Download or read book Three Essays on Managing Information Systems Security written by Guo Ying Zhang and published by . This book was released on 2007 with total page 242 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Three Essays on Information Technology Security Management in Organizations written by Manish Gupta and published by . This book was released on 2011 with total page 208 pages. Available in PDF, EPUB and Kindle. Book excerpt: AbstractIncreasing complexity and sophistication of ever evolving information technologies has spurred unique and unprecedented challenges for organizations to protect their information assets. Companies suffer significant financial and reputational damage due to ineffective information technology security management, which has extensively been shown to severely impact firm's performance and their market valuation. The dissertation comprises of three essays that address strategic and operational issues that organizations face in managing efficient and secure information technology environment. As organizations increasingly operate, compete and cooperate in a global context, business processes are also becoming global to generate benefits from coordination and standardization across geographical boundaries. In this context, security has gained significance due to increased threats, legislation and compliance issues.^The first essay presents a framework for assessing the security of Internet technology components that support a globally distributed workplace. The framework uses component analysis to examine various aspects of a globally distributed system - the technology components, access channels, architecture and threats. Using a combination of scenarios, architectures and technologies, the paper presents the framework as a development tool for information security officers to evaluate the security posture of an information system . The management and planning of large complex deployments are inherently difficult and time consuming, which are also widely evidenced to have unusually high failure rates. The second essay develops a risk-aware cost model to aid companies to transition to having a single sign on system using a multi-phase pattern of software implementation.^The integer programming-based optimization model provides guidance on the software that should be implemented in each phase taking risk and budgetary constraints into account. The model provides a cost optimal path to migrating to a single sign-on system, while taking into account individual application characteristics as well as different learning aspects of organizational system implementation. The model can be used by managers and professionals in architecting their own software deployment plans in multiple stages to address resource constraint issues such as manpower and budget, while also effectively managing risks. The results of the model show significant cost benefits and effective risk management strategies. This will help organizations from an operational and tactical perspective during implementation of a distributed software system. There has been a tremendous increase in frequency and economic impact potential of security breaches.^Numerous studies have shown that there is significant negative impact on market valuation of the firm that suffered security breach. Extensive literature review reveals that studies have not examined companies' response to security breaches in terms of media announcements about security initiatives and improvements. The third essay investigates whether security breaches lead to announcements of security investments / improvements by the affected companies; and the market reaction to these announcements. In addition, the essay also explores (a) how announcements of remediation and/or of positive investments or improvements in security relate to security breach announcements? (b) effective timing strategies to respond and to release announcements relating to security improvements/initiatives to maximize the favorable impact and (c) the effect of security breach announcements on competitor's market valuation and d) impact of announcements' content on stock price.^The results of the research indicate that there is positive significant market reaction to announcements regarding security improvements made by companies that had a security breach incident. The study also reveals that impact on stock price of competitors is moderated by their industry. The research used event studies and time series analyses to uncover how timing impacts the stock performance, of companies making positive security related announcements in news media, in an attempt to restore image and reputation after a security breach. The results reveal that timing of the announcement, after a breach, significantly influences the impact on stock prices.

Download or read book THREE ESSAYS ON THE ECONOMICS OF INFORMATION SECURITY written by Leting Zhang and published by . This book was released on 2022 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: In recent years, information security has been gaining increasing public attention and has become a high priority for organizations across various industries. Despite the substantial investment in improving security posture, cyber risks continue to escalate as digital transformations are growing rapidly, and new areas of cyber-vulnerability are exposed and exploited. Thus, a critical question for managers, stakeholders, and policymakers is: How to strategically ensure the security of digital assets? To explore the question, my dissertation explores and advances three critical themes in the economics of the information security field. These themes include: 1) unraveling antecedents of risks, 2) determining the optimal level of investment in cybersecurity, and 3) investigating how cybersecurity affects market dynamics. Essay 1 is motivated by security concerns in sharing data across organizations and empirically evaluates the impact of joining a Health Information Exchange (HIE) initiative on a hospital's data breach risks and corresponding mechanisms. Essay 2 uses a game theoretical model to investigate how to design a cost-effective crowdsourcing solution to help organizations leverage crowds' wisdom in vulnerability management. Essay 3 examines the role of peer cyber incidents in information asymmetry issues in the financial market and analyze how peer data breaches affect the quality of a firm's cyber risk disclosure in its financial report. The dissertation sheds light on three crucial factors in information security management: information systems interdependency, innovated cybersecurity solutions, and cyber information asymmetry.

