To ensure business continuity the security of corporate information is extremely important. Previous studies have shown that corporate information is vulnerable to security attacks. Companies are losing money through security breaches. This paper describes an MSc project that aimed to investigate the issues surrounding corporate information security management. Postal questionnaires and telephone interviews were used. Findings indicate that companies are not proactively tackling information security management and thus are not prepared for security incidents when they occur. Reasons for this lack of action include: awareness of information security threats is restricted; management and awareness of information security is concentrated around the IT department; electronic information is viewed as an intangible business asset; potential security risks of Internet access have not been fully assessed; and surveyed companies have not yet encountered security problems, and therefore are unprepared to invest in security measures. The recommendations include that companies: carry out a formal risk analysis; move information security management from being an IT‐centric function; and alter perceptions towards electronic information so that information is viewed as a valuable corporate asset.
Article navigation
Research Article|
September 01 1999
Corporate information security management Available to Purchase
Ruth C. Mitchell;
Ruth C. Mitchell
Consultant in the e‐business group of Computacenter, London, UK
Search for other works by this author on:
Rita Marcella;
Rita Marcella
Reader and the Deputy Head of School at the School of Information and Media, The Robert Gordon University, Aberdeen, UK
Search for other works by this author on:
Graeme Baxter
Graeme Baxter
Research Assistant within the School of Information and Media, The Robert Gordon University, Aberdeen, UK
Search for other works by this author on:
Publisher: Emerald Publishing
Online ISSN: 1758-6909
Print ISSN: 0307-4803
© MCB UP Limited
1999
New Library World (1999) 100 (5): 213–227.
Citation
Mitchell RC, Marcella R, Baxter G (1999), "Corporate information security management". New Library World, Vol. 100 No. 5 pp. 213–227, doi: https://doi.org/10.1108/03074809910285888
Download citation file:
Sign in
Don't already have an account? Register
ICE Member Sign In
Log inPurchased this content as a guest? Enter your email address to restore access.
Please enter valid email address.
Email address must be 94 characters or fewer.
Pay-Per-View Access
$39.00
Rental
This article is also available for rental through DeepDyve.
852
Views
Suggested Reading
Internet Guide to Food Safety and Security
Online Information Review (May,2006)
Electronic Resources: : Access and Issues
Asian Libraries (February,1999)
Wikipedia: The Free Encyclopedia
Reference Reviews (June,2002)
The 1st Electronic Resources and Libraries Conference: A Report
Library Hi Tech News (June,2006)
Handbook of Electronic and Digital Acquisitions
Library Review (May,2007)
Related Chapters
Concept Designs of Patient Information Security Using e-Health Sensor Shield Platform on Blockchain Infrastructure
Proceedings of MICoMS 2017
Digital Behaviors and People Risk: Challenges for Risk Management
Social Media in Strategic Management
Adapting Information Security Policy Messaging Styles to the Targeted Audience
Digital Transformation, Strategic Resilience, Cyber Security and Risk Management
Recommended for you
These recommendations are informed by your reading behaviors and indicated interests.
