• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
ISSE 2008 Information Security Status
 

ISSE 2008 Information Security Status

on

  • 972 views

 

Statistics

Views

Total Views
972
Views on SlideShare
918
Embed Views
54

Actions

Likes
0
Downloads
21
Comments
0

4 Embeds 54

http://www.tawileh.net 37
http://tawileh.net 11
http://www.linkedin.com 5
http://translate.googleusercontent.com 1

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    ISSE 2008 Information Security Status ISSE 2008 Information Security Status Presentation Transcript

    • Information Security Status in Organisations 2008 Anas Tawileh, Jeremy Hilton, Stephen McIntosh Cardiff University
    • Outline
      • Methodology and Approach
      • Survey Findings
      • Feedback
      • Summary and Discussion
    • Methodology and Approach
      • Structured approach to questionnaire design
      • Based on the Information Assurance Model
      • Model describes a desirable state of information assurance in organisations
      • Open-ended question added to elicit feedback
    • Respondents’ Profile
    • Respondents’ Profile
    • Organisation Sector
    • Information Security Requirements
    • Data Backup
    • Privacy and Integrity
    • Measures Against Internal Misuse
    • Respondents’ Feedback
      • “ My goals as IT supervisor and management goals are not always the same, management is worried about sales/profits, and not security.”
      • “ It would be nice to know how many "no's" one selected out all questions to slam it in the face of those opposing any IT security.”
    • Respondents’ Feedback
      • “ I am concerned. I am the one and only who is concerned. After hours, anyone who somehow got admitted into our offices could walk out with a laptop sitting on the reception desk containing practically all the confidential info we have. Refusal to invest in a steel cable.”
    • Summary and Discussion
      • A significant gap exists between large organisations and their smaller counterparts in the adoption of information security
      • Organisations seem to focus more on confidentiality and authentication
      • Privacy (still) is a growing concern
    • Summary and Discussion
      • Organisations are not very well prepared to satisfy the requirement for external collaboration
      • Over-reliance on technical measures
      • Little attention is paid to the human aspect of security
      • Thank You.