A quantification mechanism for assessing adherence to information security governance guidelines
Loading...
Date
2022
Journal Title
Journal ISSN
Volume Title
Publisher
Emerald
Abstract
Boards of Directors and other organisational leaders make decisions about the information
security governance systems to implement in their companies. The increasing number of cyber-breaches
targeting businesses makes this activity inescapable. Recently, researchers have published comprehensive
lists of recommended cyber measures, specifically to inform organisational boards. However, the young
cybersecurity industry has still to confirm and refine these guidelines. As a starting point, it would be helpful
for organisational leaders to know what other organisations are doing in terms of using these guidelines. In an
ideal world, bespoke surveys would be developed to gauge adherence to guidelines, but this is not always
feasible. What we often do have is data from existing cybersecurity surveys. The authors argue that such
data could be repurposed to quantify adherence to existing information security guidelines, and this paper
aims to propose, and test, an original methodology to do so.
Description
Keywords
Boards of directors, Information security governance, Cybersecurity, Information security guidelines, Covid-19
Citation
Bongiovanni, I. et al. (2022). A quantification mechanism for assessing adherence to information security governance guidelines. Information and Computer Security. 10.1108/ICS-08-2021-0112