Enhancing information security management through organisational learning

Grant number: DP160102277 | Funding period: 2016 - 2020

Active

Abstract

This project aims to help organisations to protect their information resources from complex and evolving information security threats. This is highly significant for organisations; evidence shows that despite financing information security programs, the incidence of information security breaches is still increasing. To address this issue, the project plans to use a security learning process model which will be refined through a series of action research cycles. The model incorporates security lessons and insights learnt from incidents into routine security practices. By institutionalising lessons learnt from security incidents, organisations may be able to apply more effective and adaptive s..

View full description

Related publications (4)

How integration of cyber security management and incident response enables organizational learning

Atif Ahmad, Kevin C Desouza, Sean B Maynard, Humza Naseer, Richard L Baskerville

2019-10-23

Digital assets of organizations are under constant threat from a wide assortment of nefarious actors. When threats materialize, th..

Strategically-motivated advanced persistent threat: Definition, process, tactics and a disinformation model of counterattack

Atif Ahmad, Jeb Webb, Kevin C Desouza, James Boorman

2019-09-01

Advanced persistent threat (APT) is widely acknowledged to be the most sophisticated and potent class of security threat. APT refe..

Cybersecurity Risk Management Using Analytics: A Dynamic Capabilities Approach

Humza Naseer, A Ahmad, Sean Maynard, Graeme Shanks

2018-01-01

The modern enterprise uses risk-driven and control-centered security management systems to protect information resources and susta..

Organizational Security Learning from Incident Response

J Webb, A Ahmad, SB Maynard, R Baskerville, G Shanks

2017-01-01

Researchers

Sean Maynard

Atif Ahmad

Enhancing information security management through organisational learning

Abstract

Related publications (4)

How integration of cyber security management and incident response enables organizational learning

Strategically-motivated advanced persistent threat: Definition, process, tactics and a disinformation model of counterattack

Cybersecurity Risk Management Using Analytics: A Dynamic Capabilities Approach

Organizational Security Learning from Incident Response

Researchers

STUDY AT MELBOURNE

ABOUT US

CONTACT & MAPS

ALUMNI & FRIENDS

RESEARCH

ENGAGEMENT