Download or read book Three Essays on Behavioral Aspects of Information Systems written by Sangmi Chai and published by . This book was released on 2009 with total page 140 pages. Available in PDF, EPUB and Kindle. Book excerpt: In the information age, it is important to investigate information systems in relationship to society, in general, and various user groups, in particular. Since information technology requires interactions between people and their social structure, research in information system usage behavior needs to be based on a deep understanding of the interrelation between the technology and the social environment of the user. This dissertation adopts a socio-technical approach in order to better explore the role of information technology in the important research issues of online privacy and information assurance. This dissertation consists of three essays. The first essay investigates factors that affect the career decisions of cyber security scholars. In the recent past, cyber security has become a critical area in the Information Technology (IT) field, and the demand for such professionals has been increasing tremendously.^However, there is a shortage of qualified personnel, which is a factor that contributes greatly to the society's vulnerability to various cyber threats. To date, there is no academic extent research regarding the cyber security workforce and their career decisions. Based on the theories of planned behavior and self-efficacy, our study articulates a model to explain career selection behavior in the cyber security field. To provide validity for the proposed conceptual framework, we undertook a comprehensive empirical investigation of Scholarship for Service (SFS) Scholars who are funded by the National Science Foundation and who are studying information assurance and computer security in universities. The results of this research have implications for retaining a qualified workforce in the computer and information security fields. The second essay explores internet users' online privacy protection behavior.^Information security and privacy on the Internet are critical issues in our society. In this research, factors that influence internet users' private information sharing behavior were examined. Based on a survey of two of the most vulnerable groups on the web, 285 pre- and early teens, this essay provides a research framework that explains in the private information sharing behavior of Internet users. According to our study results, Internet users' information privacy behaviors are affected by two significant factors: the perceived importance of information privacy and information privacy self-efficacy. It was also found that users' belief in the value of online information privacy and information privacy protection behavior varies by gender. Our research findings indicate that educational opportunities regarding Internet privacy and computer security as well as concerns from other reference groups (e.g.^peers, teachers, and parents) play an important role in positively affecting Internet users' protective behavior toward online privacy. The third essay investigates knowledge sharing in the context of blogs. In the information age, web 2.0 technology is receiving growing attention as an innovative way to share information and knowledge. This study articulates a model, which enables the understanding of bloggers' knowledge sharing practices. It identifies and describes the factors affecting their knowledge sharing behavior in online social networks. The analysis of 446 surveys indicates that bloggers' trust, strength of social ties and reciprocity all have a positive impact on their knowledge sharing practices. Their online information privacy concerns, on the other hand, have a negative impact on their knowledge sharing behavior. More importantly, the amount of impact for each factor in knowledge sharing behavior varies by gender .^The research results contribute toward an understanding of the successful deployment of web 2.0 technologies as knowledge management systems and provide useful insights into understanding bloggers' knowledge sharing practices in online communities.

Download or read book Three Essays on Adoption and Continuous Improvement of Information Security Management in Organizations written by Fereshteh Ghahramani and published by . This book was released on 2020 with total page 114 pages. Available in PDF, EPUB and Kindle. Book excerpt: In information intensive organizations secured management of information has become an important issue. Although organizations have been actively investing on information security, crime rate in this area keep increasing. Practitioners and academics have started to realize that information security cannot be achieved through only technological tools. Effective organizational information security depends on how to manage such activities in organizations. Empirical research on the management side of information security behaviors and factors influencing them is still in its infancy. The aim of this three essay dissertation is to focus on adoption and continuous improvement of information security management practices in organizations and uncover factors that play a significant role on IT professionals' and managers' decisions in dominant security contexts. More specifically, the first essay explores the factors which affect decision makers' intention to adopt novel authentication systems. It examines how usability, deployability and security, as evaluation criteria of authentication systems, influence IT professionals' decision making process in this regard. Further, the second essay elaborates on information security activities in organizations which occur prior to the incident. Taking a prototype-willingness model perspective, this essay aims to investigate how both rational and heuristic aspects of decision making can affect IT professionals' proactive information security behavior. Finally, the third essay focuses on continuous improvement in information security management. Drawing upon organizational learning perspective, this study suggests organizational absorptive capacity enhances the way organizations dynamically and repeatedly make improvements in their information security management processes.

