We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Information security strategies: towards an organizational multi-strategy perspective.
- Authors
Ahmad, Atif; Maynard, Sean; Park, Sangseo
- Abstract
There considerable advice in both research and practice oriented literature on the topic of information security. Most of the discussion in literature focuses on how to prevent security attacks using technical countermeasures even though there are a number of other viable strategies such as deterrence, deception, detection and response. This paper reports on a qualitative study, conducted in Korea, to determine how organizations implement security strategies to protect their information systems. The findings reveal a deeply entrenched preventive mindset, driven by the desire to ensure availability of technology and services, and a comparative ignorance of exposure to business security risks. Whilst there was some evidence of usage of other strategies, they were also deployed in a preventive capacity. The paper presents a research agenda that calls for research on enterprise-wide multiple strategy deployment with a focus on how to combine, balance and optimize strategies.
- Subjects
COMPUTER security; DATA security; ACCESS to information; DATABASE management; DATABASE security
- Publication
Journal of Intelligent Manufacturing, 2014, Vol 25, Issue 2, p357
- ISSN
0956-5515
- Publication type
Article
- DOI
10.1007/s10845-012-0683-0