Professional Documents
Culture Documents
Technical Opinion Information System Security Mana
Technical Opinion Information System Security Mana
net/publication/242104189
CITATIONS READS
442 6,621
2 authors:
All content following this page was uploaded by Gurpreet Dhillon on 01 October 2014.
Information System
Security Management in
the New Millennium
Future users of information systems must address
organizational problems at a time when the organizational
form is being revolutionized.
R
apid advances in electronic in managing information security ronment. This pushes them to
networks and computer- in the future. make collaborations within and
based information systems beyond the confines of their firm
have given us enormous capabili- A Vision of the Future [3, 9]. These collaborations are
ties to process, store, and trans- Against the backdrop of the elec- supported by both electronic and
mit digital data in most business tronic age, new organizational human networks. Increasingly
sectors. This has transformed the structures are emerging. Increas- individuals and companies are set-
way we conduct trade, deliver ingly we are seeing the advent of ting up such “transnational net-
government services, and provide strong external coalitions that are works that pay absolutely no heed
health care. Changes in commu- transforming traditional mono- to national boundaries and
nication and information tech- lithic, centralized, and hierarchical barriers” [1].
nologies and particularly their organizations into loosely coupled In order to be more efficient,
confluence has raised a number organic networks. These organiza- effective, and responsive organi-
of concerns connected with the tional forms are characterized by zations give prominence to the
protection of organizational cooperation instead of autonomy use of networks and computer-
information assets. Achieving and control. Consequently, the based information systems. Yet
consensus regarding safeguards structures facilitate intense sharing the use of information and com-
for an information system, of information and a high level of munication technologies have
among different stakeholders in interpersonal and inter-organiza- increased the incidents of com-
an organization, has become tional connectivity. Organizations puter abuse. A recent Computer
more difficult than solving many are no longer characterized by Security Institute survey sug-
technical problems that might physical assets but by a network gested losses of $124 million in
arise. This “Technical Opinion” of individuals who create, process, the sampled companies. In Eng-
focuses on understanding the hold, and distribute information. land the Audit Commission esti-
nature of information security in Such organizations are “location mated losses to the order if
the next millennium. Based on and structure-independent” [6, 8] nearly $2 billion. Indeed losses of
this understanding it suggests a and are constantly influenced by such magnitude demand serious
set of principles that would help the changing nature of their envi- consideration of the premises on