Download or read book Three Essays on Information Security Risk Management written by Obiageli Ogbanufe and published by . This book was released on 2018 with total page 169 pages. Available in PDF, EPUB and Kindle. Book excerpt: Today's environment is filled with the proliferation of cyber-attacks that result in losses for organizations and individuals. Hackers often use compromised websites to distribute malware, making it difficult for individuals to detect. The impact of clicking through a link on the Internet that is malware infected can result in consequences such as private information theft and identity theft. Hackers are also known to perpetrate cyber-attacks that result in organizational security breaches that adversely affect organizations' finances, reputation, and market value. Risk management approaches for minimizing and recovering from cyber-attack losses and preventing further cyber-attacks are gaining more importance. Many studies exist that have increased our understanding of how individuals and organizations are motivated to reduce or avoid the risks of security breaches and cyber-attacks using safeguard mechanisms. The safeguards are sometimes technical in nature, such as intrusion detection software and anti-virus software. Other times, the safeguards are procedural in nature such as security policy adherence and security awareness and training. Many of these safeguards fall under the risk mitigation and risk avoidance aspects of risk management, and do not address other aspects of risk management, such as risk transfer. Researchers have argued that technological approaches to security risks are rarely sufficient for providing an overall protection of information system assets. Moreover, others argue that an overall protection must include a risk transfer strategy. Hence, there is a need to understand the risk transfer approach for managing information security risks. Further, in order to effectively address the information security puzzle, there also needs to be an understanding of the nature of the perpetrators of the problem - the hackers. Though hacker incidents proliferate the news, there are few theory based hacker studies. Even though the very nature of their actions presents a difficulty in their accessibility to research, a glimpse of how hackers perpetrate attacks can be obtained through the examination of their knowledge sharing behavior. Gaining some understanding about hackers through their knowledge sharing behavior may help researchers fine-tune future information security research. The insights could also help practitioners design more effective defensive security strategies and risk management efforts aimed at protecting information systems. Hence, this dissertation is interested in understanding the hackers that perpetrate cyber-attacks on individuals and organizations through their knowledge sharing behavior. Then, of interest also is how individuals form their URL click-through intention in the face of proliferated cyber risks. Finally, we explore how and why organizations that are faced with the risk of security breaches, commit to cyberinsurance as a risk management strategy. Thus, the fundamental research question of this dissertation is: how do individuals and organizations manage information security risks?

Download or read book Dissertation Abstracts International written by and published by . This book was released on 2009-05 with total page 582 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Proceedings of 2nd International Conference on Smart Computing and Cyber Security written by Prasant Kumar Pattnaik and published by Springer Nature. This book was released on 2022-05-26 with total page 439 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book presents high-quality research papers presented at the Second International Conference on Smart Computing and Cyber Security: Strategic Foresight, Security Challenges and Innovation (SMARTCYBER 2021) held during June 16–17, 2021, in the Department of Smart Computing, Kyungdong University, Global Campus, South Korea. The book includes selected works from academics and industrial experts in the field of computer science, information technology, and electronics and telecommunication. The content addresses challenges of cyber security.

Download or read book Schneier on Security written by Bruce Schneier and published by John Wiley & Sons. This book was released on 2009-03-16 with total page 442 pages. Available in PDF, EPUB and Kindle. Book excerpt: Presenting invaluable advice from the world?s most famous computer security expert, this intensely readable collection features some of the most insightful and informative coverage of the strengths and weaknesses of computer security and the price people pay -- figuratively and literally -- when security fails. Discussing the issues surrounding things such as airplanes, passports, voting machines, ID cards, cameras, passwords, Internet banking, sporting events, computers, and castles, this book is a must-read for anyone who values security at any level -- business, technical, or personal.

Download or read book Computers at Risk written by National Research Council and published by National Academies Press. This book was released on 1990-02-01 with total page 320 pages. Available in PDF, EPUB and Kindle. Book excerpt: Computers at Risk presents a comprehensive agenda for developing nationwide policies and practices for computer security. Specific recommendations are provided for industry and for government agencies engaged in computer security activities. The volume also outlines problems and opportunities in computer security research, recommends ways to improve the research infrastructure, and suggests topics for investigators. The book explores the diversity of the field, the need to engineer countermeasures based on speculation of what experts think computer attackers may do next, why the technology community has failed to respond to the need for enhanced security systems, how innovators could be encouraged to bring more options to the marketplace, and balancing the importance of security against the right of privacy.

