Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trust, Privacy and Security in Digital Business

TrustBus 2009: Trust, Privacy and Security in Digital Business pp 95–104Cite as

Steering Security through Measurement

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5695))

Abstract

This paper presents the results of a security management survey of IT administrators from small and medium sized enterprises (SMEs) who ranked predefined Critical Success Factors (CSFs) and Indicators. The outcome of this study relies on the development of a set of security management guidelines that allows IT administrators to adopt assessment and managerial security routines. The secondary contribution relies on allowing IT administrators to establish a culture of implementing and tracking the effectiveness of technical and non-technical security controls. The survey results describe how IT administrators would like the most critical aspects of security to evolve.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Torres, J.M.: ISSMF. An Information System Security Management Framework for SMEs. In: TECNUN. University of Navarra, Donostia (2007)

    Google Scholar 

  2. Sademies, A.: Process Approach to Information Security Metrics in Finnish Industry and State Institutions. Espoo (2004)

    Google Scholar 

  3. Santos, J., Sarriegi, J.M., Torres, J.M., Serrano, N.: Empirical study of the Information Systems Security Management in Basque Country SMEs. In: Proceedings of the 8th International Conference of the DS - IESE, pp. 884–893 (2005)

    Google Scholar 

  4. Berinato, S., Cosgrove, L.: Six Secrets of Highly Secure Organizations. CIO magazine (2004)

    Google Scholar 

  5. Theoharidou, M., Kokolakis, S., Karyda, M., Kiountouzis, E.: The insider threat to information systems and the effectiveness of ISO17799. Computers & Security 24, 472–484 (2005)

    Article  Google Scholar 

  6. Dhillon, G., Moores, S.: Computer crimes: theorizing about the enemy within. Computers & Security 20, 715–723 (2001)

    Article  Google Scholar 

  7. Mitnick, K.: The Art of Deception. Indianapolis. John Wiley Inc., Indiana (2002)

    Google Scholar 

  8. Schneier, B.: Beyond Fears. Copernicus Book ed., New York (2003)

    Google Scholar 

  9. Caralli, R.A.: The Critical Success Factor Method: Establishing a Foundation for Enterprise Security Management, Report CMU/SEI-2004-TR-010 (2004)

    Google Scholar 

  10. Dojkovski, S., Lichtenstein, S., Warren, M.J.: Fostering Information Security Culture in Small and Medium Size Enterprises: An Interpretive Study in Australia. In: Proceedings of the Fifteenth European Conference on Information Systems, St. Gallen, Switzerland, pp. 1560–1571 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Tecnun, University of Navarra, Spain

    Jose M. Torres, Jose M. Sarriegi, Josune Hernantes & Ana Lauge

Authors
  1. Jose M. Torres
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jose M. Sarriegi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Josune Hernantes
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ana Lauge
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Karlstad University, Universitetsgatan 2, 651 88, Karlstad, Sweden

    Simone Fischer-Hübner

  2. Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, University of the Aegean, 83200, Karlovassi, Samos, Greece

    Costas Lambrinoudakis

  3. Department of Management Information Systems, University of Regensburg, Universitätsstraße 31, 93053, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Torres, J.M., Sarriegi, J.M., Hernantes, J., Lauge, A. (2009). Steering Security through Measurement. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2009. Lecture Notes in Computer Science, vol 5695. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03748-1_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03748-1_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03747-4

  • Online ISBN: 978-3-642-03748-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation