Welcome to the InfoSci Platform
Reference Hub1
Information Security Management: A Case Study in a Portuguese Military Organization

Information Security Management: A Case Study in a Portuguese Military Organization

José Martins, Henrique dos Santos, António Rosinha, Agostinho Valente
Copyright: © 2013 |Volume: 3 |Issue: 3 |Pages: 17
ISSN: 1947-3435|EISSN: 1947-3443|EISBN13: 9781466633308|DOI: 10.4018/ijcwt.2013070103
Cite Article Cite Article

MLA

Martins, José, et al. "Information Security Management: A Case Study in a Portuguese Military Organization." IJCWT vol.3, no.3 2013: pp.32-48. http://doi.org/10.4018/ijcwt.2013070103

APA

Martins, J., dos Santos, H., Rosinha, A., & Valente, A. (2013). Information Security Management: A Case Study in a Portuguese Military Organization. International Journal of Cyber Warfare and Terrorism (IJCWT), 3(3), 32-48. http://doi.org/10.4018/ijcwt.2013070103

Chicago

Martins, José, et al. "Information Security Management: A Case Study in a Portuguese Military Organization," International Journal of Cyber Warfare and Terrorism (IJCWT) 3, no.3: 32-48. http://doi.org/10.4018/ijcwt.2013070103

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

The authors present a Case Study conducted in a Portuguese military organization, to answer the following research questions: (1) what are the most relevant dimensions and categories of information security controls applied in military organizations? (2) What are the main scenarios of information security incidents that are expected to occur? (3) What is the decision process used for planning and selection information security controls? This study reveals that: (1) information security within the military organization is built on the basis of physical and human attack vectors, and targeting the infrastructure that supports the flow of information in the organization; (2) the information security controls applied in the military organization are included in ISO/IEC 27001; (3) planning and selection of applied information security controls are made by decision makers and information security specialists. It appears that specialists impose their planning options essentially seeking to select and retrieve past successful information security cases.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.