The ISO/IEC 27001 Information Security Management Standard: How to Extract Value from Data in the IT Sector

Kitsios, Fotis; Chatzidimitriou, Elpiniki; Kamariotou, Maria

doi:10.3390/su15075828

Cited by 18 publications

(5 citation statements)

References 54 publications

(103 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• expand or improve end-user awareness, • conduct regular security workshops and trainings, • communicate the security policies and the values that determine how people are expected to think about and approach security in the organisation, • delegate someone to champion the security culture processes, • ensure that the system is patched, These results point to the inefficiency of the present security culture. The International Organization for Standardization's IS management system (ISO/IEC 27001:2022) includes processes and activities related to IS awareness (Kitsios, Chatzidimitriou, & Kamariotou, 2023).…”

Section: Information Security Culturementioning

confidence: 99%

Cloud leakage in higher education in South Africa: A case of University of Technology

Ntloedibe,

Foko,

Segooa

2024

S. Afr. j. inf. manag.

View full text Add to dashboard Cite

Background: Users with knowledge of an organisation can pose risks to Cloud Computing, including current and past employees and external stakeholders with access to the organisation’s cloud. These insiders may engage in intentional or unintentional disruptive behaviors, causing significant harm to the organisation. A study focused on insider threats in South African higher education examined the tactics used by cybersecurity leaders to enforce cybersecurity policies.Objectives: The goal of this study was to develop a comprehensive insider mitigation framework for cloud leakage in a South African University.Method: The study employed qualitative methodologies and a case study approach. Open-ended interviews were conducted to collect data from the participants. The collected data was coded and analysed using ATLAS.ti 22.Results: The study’s findings revealed that some of the major sources of cloud leakage are a lack of effective training, ineffective information security (IS) policy regulation, and the implementation of information security awareness workshops that provided advice on how information security should be managed in the university.Conclusion: Insider threats pose a serious risk to organisations. To mitigate this threat, it is crucial for organisations to establish strong security policies and closely monitor employee activities. By conducting a thorough assessment of insider threats, organisations can enhance their understanding of this dynamic threat and strengthen their defenses.Contribution: Although every employee is ultimately responsible for an organisation’s security, the most effective IS programmes demonstrate strong top-level leadership by setting a ‘tone at the top’ and promoting the benefits of IS through careful policy and guidance.

show abstract

Section: Information Security Culturementioning

confidence: 99%

Cloud leakage in higher education in South Africa: A case of University of Technology

Ntloedibe,

Foko,

Segooa

2024

S. Afr. j. inf. manag.

View full text Add to dashboard Cite

show abstract

“…On the other hand, it also brings major challenges to the security and protection of medical data. Therefore, we need to robustly deploy security and privacy controls (e.g., NIST SP800-30, ISO 27001, ISO/IEC Standard 27018 [ 5 , 6 ]) to protect medical data prevalent on the Internet from becoming prey to hackers. In this context, many research topics have received attention, including, but not limited to, the following: risk assessment, device security, session security, cloud security, data protection, and authentication.…”

Section: Introductionmentioning

confidence: 99%

Advances in IoMT for Healthcare Systems

Shafiq,

Choi,

Cheikhrouhou

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…In addition, information security is increasingly crucial given the urgency of protecting learners' personal data, academic records and other sensitive information. In a broader context, information security management policies and practices in the education environment must be carefully optimised to provide not only adequate, but also holistic protection against potential security threats (Kitsios et al, 2023). Given the dynamics of technological development and cyber intelligence, it is imperative that information security policies are proactive and aligned with the latest developments, to ensure the integrity, confidentiality and availability of information that forms the backbone of the learning process and data management in educational settings.…”

Section: Introductionmentioning

confidence: 99%

Educational Management Strategies to Address Information Security Challenges in the Use of Social Media in Learning Environments

Ripki

2023

jmp

View full text Add to dashboard Cite

With the advancement of information technology, social media has become an integral part of daily life, including in the field of education. However, the use of social media in the learning environment is not exempt from information security challenges that can impact the effectiveness and sustainability of the learning process. This research aims to examine educational management strategies to address information security challenges in the use of social media in learning environments. The study employed an extensive review of existing literature through qualitative analysis to gain a comprehensive insight into the subject, covering the period from 2017 to 2023. The study's findings indicate that, in addressing the complexity of information security challenges related to the use of social media in learning environments, a holistic educational management approach is necessary. Awareness of risks, the development of clear policies, the selection of secure technologies, external collaboration, and continuous monitoring are key factors in creating a safe and innovative learning environment.

show abstract

The ISO/IEC 27001 Information Security Management Standard: How to Extract Value from Data in the IT Sector

Cited by 18 publications

References 54 publications

Cloud leakage in higher education in South Africa: A case of University of Technology

Cloud leakage in higher education in South Africa: A case of University of Technology

Advances in IoMT for Healthcare Systems

Educational Management Strategies to Address Information Security Challenges in the Use of Social Media in Learning Environments

Contact Info

Product

Resources

About