An Integrated Framework for Managing Information Technology Security Uncertainty

Weian Wang, Li Luo

Abstract


Information security to date has been driven a lot of attention in business world. The cyber security standards play significant and crucial role in promoting feasible approaches to organizations while making comprehensive strategical planning. This paper aims at providing a systematic overview of information technology (IT) security management in organizations. Conducted a structured literature from academic database and industry whitepapers, we review a number of the critical issues and challenges facing the industry today and in the future. In line with the fundamental elements of information security, we propose an integrated framework to understand the current situation of IT security management. In particular, we focus on several critical fundamental functions of IT security management: Security and Risk Management, Security Operations, and Security Assessments and Testing. Then, we use the proposed framework as a lens to discuss and solve the security issues in bring your own device (BYOD) in organizations.

Keywords: IT security, IT security framework, bring your own device

DOI: 10.7176/EJBM/12-18-01

Publication date:June 30th 2020


Full Text: PDF
Download the IISTE publication guideline!

To list your conference here. Please contact the administrator of this platform.

Paper submission email: EJBM@iiste.org

ISSN (Paper)2222-1905 ISSN (Online)2222-2839

Please add our address "contact@iiste.org" into your email contact list.

This journal follows ISO 9001 management standard and licensed under a Creative Commons Attribution 3.0 License.

Copyright © www.iiste.org