A Security Assurance Model to Holistically Assess the Information Security Posture
Details
Serval ID
serval:BIB_8F3E9B7B6F88
Type
A part of a book
Publication sub-type
Chapter: chapter ou part
Collection
Publications
Institution
Title
A Security Assurance Model to Holistically Assess the Information Security Posture
Title of the book
Complex Intelligent Systems and their Applications
Publisher
New York, USA: Springer New York
ISBN
978-1-4419-1635-8
978-1-4419-1636-5
978-1-4419-1636-5
Publication state
Published
Issued date
2010
Editor
Xhafa F., Barolli L., Papajorgji P. J.
Volume
41
Series
Springer Optimization and Its Applications
Chapter
5
Pages
83-108
Language
english
Abstract
Managing Information Security (InfoSec) within an organization is becoming a very complex task. Currently, InfoSec Assessment is performed by using frameworks, methodologies, or standards which consider separately the elements related to security. Unfortunately, this is not necessarily effective because it does not take into consideration the necessity of having a global and systemic, multidimensional approach to ICT Security evaluation. This is mainly because the overall security level is only as strong as the weakest link. This chapter proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat takes advantage of the weakest link. Then a formalized structure taking into account all security elements is presented. The proposed model is based on, and integrates, a number of security best practices and standards that permit the definition of a reliable InfoSec framework. At this point an assessment process should be undertaken, the result of which will be the assurance that InfoSec is adequately managed within the organization. The added value of this model is that it is simple to implement and responds to concrete needs in terms of reliance upon efficient and dynamic evaluation tools and through a coherent evaluation system.
Create date
03/02/2011 16:32
Last modification date
20/08/2019 14:52