Examination of Organizational Information Security Strategy: A Pilot Study

The prevailing approach to cyber security continues to be the implementation of controls—technical, formal, and informal. We have seen little departure from a fundamentally preventive strategy. The criminal justice field has called for an increased emphasis on deterrence strategies, specifically Sit...

Descripción completa

Guardado en:  
Detalles Bibliográficos
Autor principal: Beebe, Nicole Lang (Autor)
Otros Autores: Rao, V. Srinivasan
Tipo de documento: Electrónico Libro
Lenguaje:Inglés
Publicado: 2009
En:Año: 2009
Acceso en línea: Volltext (kostenfrei)
Verificar disponibilidad: HBZ Gateway

MARC

LEADER 00000cam a22000002c 4500
001 1866345192
003 DE-627
005 20250124054907.0
007 cr uuu---uuuuu
008 231019s2009 xx |||||o 00| ||eng c
035 |a (DE-627)1866345192 
035 |a (DE-599)KXP1866345192 
040 |a DE-627  |b ger  |c DE-627  |e rda 
041 |a eng 
084 |a 2,1  |2 ssgn 
100 1 |a Beebe, Nicole Lang  |e VerfasserIn  |4 aut 
245 1 0 |a Examination of Organizational Information Security Strategy: A Pilot Study 
264 1 |c 2009 
336 |a Text  |b txt  |2 rdacontent 
337 |a Computermedien  |b c  |2 rdamedia 
338 |a Online-Ressource  |b cr  |2 rdacarrier 
520 |a The prevailing approach to cyber security continues to be the implementation of controls—technical, formal, and informal. We have seen little departure from a fundamentally preventive strategy. The criminal justice field has called for an increased emphasis on deterrence strategies, specifically Situational Crime Prevention (SCP). This paper presents the results of an exploratory (pilot) study based on interviews of CISOs (or approximate equivalents). We found that while the balance of controls does appear to be improving, technical controls are still the priority— particularly in small organizations. We found that IS security strategies are still predominantly preventive; organizations do not view offender deterrence as a strategy. The respondents definitely see room for strategic improvement. By and large, the information security professionals interviewed believe that cyber offenders are rational decision makers, that reducing anticipated benefit would be the most lucrative influence, followed by perceived effort required and perceived risk of being caught, in that order 
700 1 |a Rao, V. Srinivasan  |e VerfasserIn  |4 aut 
856 4 0 |u https://core.ac.uk/download/301344011.pdf  |x Verlag  |z kostenfrei  |3 Volltext 
935 |a mkri 
951 |a BO 
ELC |a 1 
LOK |0 000 xxxxxcx a22 zn 4500 
LOK |0 001 4392990923 
LOK |0 003 DE-627 
LOK |0 004 1866345192 
LOK |0 005 20231019043729 
LOK |0 008 231019||||||||||||||||ger||||||| 
LOK |0 035   |a (DE-2619)CORE17817626 
LOK |0 040   |a DE-2619  |c DE-627  |d DE-2619 
LOK |0 092   |o n 
LOK |0 852   |a DE-2619 
LOK |0 852 1  |9 00 
LOK |0 935   |a core 
OAS |a 1 
ORI |a SA-MARC-krimdoka001.raw