order to prepare proper contingency plan for Optus the steps to be considered are as
follows:
Experience and skills of the employees: The employees working for Optus should have
enough skills and experience about cyber security from both the social and legal business
context. They must have parallel experience about their competitors and based on that the
business strategies are to be prepared (Tsohou, Karyda & Kokolakis, 2015). Alongside most
suitable business practices should be adopted by Optus to resolve all managerial issues.
Obligation management system: Cyber security can impact the regulatory, legislative
and similarly stock exchange obligations. Thus, OMS system should be adopted to mitigate these
risks.
Proper risk assessment tools: Lack of cyber security risk assessment is Optus is other
serious issue for the company (Nugraha & Sastrosubroto, 2015). External experts are needed to
be appointed to resolve these high level risks. However, high capital is needed to be invested for
appointing such professional experts.
Strategy development with performance goals: After analyzing the performance goal
business strategies should be developed by Optus. Cyber security strategy place along with
proper performance indicators are needed to be implemented by the company.
Relationship with third party: The senior executives of Optus should create strong
relationship with the third party (Safa, Von Solms & Furnell, 2016). Not only this but also proper
measures for stakeholder communication are to be undertaken for building trust among the
employees and consumers who are working for the company.
3.2 Contingency plan
In order to prepare proper contingency plan for Optus the steps to be considered are as
follows:
8INFORMATION SECURITY AND RISK MANAGEMENT:
Contingency planning policy should be prepared
Conducting business impact analysis
Identification of proper prevention control approach
Creating contingency strategies
Developing information system contingency plan
Ensuring proper testing, training and exercise for ensuring the plan
Maintenance planning
4. Analysis for IS threat, vulnerabilities and tools including social engineering
Optus is facing serious issues due to IS security threats and vulnerabilities for non
properly managed threat management services (Brookes, 2015). After analyzing the company
background, other operational and functional abilities the IS threats those have been identified
are as follows:
Both social media and third party entry and data access
Incorrect encryption algorithm
Negligence for the Information security configuration (Bhatti, Abareshi &
Pittayachawan, 2016)
In order to mitigate these vulnerabilities the tools those have been adopted by Optus
telecommunication are mentioned below:
Development of threat management system that is featuring:
Actionable insight
Protection towards emerging threats and business processes
Contingency planning policy should be prepared
Conducting business impact analysis
Identification of proper prevention control approach
Creating contingency strategies
Developing information system contingency plan
Ensuring proper testing, training and exercise for ensuring the plan
Maintenance planning
4. Analysis for IS threat, vulnerabilities and tools including social engineering
Optus is facing serious issues due to IS security threats and vulnerabilities for non
properly managed threat management services (Brookes, 2015). After analyzing the company
background, other operational and functional abilities the IS threats those have been identified
are as follows:
Both social media and third party entry and data access
Incorrect encryption algorithm
Negligence for the Information security configuration (Bhatti, Abareshi &
Pittayachawan, 2016)
In order to mitigate these vulnerabilities the tools those have been adopted by Optus
telecommunication are mentioned below:
Development of threat management system that is featuring:
Actionable insight
Protection towards emerging threats and business processes
9INFORMATION SECURITY AND RISK MANAGEMENT:
Security issues reduction
Reduced product complexity
Adoption of leading security drivers
Encrypted and well managed email service
Well managed anti malware services
Secured SIEM and UTM
Secured IDS and IPS
Distributed Denial of Service attack mitigation approach
Application delivery and defense security service
Properly managed access management services and identity management approaches
Secured remote access gateway
Social engineering is referred to as an information acquisition regarding the computer
systems through different methods which can deeply incorporate different non technical means.
If proper technical security is not considered then, that system will surely become vulnerable to
get attacked by the externals. Social engineering is referred to as a technique which is defined
through these two features a) no need for advanced technical tools and b) user friendliness and
cheap (Safa, Von Solms & Furnell, 2016). In order to combat the Information security threats
proper tools are to be incorporated. Thus it can be said that with the help of proper IS security
tools (Social engineering) the issues that Optus is continuously facing due to its size and service
domain will be reduced completely.
Security issues reduction
Reduced product complexity
Adoption of leading security drivers
Encrypted and well managed email service
Well managed anti malware services
Secured SIEM and UTM
Secured IDS and IPS
Distributed Denial of Service attack mitigation approach
Application delivery and defense security service
Properly managed access management services and identity management approaches
Secured remote access gateway
Social engineering is referred to as an information acquisition regarding the computer
systems through different methods which can deeply incorporate different non technical means.
If proper technical security is not considered then, that system will surely become vulnerable to
get attacked by the externals. Social engineering is referred to as a technique which is defined
through these two features a) no need for advanced technical tools and b) user friendliness and
cheap (Safa, Von Solms & Furnell, 2016). In order to combat the Information security threats
proper tools are to be incorporated. Thus it can be said that with the help of proper IS security
tools (Social engineering) the issues that Optus is continuously facing due to its size and service
domain will be reduced completely.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10INFORMATION SECURITY AND RISK MANAGEMENT:
References
AlHogail, A. (2015). Design and validation of information security culture
framework. Computers in Human Behavior, 49, 567-575.
