research-article

Free access

Improved security through information security governance

Authors:

Allen C. Johnston,

Ron HaleAuthors Info & Claims

Communications of the ACM, Volume 52, Issue 1

Pages 126 - 129

https://doi.org/10.1145/1435417.1435446

Published: 01 January 2009 Publication History

All formats PDF

References

[1]

CIMA/IFAC. Enterprise governance: Getting the balance right, www.cimaglobal.com/downloads/enterprise_governance.pdf, (Jan. 11, 2005).

Google Scholar

[2]

Gordon, A. L., Loeb, P. M., Lucyshyn, W., and Richardson, R. 2005 CSI/FBI computer crime and security survey. Computer Security Institute (2005). 1--26.

Google Scholar

[3]

Hambrick, D. C. and Mason, P. A. Upper echelons: The organization as a reflection of its top managers. Academy of Management Review 9, 2, (1984), 193--206.

Crossref

Google Scholar

[4]

IT Governance Institute. Information security governance: Guidance for boards of directors and executive management, www.isaca.org/Template.cfm?Section=Home&Template=/ContentManagement/ContentDisplay.cfm&ContentID=24572. (July 7, 2006)

Google Scholar

[5]

Siponen, M. T. A conceptual foundation for organizational information security awareness. Information Management & Computer Security 8,1 (2000), 31--41.

Crossref

Google Scholar

[6]

Straub, D. W., and Welke, R. J. Coping with systems risk: Security planning models for management decision making. MIS Quarterly 22, 4 (1998), 441--469.

Digital Library

Google Scholar

[7]

Warkentin, M., and Johnston, A. C. IT governance and organizational design for security management. Chapter 3 in Baskerville, R., Goodman S., and Straub, D. W. (Eds.). Information Security Policies and Practices, M.E. Sharpe, 2006.

Google Scholar

[8]

Whitman, M. E. Enemy at the gate: Threat to information security. Communications of the ACM 46, 3 (2003), 91--95.

Digital Library

Google Scholar

Cited By

View all

Almuqrin A(2024)How About Enhancing Organizational SecurityJournal of Global Information Management10.4018/JGIM.35874532:1(1-18)Online publication date: 7-Nov-2024
https://dl.acm.org/doi/10.4018/JGIM.358745
Rao MAl-Obaidi J(2024)Embracing How AI Responsibly Empowers Students and Faculty in Higher EducationEmerging Technologies Transforming Higher Education10.4018/979-8-3693-3904-6.ch001(1-32)Online publication date: 29-Nov-2024
https://doi.org/10.4018/979-8-3693-3904-6.ch001
Tenzin SMcGill TDixon M(2024)An Investigation of the Factors That Influence Information Security Culture in Government Organizations in BhutanJournal of Global Information Technology Management10.1080/1097198X.2023.229763427:1(37-62)Online publication date: 27-Jan-2024
https://doi.org/10.1080/1097198X.2023.2297634
Show More Cited By

Index Terms

Improved security through information security governance

Recommendations

Information security governance: integrating security into the organizational culture
GTIP '10: Proceedings of the 2010 Workshop on Governance of Technology, Information and Policies

We finally got what we wished for: executive managers are aware of the need to protect their organizational data. However, we still have problems; for example, database breaches, stolen passwords and identity theft continue to be major issues. Aside ...
Information security governance framework
WISG '09: Proceedings of the first ACM workshop on Information security governance

Many companies, especially Japanese companies, have implemented information security with bottom up approach, starting from implementing piece by piece security controls. As increase the number of information security incidents and spread its impact, ...
An Information Security Governance Framework

Information security culture develops in an organization due to certain actions taken by the organization. Management implements information security components, such as policies and technical security measures with which employees interact and that ...

Comments

Information & Contributors

Information

Published In

Communications of the ACM Volume 52, Issue 1

Rural engineering development

January 2009

125 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/1435417

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2009

Published in CACM Volume 52, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Popular
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

55
Total Citations
View Citations
4,377
Total Downloads

Downloads (Last 12 months)1,069
Downloads (Last 6 weeks)119

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Almuqrin A(2024)How About Enhancing Organizational SecurityJournal of Global Information Management10.4018/JGIM.35874532:1(1-18)Online publication date: 7-Nov-2024
https://dl.acm.org/doi/10.4018/JGIM.358745
Rao MAl-Obaidi J(2024)Embracing How AI Responsibly Empowers Students and Faculty in Higher EducationEmerging Technologies Transforming Higher Education10.4018/979-8-3693-3904-6.ch001(1-32)Online publication date: 29-Nov-2024
https://doi.org/10.4018/979-8-3693-3904-6.ch001
Tenzin SMcGill TDixon M(2024)An Investigation of the Factors That Influence Information Security Culture in Government Organizations in BhutanJournal of Global Information Technology Management10.1080/1097198X.2023.229763427:1(37-62)Online publication date: 27-Jan-2024
https://doi.org/10.1080/1097198X.2023.2297634
Xu FHsu CWang TLowry P(2023)The antecedents of employees' proactive information security behaviour: The perspective of proactive motivationInformation Systems Journal10.1111/isj.1248834:4(1144-1174)Online publication date: 22-Nov-2023
https://doi.org/10.1111/isj.12488
Shaikh FSiponen M(2023)Information security risk assessments following cybersecurity breachesComputers and Security10.1016/j.cose.2022.102974124:COnline publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1016/j.cose.2022.102974
Cheng EWang T(2022)Institutional Strategies for Cybersecurity in Higher Education InstitutionsInformation10.3390/info1304019213:4(192)Online publication date: 12-Apr-2022
https://doi.org/10.3390/info13040192
Pollini ACallari TTedeschi ARuscio DSave LChiarugi FGuerri D(2022)Leveraging human factors in cybersecurity: an integrated methodological approachCognition, Technology and Work10.1007/s10111-021-00683-y24:2(371-390)Online publication date: 1-May-2022
https://dl.acm.org/doi/10.1007/s10111-021-00683-y
Oliveira IDrumond GMéxas M(2021)Governança De Segurança Da Informação Na Indústria De Energia Elétrica: Revisão BibliográficaRevista Científica Multidisciplinar Núcleo do Conhecimento10.32749/nucleodoconhecimento.com.br/tecnologia/governanca-de-seguranca(64-88)Online publication date: 3-May-2021
https://doi.org/10.32749/nucleodoconhecimento.com.br/tecnologia/governanca-de-seguranca
Barlette YJaouen A(2020)Information security in SMEs: determinants of CEOs’ protective and supportive behaviorsSystèmes d'information & management10.3917/sim.193.0007Volume 24:3(7-40)Online publication date: 21-Jan-2020
https://doi.org/10.3917/sim.193.0007
Schinagl SShahim A(2020)What do we know about information security governance?Information & Computer Security10.1108/ICS-02-2019-003328:2(261-292)Online publication date: 25-Jan-2020
https://doi.org/10.1108/ICS-02-2019-0033
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Magazine Site

View this article on the magazine site (external)

Magazine Site

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

References

Cited By

Index Terms

Recommendations

Information security governance: integrating security into the organizational culture

Information security governance framework

An Information Security Governance Framework

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Magazine Site

Login options

Full Access

Share

Share this Publication link

Share on social media

Affiliations