Identifying gaps in IT retail Information Security policy implementation processes

机译：识别IT零售信息安全策略实施过程中的空白

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

With a considerable amount of support in literature, there is no doubt that the human factor is a major weakness in preventing Information Security (IS) breaches. The retail industry is vulnerable to human inflicted breaches due to the fact that hackers rely on their victims' lack of security awareness, knowledge and understanding, security behavior and the organization's inadequate security measures for protecting itself and its clients. The true level of security in technology and processes relies on the people involved in the use and implementation thereof [1]. Therefore, the implementation of IS requires three elements namely: human factors, organizational aspects and technological controls [2]. All three of these elements have the common feature of human intervention and therefore security gaps are inevitable. Each element also functions as both security control and security vulnerability. The paper addresses these elements and identifies the human aspect of each through current and extant literature which spawns new human-security elements. The purpose of this research is to provide evidence that the IT sector of the South African retail industry is vulnerable to the human factor as a result of the disregard for human-security elements. The research points out that the IT sector of the South African retail industry is lacking trust and does not pay adequate attention to security awareness and awareness regarding security accountability. Furthermore, the IT sector of the South African retail industry is lacking: 1) IS policies, 2) process and procedure documentation for creating visibility, and 3) transparency necessary to promote trust. These findings provide support that the identified gaps, either directly or indirectly, relate to trust, and therefore, might be major contributing factors to the vast number of breaches experienced in the South African retail industry. These findings may also provide valuable insight into combatting the human factor of IS w- thin the IT sector, irrespective of industry, which choose to follow an IS model built on the foundation of trust.

机译：在文献中具有相当大的支持，毫无疑问，人类因素是防止信息安全（是）违规行为的重大弱点。由于黑客依赖于受害者缺乏安全意识，知识和理解，安全行为以及该组织的安全措施，因此零售业易受人类造成的违规行为造成的危害造成的违规行为造成的危害。技术和过程中的真正安全水平依赖于参与使用和实施的人[1]。因此，实施是需要三个元素：人为因素，组织方面和技术控制[2]。所有三个元素都有人为干预的共同特征，因此安全差距是不可避免的。每个元素还用作安全控制和安全漏洞。本文解决了这些元素，并通过当前和现存文献来识别每个人的人为方面，这些内容产生了新的人力安全元素。本研究的目的是提供证据表明，由于人类安全元素无视，南非零售业的IT部门易受人类因素受到影响。该研究指出，南非零售业的IT部门缺乏信任，并没有足够的关注安全责任的安全意识和认识。此外，南非零售业的IT部门缺乏：1）是政策，2）制造知名度的过程和程序文件，以及促进信任所需的透明度。这些调查结果提供了支持，即直接或间接相关的识别差距与信任，因此可能是南非零售业的广大违规行为的主要因素。这些发现还可以提供有价值的洞察，而是反对IT部门的人类因素，而不管行业如何遵循一个基于信任基础的模型。

著录项

来源
《International Conference on Information Security and Cyber Forensics》|2015年||共8页
会议地点
作者
Ileen E. van Vuuren; Elmarie Kritzinger; Conrad Mueller;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类安全保密;
关键词
ability; acceptance; accountability; benevolence; collaboration; communication; human factor; integrity; knowledge; management workflows; organizational aspects; policies; procedures; retail industry; security awareness; social engineering; technological controls; training; transparency; trust; trust factors; understanding; visibility;

机译：能力;接受;责任;仁慈;合作;沟通;诚信;管理工作流程;组织方面;政策;零售业;安全意识;技术控制;培训;透明;信任;信任;理解;可见性;

相似文献

外文文献
中文文献
专利

1. Commentary: "Is the gap in policy processes towards better food security and nutrition interventions mainly a gap between knowledge and action?". [J] . Schuftan C Ecology of Food and Nutrition . 2006,第4期

机译：评论：“在改善粮食安全和营养干预措施的政策过程中的差距是否主要是知识与行动之间的差距？”。
2. Mobile app to identify gaps in implementation and provide evidences for effective policy change [J] . S Cyril Alexander, Regina Anthony Tobacco Induced Diseases . 2018,第1期

机译：移动应用程序可识别实施中的差距并为有效的政策变更提供证据
3. Identifying implementation gaps in water recycling policy of Beijing municipality [J] . Danielle Neighbour, Ye Qi 中国人口·资源与环境（英文版） . 2018,第004期

