| Naslov: | A real-world information security performance assessment using a multidimensional socio-technical approach |
|---|
| Avtorji: | ID Prislan Mihelič, Kaja (Avtor)
ID Mihelič, Anže (Avtor)
ID Bernik, Igor (Avtor) |
|---|
| Datoteke: |  Prislan-2020-A_real-world_information_security.pdf (1,17 MB)
MD5: 4D6D5B6B997B7AE302DE8B94D0A5FDC7
 https://doi.org/10.1371/journal.pone.0238739
|
|---|
| Jezik: | Angleški jezik |
|---|
| Vrsta gradiva: | Znanstveno delo |
|---|
| Tipologija: | 1.01 - Izvirni znanstveni članek |
|---|
| Organizacija: | FVV - Fakulteta za varnostne vede
|
|---|
| Opis: | Measuring the performance of information security is an essential part of the information security management system within organisations. Studies in the past mainly focused on establishing qualitative measurement approaches. Since these can lead to ambiguous conclusions, quantitative metrics are being increasingly proposed as a useful alternative. Nevertheless, the literature on quantitative approaches remains scarce. Thus, studies on the evaluation of information security performance are challenging, especially since many approaches are not tested in organisational settings. The paper aims to validate the model used for evaluating the performance of information security management system through a multidimensional socio-technical approach, in a real-world settings among medium-sized enterprises in Slovenia. The results indicate that information security is strategically defined and compliant, however, measures are primarily implemented at technical and operational levels, while its strategic management remains underdeveloped. We found that the biggest issues are related to information resources and risk management, where information security measurement-related activities proved to be particularly problematic. Even though enterprises do possess certain information security capabilities and are aware of the importance of information security, their current practices make it difficult for them to keep up with the fast-paced technological and security trends. |
|---|
| Ključne besede: | information security, information security management, organisations, qualitative measurement |
|---|
| Status publikacije: | Objavljeno |
|---|
| Verzija publikacije: | Objavljena publikacija |
|---|
| Poslano v recenzijo: | 22.05.2020 |
|---|
| Datum sprejetja članka: | 21.08.2020 |
|---|
| Datum objave: | 08.09.2020 |
|---|
| Založnik: | Public Library of Science |
|---|
| Leto izida: | 2020 |
|---|
| Št. strani: | Str. 1-28 |
|---|
| Številčenje: | Letn. 15, št. 9, št. članka 0238739 |
|---|
| PID: | 20.500.12556/DKUM-91807  |
|---|
| UDK: | 004.056(045) |
|---|
| COBISS.SI-ID: | 27680003 |
|---|
| DOI: | 10.1371/journal.pone.0238739 |
|---|
| ISSN pri članku: | 1932-6203 |
|---|
| Datum objave v DKUM: | 07.02.2025 |
|---|
| Število ogledov: | 0 |
|---|
| Število prenosov: | 4 |
|---|
| Metapodatki: |    |
|---|
| Področja: | Ostalo
|
|---|
|
:
|
Kopiraj citat |
|---|
| | | | Skupna ocena: | (0 glasov) |
|---|
| Vaša ocena: | Ocenjevanje je dovoljeno samo prijavljenim uporabnikom. |
|---|
| Objavi na: |  |
|---|
Postavite miškin kazalec na naslov za izpis povzetka. Klik na naslov izpiše
podrobnosti ali sproži prenos. |