Al-Isma’ili, S., Li, M., Shen, J., & He, Q. (2016). Clearing the ‘Cloud’Hanging Over the
Adoption of Cloud Computing in Australian SMEs. Clearing, 12, 11-2016.
Bhatti, H. S., Abareshi, A., & Pittayachawan, S. (2016, July). An Empirical Examination of
Customer Retention in Mobile Telecommunication Services in Australia. In ICE-B (pp.
72-77).
Brookes, C. (2015). Cyber Security: Time for an integrated whole-of-nation approach in
Australia. Indo-Pacific Strategic Papers.
Ifinedo, P. (2014). The effects of national culture on the assessment of information security
threats and controls in financial services industry. International Journal of Electronic
Business Management, 12(2), 75.
Ifinedo, P. (2014). The effects of national culture on the assessment of information security
threats and controls in financial services industry. International Journal of Electronic
Business Management, 12(2), 75.
Jouini, M., Rabai, L. B. A., & Aissa, A. B. (2014). Classification of security threats in
information systems. Procedia Computer Science, 32, 489-496.
References
AlHogail, A. (2015). Design and validation of information security culture
framework. Computers in Human Behavior, 49, 567-575.
Al-Isma’ili, S., Li, M., Shen, J., & He, Q. (2016). Clearing the ‘Cloud’Hanging Over the
Adoption of Cloud Computing in Australian SMEs. Clearing, 12, 11-2016.
Bhatti, H. S., Abareshi, A., & Pittayachawan, S. (2016, July). An Empirical Examination of
Customer Retention in Mobile Telecommunication Services in Australia. In ICE-B (pp.
72-77).
Brookes, C. (2015). Cyber Security: Time for an integrated whole-of-nation approach in
Australia. Indo-Pacific Strategic Papers.
Ifinedo, P. (2014). The effects of national culture on the assessment of information security
threats and controls in financial services industry. International Journal of Electronic
Business Management, 12(2), 75.
Ifinedo, P. (2014). The effects of national culture on the assessment of information security
threats and controls in financial services industry. International Journal of Electronic
Business Management, 12(2), 75.
Jouini, M., Rabai, L. B. A., & Aissa, A. B. (2014). Classification of security threats in
information systems. Procedia Computer Science, 32, 489-496.
11INFORMATION SECURITY AND RISK MANAGEMENT:
Kafle, Y. R., Mahmud, K., Morsalin, S., & Town, G. E. (2016, September). Towards an internet
of energy. In Power System Technology (POWERCON), 2016 IEEE International
Conference on (pp. 1-6). IEEE.
McShane, I., Gregory, M. A., & Wilson, C. (2016). Practicing Safe Public Wi-Fi: Assessing and
Managing Data-Security Risks.
Nugraha, Y., & Sastrosubroto, A. S. (2015, May). Towards data sovereignty in cyberspace.
In Information and Communication Technology (ICoICT), 2015 3rd International
Conference on (pp. 465-471). IEEE.
Omar, S. (2017). Information system security threats and vulnerabilities: evaluating the human
factor in data protection(Doctoral dissertation).
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015).
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, 65-78.
Shameli-Sendi, A., Aghababaei-Barzegar, R., & Cheriet, M. (2016). Taxonomy of information
security risk assessment (ISRA). Computers & security, 57, 14-30.
Shi, S. X. (2015). Time Shifting in a Networked Digital World: Optus TV Now and Copyright in
the Cloud. In Copyright Perspectives (pp. 261-289). Springer, Cham.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more
holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
Kafle, Y. R., Mahmud, K., Morsalin, S., & Town, G. E. (2016, September). Towards an internet
of energy. In Power System Technology (POWERCON), 2016 IEEE International
Conference on (pp. 1-6). IEEE.
McShane, I., Gregory, M. A., & Wilson, C. (2016). Practicing Safe Public Wi-Fi: Assessing and
Managing Data-Security Risks.
Nugraha, Y., & Sastrosubroto, A. S. (2015, May). Towards data sovereignty in cyberspace.
In Information and Communication Technology (ICoICT), 2015 3rd International
Conference on (pp. 465-471). IEEE.
Omar, S. (2017). Information system security threats and vulnerabilities: evaluating the human
factor in data protection(Doctoral dissertation).
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015).
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, 65-78.
Shameli-Sendi, A., Aghababaei-Barzegar, R., & Cheriet, M. (2016). Taxonomy of information
security risk assessment (ISRA). Computers & security, 57, 14-30.
Shi, S. X. (2015). Time Shifting in a Networked Digital World: Optus TV Now and Copyright in
the Cloud. In Copyright Perspectives (pp. 261-289). Springer, Cham.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more
holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
12INFORMATION SECURITY AND RISK MANAGEMENT:
Tsohou, A., Karyda, M., & Kokolakis, S. (2015). Analyzing the role of cognitive and cultural
biases in the internalization of information security policies: recommendations for
information security awareness programs. Computers & security, 52, 128-141.
Tsohou, A., Karyda, M., & Kokolakis, S. (2015). Analyzing the role of cognitive and cultural
biases in the internalization of information security policies: recommendations for
information security awareness programs. Computers & security, 52, 128-141.
1 out of 13
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.