دانلود رایگان مقاله یک مدل جامع از عوامل امنیت اطلاعات برای تصمیم گیرندگان – سال 2020
مشخصات مقاله:
عنوان فارسی مقاله:
یک مدل جامع از عوامل امنیت اطلاعات برای تصمیم گیرندگان
عنوان انگلیسی مقاله:
A Comprehensive Model of Information Security Factors for Decision-Makers
کلمات کلیدی مقاله:
شاخص های اصلی امنیتی، موفقیت امنیتی، مدل امنیتی، تصمیم گیری برای مدیریت امنیت، مصاحبه تخصصی
مناسب برای رشته های دانشگاهی زیر:
مهندسی کامپیوتر
مناسب برای گرایش های دانشگاهی زیر:
امنیت اطلاعات
وضعیت مقاله انگلیسی و ترجمه:
مقاله انگلیسی را میتوانید به صورت رایگان با فرمت PDF با کلیک بر روی دکمه آبی، دانلود نمایید. برای ثبت سفارش ترجمه نیز روی دکلمه قرمز رنگ کلیک نمایید. سفارش ترجمه نیازمند زمان بوده و ترجمه این مقاله آماده نمیباشد و پس از اتمام ترجمه، فایل ورد تایپ شده قابل دانلود خواهد بود.
فهرست مطالب:
Abstract
Keywords
1. Introduction
2. Background and motivation
2.1. Standards and best practices
2.2. Information security success
2.3. Shortcomings in literature and practice
3. Methodology
3.1. Literature search
3.2. Literature analysis
3.3. Expert interview
3.3.1. Operationalization
3.3.2. Expert selection
3.3.3. Interview analysis
4. Management success factors
4.1. Factors derived from the literature
4.2. Evaluation of Factors
4.2.1. Content validation of MSFs
4.2.2. Relevance validation of MSFs
4.2.3. Control questions
5. A comprehensive model of MSFs
6. Discussion and future research
7. Conclusion
Declaration of Competing Interests
Appendix A
Appendix B
References
قسمتی از مقاله انگلیسی:
1. Introduction
Today, most businesses are based or even fully dependent on information such as financial data for banks to stay at the market and be competitive (Knapp et al., 2006). According to thycotic, 62 % of all cyber-attacks are hitting smalland mid-sized businesses of which 60 % are going out of businesses six months after such an attack (Thycopic Software Ltd., 2017). 53 % of the attacks are causing $500.000 or more (Cisco Systems Inc., 2018) while the average cost of a data breach was $3.86 million (Ponemon Institute LLC, 2018). Not just financial losses are a risk but also legal and reputation repercussions (Tu & Yuan, 2014). Therefore, it is necessary for organizations to keep their information and the underlying technology secure against business-harming attacks. In the past, information security was purely a technical concern and therefore, technical employees were responsible for information security issues within an organization (Willison & Backhouse, 2006). This perspective fails when it comes to a comprehensive and holistic view and the overall security strategy. Thus, in the past years, there was a shift from the executive technology expert to a management responsibility and a more business-focused view protecting information (Yeh & Chang, 2007; Ashenden, 2008; Ransbotham & Mitra, 2009). Nowadays, security managers are fully responsible to consider and respond to information security issues (Abu-Musa, 2010; Soomro et al., 2016). Various cases like the ”Equifax breach” had shown the consequences for the top management in case of information security disregards. There, over 146 million personal information were stolen because of an unpatched system, which was a technical shortcoming. This causes, that the company gets rid of their CEO, CIO, and CSO by the ”retirement” of them right after the breach (Bernard & Cowley, 2017). The technical personal was not affected. This goes further in manifesting the management responsibility within laws like the German Stock Corporation Act (§91 section 2) which also requires an active risk management within companies.