A situation awareness model for information security risk management

Jeb Webb; Atif Ahmad; Sean B. Maynard; Graeme Shanks

首页> 外文期刊>Computers & Security >A situation awareness model for information security risk management

【24h】

A situation awareness model for information security risk management

机译：信息安全风险管理的态势感知模型

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Information security risk management (ISRM) is the primary means by which organizations preserve the confidentiality, integrity and availability of information resources. A review of ISRM literature identified deficiencies in the practice of information security risk assessment that inevitably lead to poor decision-making and inadequate or inappropriate security strategies. In this conceptual paper, we propose a situation aware ISRM (SA-ISRM) process model to complement the information security risk management process. Our argument is that the model addresses the aforementioned deficiencies through an enterprise-wide collection, analysis and reporting of risk-related information. The SA-ISRM model is adapted from Endsley's situation awareness model and has been refined using our findings from a case study of the US national security intelligence enterprise.

机译：信息安全风险管理（ISRM）是组织维护信息资源的机密性，完整性和可用性的主要方法。对ISRM文献的回顾指出了信息安全风险评估实践中的缺陷，这些缺陷不可避免地导致决策不力以及安全策略不足或不适当。在此概念文件中，我们提出了一种情境感知ISRM（SA-ISRM）流程模型，以补充信息安全风险管理流程。我们的观点是，该模型通过在企业范围内收集，分析和报告与风险相关的信息来解决上述缺陷。 SA-ISRM模型是根据Endsley的态势感知模型改编而成，并使用我们从美国国家安全情报企业的案例研究中得到的结果进行了完善。

著录项

来源
《Computers & Security》 |2014年第7期|1-15|共15页
作者
Jeb Webb; Atif Ahmad; Sean B. Maynard; Graeme Shanks;
展开▼
作者单位

Department of Computing and Information Systems, Melbourne School of Engineering, University of Melbourne, Victoria 3172, Australia;

Department of Computing and Information Systems, Melbourne School of Engineering, University of Melbourne, Victoria 3172, Australia;

Department of Computing and Information Systems, Melbourne School of Engineering, University of Melbourne, Victoria 3172, Australia;

Department of Computing and Information Systems, Melbourne School of Engineering, University of Melbourne, Victoria 3172, Australia;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Information security management; Information security risk management; Information security intelligence; Information security compliance; Information security investigation; Evidence-based information security; Situation awareness; Situation awareness theory;

机译：信息安全管理;信息安全风险管理;信息安全情报;信息安全合规性;信息安全调查;循证信息安全;态势感知;态势感知理论;
入库时间 2022-08-18 02:11:47

相似文献

外文文献
中文文献
专利

1. Relating Wiener's cybernetics aspects and a situation awareness model implementation for information security risk management [J] . Anjaria Kushal, Mishra Arun Kybernetes: The International Journal of Systems & Cybernetics . 2018,第1期

机译：有关Wiener的控制论方面和信息认证风险管理的情况
2. Exploring MSMEs Cybersecurity Awareness and Risk Management : Information Security Awareness [J] . Yerik Afrianto Singgalen, Hindriyanto Dwi Purnomo, Irwan Sembiring Indonesian Journal of Computing and Cybernetics Systems . 2021,第3期

机译：探索MSMES网络安全意识和风险管理：信息安全意识
3. Security Situation Awareness and Situation Information Generation based on Spatial Linkage of Physical and IT Security [J] . Hyeonkoo Cho, Jungchan Na International journal of computer science and network security . 2011,第1期

机译：基于物理与IT安全空间链接的安全态势感知和态势信息生成
4. A Network Security Situation Awareness Model Based on Risk Assessment [C] . Yixian Liu, Dejun Mu Euro-China Conference on Intelligent Data Analysis and Applications . 2019

机译：基于风险评估的网络安全状况提高型号
5. Situation awareness of fall risks in community dwelling older adults. [D] . Hall, Elizabeth Goodall. 2016

机译：社区居民老年人跌倒风险的态势感知。
6. Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective [O] . Mookyu Park, Haengrok Oh, Kyungho Lee 2019

机译：从情境感知角度衡量基于物联网的智能家居中信息泄漏的安全风险度量
7. From Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective Analysis [O] . Huynen, Jean-Louis, Lenzini, Gabriele 2017

机译：从形势意识到行动：用于社会技术安全回顾和前瞻性分析的信息安全管理工具包

A situation awareness model for information security risk management

摘要

著录项

相似文献

相关主题

期刊订阅