You are previewing IT Security Governance Innovations.
O'Reilly logo
IT Security Governance Innovations

Book Description

Information technology in the workplace is vital to the management of workflow in the company; therefore, IT security is no longer considered a technical issue but a necessity of an entire corporation. The practice of IT security has rapidly expanded to an aspect of Corporate Governance so that the understanding of the risks and prospects of IT security are being properly managed at an executive level. IT Security Governance Innovations: Theory and Research provides extraordinary research which highlights the main contributions and characteristics of existing approaches, standards, best practices, and new trends in IT Security Governance. With theoretical and practical perspectives, the book aims to address IT Security Governance implementation in corporate organizations. This collection of works serves as a reference for CEOs and CIOs, security managers, systems specialists, computer science students, and much more.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Editorial Advisory Board and List of Reviewers
    1. EDITORIAL ADVISORY BOARD
    2. LIST OF REVIEWERS
  5. Foreword
  6. Preface
    1. GENERAL PICTURE OF INFORMATION TECHNOLOGY GOVERNANCE
    2. OVERVIEW OF INFORMATION SECURITY GOVERNANCE
    3. AIMS OF THIS BOOK
    4. ORGANIZATION OF THIS BOOK
  7. Acknowledgment
  8. Section 1: IT Security Governance Landscape
    1. Chapter 1: Overview of Key Information Security Governance Frameworks
      1. ABSTRACT
      2. INTRODUCTION
      3. INFORMATION SECURITY GOVERNANCE APPROACHES
      4. COMPARATIVE ANALYSIS
      5. CONCLUSION AND FUTURE WORKS
    2. Chapter 2: IT Security Governance in E-banking
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. INFORMATION SECURITY GOVERNANCE OBJECTIVES
      5. THE ROLE OF ITSG IN E-BANKING
      6. E-BANKING RISKS
      7. OUTSOURCING RISK IN E-BANKING
      8. RISK MANAGEMENT IN E-BANKING
      9. EMERGING TRENDS IN MEASURING ITSG PERFORMANCE
      10. CONCLUSION
    3. Chapter 3: IT Security Governance Legal Issues
      1. ABSTRACT
      2. INTRODUCTION: IT SECURITY GOVERNANCE LEGAL ISSUES
      3. METHOD
      4. INFORMATIONAL PRIVACY OR DATA PROTECTION
      5. OTHER IT SECURITY GOVERNANCE LEGAL ISSUES
      6. CONCLUSION
      7. APPENDIX
  9. Section 2: Security Standards and Guidelines in the IT Security Governance
    1. Chapter 4: Information Technology Service Management
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND OF ITIL® V3
      4. ITIL® V3
      5. QUALIFYING SYSTEM FOR IT SERVICE MANAGEMENT IN ITIL ®
      6. CONCLUSION
    2. Chapter 5: Assessing the Maturity of Control Objectives for Information and Related Technology (COBIT) Framework in the Egyptian Banking Sector
      1. ABSTRACT
      2. INTRODUCTION
      3. LITERATURE REVIEW
      4. CONTEXT: EGYPTIAN BANKING SECTOR
      5. RESEARCH METHODOLOGY
      6. RESULTS AND DISCUSSION
      7. CONCLUSION
    3. Chapter 6: Adoption of ISO 27001 in Cyprus Enterprises
      1. ABSTRACT
      2. INTRODUCTION
      3. OVERVIEW OF ISO 27001
      4. SURVEY DESIGN LOGISTICS
      5. SURVEY FINDINGS ANALYSIS
      6. ASSESSMENT OF ISO 27001 IN CYPRUS
      7. CONCLUSION
    4. Chapter 7: An Information Governance Model for Information Security Management
      1. ABSTRACT
      2. INTRODUCTION
      3. REVIEW OF IS SECURITY BREACHES
      4. ISSUES AND REQUIREMENTS IN IS SECURITY
      5. HOLISTICS PERSPECTIVE OF IS SECURITY
      6. IT CONTROL COMPLIANCE FRAMEWORKS
      7. IS SECURITY AWARENESS, CULTURE, AND TRAINING
      8. CRITICAL SUCCESS FACTORS FOR INTEGRATED IS SECURITY GOVERNANCE IMPLEMENTATION
      9. IS SECURITY GOVERNANCE MODEL
      10. SUMMARY
  10. Section 3: IT Security Governance Innovations
    1. Chapter 8: Information Security Governance Using Biometrics
      1. ABSTRACT
      2. INTRODUCTION
      3. NEED FOR INFORMATION SECURITY GOVERNANCE
      4. OBJECTIVE OF INFORMATION SECURITY GOVERNANCE
      5. CHALLENGES OF INFORMATION SECURITY GOVERNANCE
      6. IDENTITY MANAGEMENT REQUIREMENT
      7. BIOMETRICS
      8. INFORMATION SECURITY GOVERNANCE USING BIOMETRICS
      9. BIOMETRIC TRAITS
      10. WHY MULTIBIOMETRICS?
      11. SOLUTIONS AND RECOMMENDATIONS
      12. FUTURE RESEARCH DIRECTIONS
      13. CONCLUSION
    2. Chapter 9: Ontology Based Multi Agent Modelling for Information Security Measurement
      1. ABSTRACT
      2. INTRODUCTION
      3. PART 1: CORPORATE SECURITY GOVERNANCE AND RISK MANAGEMENT
      4. PART 3: ONTOLOGY BASED SEMANTIC MODELLING
      5. PART 4: EXPERT SYSTEM AND COMPLIANCE AUDITING
      6. CONCLUSION
    3. Chapter 10: Using Indicators to Monitor Security Risk in Systems of Systems
      1. ABSTRACT
      2. INTRODUCTION
      3. BASIC TERMINOLOGY AND DEFINITIONS
      4. METHODOLOGICAL APPROACH
      5. DEMONSTRATION OF STEP 3: IDENTIFY INDICATORS FOR SYSTEM OF SYSTEMS
      6. DEMONSTRATION OF STEP 4: SPECIFY DESIGN AND DEPLOYMENT OF IDENTIFIED INDICATORS FOR SYSTEM OF SYSTEMS
      7. RELATED WORK
      8. CONCLUSION
    4. Chapter 11: Information Security Governance
      1. ABSTRACT
      2. INTRODUCTION
      3. MALWARE ATTACK TRENDS
      4. NEED FOR NEW FORENSIC TECHNIQUES
      5. PREVIOUS WORK
      6. RECENT MALWARE INFECTION STRATEGIES
      7. PROPOSED DETECTION OF HIDDEN MALWARE
      8. INFORMATION SECURITY GOVERNANCE PLAN
      9. CONCLUSION
  11. Compilation of References
  12. About the Contributors