An Integrated Framework for Managing Information Technology Security Uncertainty
Abstract
Information security to date has been driven a lot of attention in business world. The cyber security standards play significant and crucial role in promoting feasible approaches to organizations while making comprehensive strategical planning. This paper aims at providing a systematic overview of information technology (IT) security management in organizations. Conducted a structured literature from academic database and industry whitepapers, we review a number of the critical issues and challenges facing the industry today and in the future. In line with the fundamental elements of information security, we propose an integrated framework to understand the current situation of IT security management. In particular, we focus on several critical fundamental functions of IT security management: Security and Risk Management, Security Operations, and Security Assessments and Testing. Then, we use the proposed framework as a lens to discuss and solve the security issues in bring your own device (BYOD) in organizations.
Keywords: IT security, IT security framework, bring your own device
DOI: 10.7176/EJBM/12-18-01
Publication date:June 30th 2020
To list your conference here. Please contact the administrator of this platform.
Paper submission email: EJBM@iiste.org
ISSN (Paper)2222-1905 ISSN (Online)2222-2839
Please add our address "contact@iiste.org" into your email contact list.
This journal follows ISO 9001 management standard and licensed under a Creative Commons Attribution 3.0 License.
Copyright © www.iiste.org