Journal article

How integration of cyber security management and incident response enables organizational learning

Atif Ahmad, Kevin C Desouza, Sean B Maynard, Humza Naseer, Richard L Baskerville

JOURNAL OF THE ASSOCIATION FOR INFORMATION SCIENCE AND TECHNOLOGY | WILEY | Published : 2019

DOI: 10.1002/asi.24311

Download PDF

Abstract

Digital assets of organizations are under constant threat from a wide assortment of nefarious actors. When threats materialize, the consequences can be significant. Most large organizations invest in a dedicated information security management (ISM) function to ensure that digital assets are protected. The ISM function conducts risk assessments, develops strategy, provides policies and training to define roles and guide behavior, and implements technological controls such as firewalls, antivirus, and encryption to restrict unauthorized access. Despite these protective measures, incidents (security breaches) will occur. Alongside the security management function, many organizations also retai..

View full abstract

Related Projects (1)

Project icon

Enhancing information security management through organisational learning

This project aims to help organisations to protect their information resources from complex and evolving information security threats. This ..

Grants

Awarded by Australian Research Council

Funding Acknowledgements

Australian Research Council, Grant/Award Number: DP160102277

Citation metrics

1Web of Science

Keywords

Science & Technology
Information-Systems
Computer Science, Information Systems
Framework
Perspective
Risk
Technology
Information Science & Library Science
Teams
Computer Science