Download or read book Modernizing Enterprise IT Audit Governance and Management Practices written by Gupta, Manish and published by IGI Global. This book was released on 2023-10-26 with total page 333 pages. Available in PDF, EPUB and Kindle. Book excerpt: Information technology auditing examines an organization's IT infrastructure, applications, data use, and management policies, procedures, and operational processes against established standards or policies. Modernizing Enterprise IT Audit Governance and Management Practices provides a guide for internal auditors and students to understand the audit context and its place in the broader information security agenda. The book focuses on technology auditing capabilities, risk management, and technology assurance to strike a balance between theory and practice. This book covers modern assurance products and services for emerging technology environments, such as Dev-Ops, Cloud applications, Artificial intelligence, cybersecurity, blockchain, and electronic payment systems. It examines the impact of the pandemic on IT Audit transformation, outlines common IT audit risks, procedures, and involvement in major IT audit areas, and provides up-to-date audit concepts, tools, techniques, and references. This book offers valuable research papers and practice articles on managing risks related to evolving technologies that impact individuals and organizations from an assurance perspective. The inclusive view of technology auditing explores how to conduct auditing in various contexts and the role of emergent technologies in auditing. The book is designed to be used by practitioners, academicians, and students alike in fields of technology risk management, including cybersecurity, audit, and technology, across different roles.

Download or read book Handbook of Research on Managing Information Systems in Developing Economies written by Boateng, Richard and published by IGI Global. This book was released on 2020-04-17 with total page 695 pages. Available in PDF, EPUB and Kindle. Book excerpt: Technology provides accessibility otherwise unavailable to the people who can benefit from it the most. As new digital tools become less expensive and more widely available, research and real-world cases that examine the union between emergent countries and information systems are essential in determining the next steps for these nations. The Handbook of Research on Managing Information Systems in Developing Economies is a pivotal reference source that explores the effects of technological data handling within developing economies. Covering a broad range of topics such as emerging digital technologies, socio-economic development, and technology startups, this book is ideally designed for software programmers, policymakers, practitioners, educators, academicians, students, and researchers.

Download or read book Insurance 4 0 written by Bernardo Nicoletti and published by Springer Nature. This book was released on 2020-10-31 with total page 542 pages. Available in PDF, EPUB and Kindle. Book excerpt: Industry 4.0 has spread globally since its inception in 2011, now encompassing many sectors, including its diffusion in the field of financial services. By combining information technology and automation, it is now canvassing the insurance sector, which is in dire need of digital transformation. This book presents a business model of Insurance 4.0 by detailing its implementation in processes, platforms, persons, and partnerships of the insurance companies alongside looking at future developments. Filled with business cases in insurance companies and financial services, this book will be of interest to those academics and researchers of insurance, financial technology, and digital transformation, alongside executives and managers of insurance companies.

Download or read book Managing Information Security written by Rahul Bhaskar and published by Elsevier Inc. Chapters. This book was released on 2013-08-21 with total page 31 pages. Available in PDF, EPUB and Kindle. Book excerpt: Information technology security management can be defined as processes that supported enabling organizational structure and technology to protect an organization’s IT operations and assets against internal and external threats, intentional or otherwise. The principle purpose of IT security management is to ensure confidentiality, integrity, and availability (CIA) of IT systems. Fundamentally, security management is a part of the risk management process and business continuity strategy in an organization.

Download or read book Computer Security written by John S. Potts and published by Nova Publishers. This book was released on 2002 with total page 158 pages. Available in PDF, EPUB and Kindle. Book excerpt: We live in a wired society, with computers containing and passing around vital information on both personal and public matters. Keeping this data safe is of paramount concern to all. Yet, not a day seems able to pass without some new threat to our computers. Unfortunately, the march of technology has given us the benefits of computers and electronic tools, while also opening us to unforeseen dangers. Identity theft, electronic spying, and the like are now standard worries. In the effort to defend both personal privacy and crucial databases, computer security has become a key industry. A vast array of companies devoted to defending computers from hackers and viruses have cropped up. Research and academic institutions devote a considerable amount of time and effort to the study of information systems and computer security. Anyone with access to a computer needs to be aware of the developing trends and growth of computer security. To that end, this book presents a comprehensive and carefully selected bibliography of the literature most relevant to understanding computer security. Following the bibliography section, continued access is provided via author, title, and subject indexes. With such a format, this book serves as an important guide and reference tool in the defence of our computerised culture.

Download or read book AUUGN written by and published by . This book was released on 1996 with total page 394 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book The Oxford Handbook of Management Information Systems written by Robert D Galliers and published by Oxford University Press. This book was released on 2011-07-28 with total page 746 pages. Available in PDF, EPUB and Kindle. Book excerpt: This Handbook provides critical, interdisciplinary contributions from leading international academics on the theory and methodology, practical applications, and broader context of Management Information Systems, as well as offering potential avenues for future research