| | SLO | ENG | Piškotki in zasebnost

Večja pisava | Manjša pisava

Iskanje po katalogu digitalne knjižnice Pomoč

Iskalni niz: išči po
išči po
išči po
išči po
* po starem in bolonjskem študiju

Opcije:
  Ponastavi


1 - 7 / 7
Na začetekNa prejšnjo stran1Na naslednjo stranNa konec
1.
2.
3.
4.
Measuring information security performance with 10 by 10 model for holistic state evaluation
Igor Bernik, Kaja Prislan, 2016, izvirni znanstveni članek

Opis: Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model—ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it’s recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.
Ključne besede: information security, organizations, efficiency, measuring, security management
Objavljeno: 19.06.2017; Ogledov: 303; Prenosov: 170
.pdf Celotno besedilo (2,92 MB)
Gradivo ima več datotek! Več...

5.
Criminal responsibility of students regarding using mobile devices and violating the principles of information security
Blaž Markelj, Sabina Zgaga, 2014, izvirni znanstveni članek

Opis: The combination of information security and criminal law in the case of usage of smart mobile phones among the students is a very relevant and current topic. Namely, the number of smart mobile phones’ users is rising daily, including among the student population, due to the need for perpetual communication and constant access to information. However, the lack of knowledge about recommendations on information security and safe use of smart mobile phone together with their disregard could lead to criminal responsibility of the users of smart mobile phones, including students. The purpose of this paper is therefore to represent the potential consequences of criminal responsibility and how to avoid it. The knowledge on safe use of smart mobile phones, their software, but also threats and safety solutions is very low among students, as the survey shows. Due to the loss, conveyance or disclosure of protected data, criminal responsibility of a user could therefore be relevant. In certain cases the juvenile criminal justice system is partly still relevant due to the students’ age, whereas in every case the students' culpability should be assessed precisely. This assessment namely distinguishes the cases, when the student is a perpetrator of a criminal act from the cases, when the student is only a victim of a criminal act due to his improper use of smart mobile phones.
Ključne besede: mobile devices, information security, criminal responsibility, criminal act
Objavljeno: 06.07.2017; Ogledov: 383; Prenosov: 141
.pdf Celotno besedilo (246,69 KB)
Gradivo ima več datotek! Več...

6.
Mobile devices and effective information security
Blaž Markelj, Igor Bernik, 2013, izvirni znanstveni članek

Opis: Rapidly increasing numbers of sophisticated mobile devices (smart phones, tab computers, etc.) all over the world mean that ensuring information security will only become a more pronounced problem for individuals and organizations. It’s important to effectively protect data stored on or accessed by mobile devices, and also during transmission of data between devices and between device and information system. Technological and other trends show, that the cyber threats are also rapidly developing and spreading. It's crucial to educate users about safe usage and to increase their awareness of security issues. Ideally, users should keep-up with technological trends and be well equipped with knowledge otherwise mobile technology will significantly increase security risks. Most important is that we start educating youth so that our next generations of employees will be part of a culture of data and information security awareness.
Ključne besede: information security, blended threats, mobile devices, awareness
Objavljeno: 06.07.2017; Ogledov: 411; Prenosov: 158
.pdf Celotno besedilo (237,86 KB)
Gradivo ima več datotek! Več...

7.
Quantitative model for economic analyses of information security investment in an enterprise information system
Rok Bojanc, Borka Jerman-Blažič, 2012, izvirni znanstveni članek

Opis: The paper presents a mathematical model for the optimal security-technology investment evaluation and decision-making processes based on the quantitative analysis of security risks and digital asset assessments in an enterprise. The model makes use of the quantitative analysis of different security measures that counteract individual risks by identifying the information system processes in an enterprise and the potential threats. The model comprises the target security levels for all identified business processes and the probability of a security accident together with the possible loss the enterprise may suffer. The selection of security technology is based on the efficiency of selected security measures. Economic metrics are applied for the efficiency assessment and comparative analysis of different protection technologies. Unlike the existing models for evaluation of the security investment, the proposed model allows direct comparison and quantitative assessment of different security measures. The model allows deep analyses and computations providing quantitative assessments of different options for investments, which translate into recommendations facilitating the selection of the best solution and the decision-making thereof. The model was tested using empirical examples with data from real business environment.
Ključne besede: modelling, security technology, economic metrics, investment, enterprise information system
Objavljeno: 22.01.2018; Ogledov: 189; Prenosov: 143
.pdf Celotno besedilo (2,18 MB)
Gradivo ima več datotek! Več...

Iskanje izvedeno v 0.23 sek.
Na vrh
Logotipi partnerjev Univerza v Mariboru Univerza v Ljubljani Univerza na Primorskem Univerza v Novi Gorici