The 14 layered framework for including social and organisational aspects in security management
2010 (English)In: Proceedings of the South African Information Security Multi-Conference, SAISMC 2010, pp90-99, Center for Security, Communications & Network Research, University of Plymouth , 2010Conference paper (Other academic)
The ultimate aim of the COINS - COntrolled INformation Security – project is to investigate, assess, and provide tools to improve the information security status in organizations with a focus on public agencies. A central question for the project is how information security issues are communicated within the organizations, specifically underlining that communication is control in a cybernetic sense. The project is carried out in a number of steps embracing to design modelling techniques and metrics for information security issues in organizations (1), collect data from Swedish governmental agencies (2), use the modelling techniques to model communication of information security in organizations from different perspectives (3), to apply metrics on the data in order to assess information security levels in the agencies (4), identify gaps (5) and needs for improvement (6). The 14 layered framework, which is based on well established knowledge within information security: frameworks, models, standards, and terminology is presented. The scientific base is cybernetics, including variety engineering and recursion to provide adaptation and learning. The motivation for the research is that communication of information security issues within organizations tend to be insufficient and the mental connections between IT-security and information security work are weak, which prohibits the organization from learning and adapting in its security work. This is a report on research in progress.
Place, publisher, year, edition, pages
Center for Security, Communications & Network Research, University of Plymouth , 2010.
Information security management, holistic approach, applied research
Research subject Computer and Systems Sciences
IdentifiersURN: urn:nbn:se:su:diva-52009ISBN: 978-1-84102-256-7OAI: oai:DiVA.org:su-52009DiVA: diva2:386489
skriven inom projekt COINS2011-01-122011-01-12