机译：找出北京市水循环利用政策中的实施差距
4. Identifying gaps in IT retail Information Security policy implementation processes [C] . Ileen E. van Vuuren, Elmarie Kritzinger, Conrad Mueller 2015 Second International Conference on Information Security and Cyber Forensics . 2015

机译：找出IT零售信息安全策略实施流程中的差距
5. Why Are Non-Malicious Employees Non-Compliant: Guidance for Identifying Employee Negligence and Implementing Information Security Policies to Reduce Employees Inadvertently Becoming Insider Threats [D] . Brown, Andrew. 2020

机译：为什么非恶意员工不符合规定：确定员工疏忽和实施信息安全政策的指导，以减少员工无意中成为内部威胁
6. Gap analysis for drug development policy-making: An attempt to close the gap between policy and its implementation [O] . Ria Christine Siagian, Dumilah Ayuningtyas 2012

机译：药物开发政策制定的差距分析：试图缩小政策与其实施之间的差距
7. ABSTRACT Various body parts or organs can be analysed to identify the different diseases in the human body. Fingernail analysis is one of the ways to identify disease in the human body. Nails are the body part which are farthest from the heart and therefore receive oxygen at last. As a result the nails are the first who show the symptoms of a disease in the human body. Fingernails can be easily captured for diagnosis and there are no heavy equipment or no specific conditions required to use nail image for disease diagnosis, like in other tests and scanning processes. Human nails deliver beneficial information about complaints or any nutritive imbalances in the human body depending upon their shape, texture and colour. In human beings, numerous systemic and skin diseases can be easily analyzed through careful examination of nails of both the limbs. A lot of nail illnesses have been found to be primary signs of numerous underlying systemic illnesses. The colour, texture or shape changes in nails are signs of many diseases mainly affecting nails. Considering all these properties of nails a system is proposed that uses digital image processing (DIP) methods for identifying such changes in the human nail to get more precise results and predict numerous diseases effortlessly. With the emerging Internet of Things (IOT) concept the generated report is made available remotely, this will help users to reduce transportation efforts. As the system has to deal with large and private data, the security of data must be ensured. To keep the data confidential, the Blockchain concept which is one of the most emerging concepts in the field of data management is used. The paper contains the implementation of the digital image processing for feature extraction of nail images, usage of IOT (ThingSpeak cloud) for data storage and implementation of Blockchain to keep the system secured and theft free. KEY WORDS: Int ernet of thin gs (IOT), Image proc essin g, Thin gSpeak, RG B vavalues, Mean pi xel vavalues, Bloc kchain , Hash key. Disease Diagnostic System: Abnormalities in Human Nail [O] . Pranav S. Wazarkar 2020

机译：摘要的各个身体部位或器官可被分析以识别在人体内的不同的疾病。指甲分析来识别人体疾病的方法之一。指甲是身体一部分是离心脏最远，因此在最后接受氧气。作为结果，指甲是第一谁表现出人体疾病的症状。指甲可以容易地捕获用于诊断和没有重装或需要使用指甲图像用于疾病诊断，比如在其他测试和扫描过程没有特定的条件。人的指甲提供有关投诉或取决于它们的形状，纹理和色彩在人体内的任何营养失衡有益的信息。在人类中，许多全身性皮肤疾病是可以很容易地通过两个四肢指甲的仔细检查分析。很多指甲病已发现众多潜在系统性疾病的主要症状。在指甲的颜色，质地和形状的变化是许多疾病主要影响指甲的迹象。考虑到所有的指甲的这些性能的系统被提出，用于识别人指甲这样的变化以获得更精确的结果，并毫不费力预测许多疾病用途的数字图像处理（DIP）方法。随着物联网（IOT）的概念，新兴的互联网将生成的报告提供远程，这将帮助用户降低运输工作。由于系统必须处理大量的私人数据，数据的安全性必须得到保证。为了保持数据的机密性，使用Blockchain的概念，它是在数据管理领域的大多数新兴的概念之一。本文包含了数字图像处理的指甲图像，IOT（ThingSpeak云）的使用为数据存储和执行Blockchain的特征提取的执行，以保持固定的系统和盗窃免费。关键词：诠释薄GS（IOT），图像的ERNET PROC essin克，薄型gSpeak，RG乙vavalues，平均数PI XEL vavalues，阵营kchain，哈希密钥。疾病诊断系统：在人类指甲异常

Identifying gaps in IT retail Information Security policy implementation processes

摘要

著录项

相似文献

相关主题

期刊订阅