... attribution to the original publication and authors. The full terms of this licence maybe seen at Link to the terms of the CC BY 4.0 licence. Information security management Cybersecurity governance Cyber resilience E-government NIST CSF ISO/IEC 27001 COBIT 2019 South Africa...

... and Ajzen, 1975). Information Security Awareness is suggested to affect beliefs about outcomes, in line with the TPB (Albarracin and Ajzen, 2007), and directly impact an employee’s compliance attitude, as outlined in Rogers’ theory (Rogers, 2003). Information security awareness Information security...

... to do new types of studies, such as evaluating the software's effectiveness in the ISP development process. Practical implications Practitioners can use the model to develop software that assist information security managers in designing tailored ISPs. Such a tool can offer the opportunity...

... Publishing Limited 2021 Emerald Publishing Limited Licensed re-use rights only Information security Incident management National cybersecurity Information security management Collaborative approach Incident handling and response Globally, attackers have evolved sophisticated methods...

..., implemented as five iterations spanning the years 2013 to 2019. Findings The paper presents a method for information classification and the design principles underpinning the method. The empirical demonstration shows that senior and novice information security managers perceive the method as a useful tool...

... with the assigned policies to provide bespoke awareness content based on the user’s current needs. Findings A novel framework was proposed for improving information security management and awareness for home users. In addition, a mock-up design was developed to simulate the proposed approach to visualise...

...Muhamad Khairulnizam Zaini; Mohamad Noorman Masrek; Mad Khir Johari Abdullah Sani Purpose This study aims to determine the extent to which information security management (ISM) practices impact the organisational agility by examining the relationship between both concepts. Design/methodology...

.... An information security policy is considered to be the cornerstone of information security management and an organisational approach that mitigates potential threats from employees in relation to dealing with information assets in a secure manner (Peltier, 2016). In the workplace, all employees should be made...

...-sized enterprises in Turkey has been presented in Yildirim et al. (2011) . In Ku et al. (2009) , the current status of information security policy of the Taiwanese Government along with an example of governmental institutions that self-adopted the information security management...

...Cindy Zhiling Tu; Yufei Yuan; Norm Archer; Catherine E. Connelly Purpose Effective information security management is a strategic issue for organizations to safeguard their information resources. Strategic value alignment is a proactive approach to manage value conflict in information security...

... known in the domains of information security management, software engineering and project management to address the identified needs. Findings – The HCS-IF components and controls collectively interact and cooperate to implement CSSs. The proposed framework is compared with other related...

...-sensitive. This is primarily because of the subjectivity involved in assigning impact measures and initial values. Practical implications – This work helps in answering two difficult questions in information security management: “what to measure?” and “how to quantify the overall security assurance...

.../methodology/approach An explorative study of large multinational or local organizations operating in Finland was conducted. In total, 18 IT and information security managers were interviewed with semi‐structured questions. Findings First, the author discovered that several methods such as contracts...

...Raydel Montesino; Stefan Fenz; Walter Baluja Purpose The purpose of this paper is to propose a framework for security controls automation, in order to achieve greater efficiency and reduce the complexity of information security management. Design/methodology/approach This research reviewed...

... most deadly sins of information security management (vonSolms and von Solms, 2004). All the existing information security standards while stressing on the importance of a security policy differ much as to the scope and depth of details to be included in such a document. A statement specifying...