nach oben

Scientific and Technical Information Processing

Erschienen in:

01.04.2021

Transformation of Strategic Models for Managing Human Risks of Information Security of an Enterprise as an Imperative of the Digital Industry

verfasst von: L. V. Astakhova

Erschienen in: Scientific and Technical Information Processing | Ausgabe 2/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This article substantiates the imperatives of transforming the information security (IS) human risk management model at a digital industry enterprise using the theories of strategic management, psychological ownership (involvement), and cultural parameters of human activity. The types of strategies and strategic models of information security culture (ISC) have been substantiated. With the use of sociological research, the dominance in organizations of the ISC defensive strategy was revealed, the pattern of the transition from the defensive to the developing strategic ISC model was revealed, and then the transition to the integrative ISC management strategy, thus combining both strategic models. The concept of the draft Information security culture national standard, which can be the basis for the design and implementation of a standard of the same name for any enterprise, is presented.

Nächster Artikel Methodological Approach to Use of Web Content by Small Business

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Federal Law of 23.06.2016 N 182-FZ “On the Basics of the Crime Prevention System in the Russian Federation”. – URL: http://www.consultant.ru/document/cons_doc_LAW_199976/ (Cited December 19, 2020).

Leaks of These Organizations through Fault or Negligence of Insiders. Comparative Study. 2013–2019: Analytical Report. https://www.infowatch.ru/sites/default/files/analytics/files/InfoWatch_Analytical_Report.pdf. Cited December 19, 2020.

Lukatskii, A., Exploitation of Coronavirus Agenda in Information Security Threats. https://habr.com/ru/company/cisco/blog/494726/. Cited December 19, 2020.

Lukatskii, A., Cybersecurity Is Victim’s Own Business. https://lukatsky.blogspot.com/2019/12/blog-post_23.html. Cited December 19, 2020.

Flier, A.Ya., Human activity and its cultural parameters, II Moiseevskie chteniya: Kul’tura kak faktor natsional’noi bezopasnosti Rossii. Doklady i materialy Obshcherossiiskoi (natsional’noi) nauchnoi konferentsii (II Moiseev Readings: Culture as a Factor of Russia’s National Security. Reports and Materials of the All-Russian (National) Scientific Conference), Moscow, 2019, pp. 299–305.

Flier, A.Ya., Local cultural system: Factors of sustainability, Kul’t. Kul’t., 2020, no. 1, p. 1.

da Veiga, A., Astakhova, L.V., Botha, A., and Herselman, M., Defining organisational information security culture—perspectives from academia and industry, Comput. Secur., 2020, vol. 92, p. 101713.CrossRef

Astakhova, L.V., Issues of the culture of information security under the conditions of the digital economy, Sci. Tech. Inf. Process., 2020, vol. 47, no. 1, pp. 56–64.CrossRef

Tompson, A.A. and Striklend, A.Dzh., Strategicheskii menedzhment. Iskusstvo razrabotki i realizatsii strategii (Strategic Management. The Art of Developing and Implementing a Strategy), Moscow: Banki i birzhi, YuNITI, 1998.

Veklenko, P.V., Situational approach in the social-human cognition: Objectives, principles and categories, J. Sib. Fed. Univ., Humanit. Soc. Sci., 2015, vol. 8, no. 5, pp. 1003–1010.

10.

Lekar’, A.G., Profilaktika prestuplenii (Crime Prevention), Moscow: Yuridich. Lit., 1972.

11.

Rivman, D.V., Kriminal’naya viktimologiya (Criminal Victimology), St. Petersburg: Piter, 2002.

12.

Gerbekov, I.I., The concept and types of crime prevention, Yuridich. Nauka Pravookhr. Prakt., 2017, no. 4, рр. 99–105

13.

Martins, V.W.B., Rampasso, I.S., Anholon, R., Quelhas, O.L.G., and Leal Filho, W., Knowledge management in the context of sustainability: Literature review and opportunities for future research, J. Cleaner Prod., 2019, vol. 229, pp. 489–500.CrossRef

14.

Durst, S., Hinteregger, C., and Zieba, M., The linkage between knowledge risk management and organizational performance, J. Bus. Res., 2019, vol. 105, pp. 1–10.CrossRef

15.

Sveiby, K.-E., A knowledge-based theory of the firm. To guide strategy formulation, J. Intell. Cap., 2001, vol. 2, no. 4. file:///C:/Users/1D1D~1/AppData/Local/Temp/knowledgetheoryoffirmfin-draft-1.pdf.

16.

Gaponenko, A. and Orlova, T., Upravlenie znaniyami (Knowledge Management), Moscow: Eksmo, 2008.

17.

Panikarova, S.V. and Vlasov, M.V., Upravlenie znaniyami i intellektual’nym kapitalom (Knowledge and Intellectual Capital Management), Yekaterinburg: Ural. Univ., 2015.

18.

Kim, T.H., Lee, J.N., Chun, J. U., and Benbasat, I., Understanding the effect of knowledge management strategies on knowledge management performance: A contingency perspective, Inf. Manage., 2014, vol. 51, no. 4, pp. 398–416.

19.

Córdova, F.M., Durán, C. A., Pincheira, M., Palominos, F., and Galindo, R., Knowledge management of intangible actives, Serv. Co. Procedia Comput. Sci., 2019, vol. 162, pp. 596–603.CrossRef

20.

Gerbina, T.V., Management strategies: Customer knowledge management, Sotsial’no-orientirovannoe upravlenie v usloviyakh globalizatsii. Materialy VI Vserossiiskoi zaochnoi nauchno-prakticheskoi konferentsii (Socially Oriented Management in the Context of Globalization. Proc. VI All-Russian Correspondence Scientific and Practical Conference), Moscow, 2017, pp. 91–96.

21.

Cerchione, R. and Esposito, E., Using knowledge management systems: A taxonomy of SME strategies, Int. J. Inf. Manage., 2017, vol. 37, no. 1, part B, pp. 1551–1562.

22.

Yoo, C., Sanders, G., and Cerveny, R., Exploring the influence of flow and psychological ownership on security education, training and awareness effectiveness and security compliance, Decis. Support Systems, 2018, vol. 108, pp. 107–118.CrossRef

23.

Ho, L.-A. and Kuo, T.-H., How can one amplify the effect of e-learning? An examination of high-tech employees' computer attitude and flow experience, Comput. Human Behav., 2010, vol. 26, no. 1, pp. 23–31.CrossRef

24.

Shantz, A., Alfes, K., Truss, C., and Soane, E., The role of employee engagement in the relationship between job design and task performance, citizenship and deviant behaviours, Int. J. Human Resour. Manage., 2013, vol. 24, no. 13, pp. 2608–2627.CrossRef

25.

Bulgurcu, B., Cavusoglu, H., and Benbasat, I., Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness, MIS Q.: Manage. Inf. Syst., 2010, vol. 34, no. 3, pp. 523–548.CrossRef

26.

GOST (State Standard) R 22.3.07–2014: Safety in Emergency Situations. Life Safety Culture. General Provisions, Moscow: Standartinform, 2019. http://docs.cntd.ru/document/1200109440. Cited December 19, 2020.

27.

GOST (State Standard) R IEC 62508–2014: Risk Management. Analysis of the Impact of the Human Factor on the Reliability (IEC 62508:2010 Guidance on Human Aspects of Dependability). http://docs.cntd.ru/document/1200113803. Cited December 19, 2020.

28.

Yan’shina, I.V. and Repina, I.B., The state, indicators, and criteria for assessing the human factor in the structure of failures of technical means of the track complex of the railway, Vestn. Sib. Gos. Univ. Putei Soobshch., 2019, no. 3, pp. 53–58.

Titel: Transformation of Strategic Models for Managing Human Risks of Information Security of an Enterprise as an Imperative of the Digital Industry
verfasst von: L. V. Astakhova
Publikationsdatum: 01.04.2021
Verlag: Pleiades Publishing
Erschienen in: Scientific and Technical Information Processing / Ausgabe 2/2021
Print ISSN: 0147-6882
Elektronische ISSN: 1934-8118
DOI: https://doi.org/10.3103/S0147688221020027

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 2/2021

Trends and Risks of Network Technologies

Space-Related Scientific and Technical Information in Current Media Discourse: Research Results

On the Observance of the Norms of Language to Create a Library Terminology

Development of Research Topics Based on the Terminological Approach (for Example, Immunology and Microbiology According to Scopus–SciVal Data)

Methodological Approach to Use of Web Content by Small Business

Predatory Journals, or Falsification of Publication Activity: Origins, Counteraction Measures, and New Problems

Premium Partner