Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
A Conceptual Model for a Metric Based Framework for the Monitoring of Information Security Tasks’ Efficiency
Download
1-s2.0-S1877050919316746-main.pdf
Date
2019
Author
Sönmez, Ferda Özdemir
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
303
views
175
downloads
Cite This
Information Security Governance Systems are not adequate to measure the effectiveness and efficiency of security tasks for the enterprises. Although some of the systems offer ways for measurement, they still need the definition of measurement objectives and metrics. This study proposes a conceptual framework mode which has human and tool/process related metrics. This system also allows the collection of evidence data for security-related tasks and ways to motivate the security staff to provide a more productive environment. This system may be applied to any size of enterprise independent of its business domain or functions as long as the aim is to improve the effectiveness and efficiency of security-related tasks. (C) 2019 The Authors. Published by Elsevier B.V.
Subject Keywords
Information Security Governance
,
Security
,
Efficiency
,
Metric
,
Productivity
URI
https://hdl.handle.net/11511/58147
DOI
https://doi.org/10.1016/j.procs.2019.09.459
Collections
Graduate School of Informatics, Conference / Seminar
Suggestions
OpenMETU
Core
A Decision Support System for Optimal Selection of Enterprise Information Security Preventative Actions
Özdemir Sönmez, Ferda ; Günel Kılıç, Banu (2021-09-01)
Types and complexity of information security related vulnerabilities are growing rapidly and present numerous challenges to the enterprises. One of the key challenges is to identify the optimal set of precautions with limited budget. Despite the fact that majority of enterprises have a budget constraint for installing and maintaining the protection systems, the majority of the previous work only focus on prioritization of security targets and do not consider the preventative actions and budget constraints. ...
An approach for defensive information warfare in the Turkish land forces command
Özcan, Fuzuli; Bilgen, Semih; Department of Information Systems (2002)
In this study,Information Warfare (IW)and Information System (IS) security concept in the Turkish Land Forces Command (TLFC)are investigated.An approach that will enhance the success for a secure Information System to alleviate experienced risks is proposed.Starting with the general overview of the literature about IW and IS security,the relation between the concepts,the future,advantages and disadvantages of security development approaches,and the requirements for security are reviewed. Then the spe...
A framework based on continuous security monitoring
Ertürk, Volkan; Arifoğlu, Ali; Department of Information Systems (2008)
Continuous security monitoring is the process of following up the IT systems by collecting measurements, reporting and analysis of the results for comparing the security level of the organization on continuous time axis to see how organizational security is progressing in the course of time. In the related literature there is very limited work done to continuously monitor the security of the organizations. In this thesis, a continuous security monitoring framework based on security metrics is proposed. More...
A Case for Societal Digital Security Culture
BEN OTHMANE, Lotfi; WEFFERS, Harold; RANCHAL, Rohit; Angın, Pelin; BHARGAVA, Bharat; MOHAMAD, Mohd M (2013-07-10)
Information and communication technology systems, such as remote health care monitoring and smart mobility applications, have become indispensable parts of our lives. Security vulnerabilities in these systems could cause financial losses, privacy/safety compromises, and operational interruptions. This paper demonstrates through examples, that technical security solutions for these information systems, alone, are not sufficient to protect individuals and their assets from attacks. It proposes to complement (...
On provable security of some public key encryption schemes
Hanoymak, Turgut; Akyıldız, Ersan; Selçuk, Ali Aydın; Department of Cryptography (2012)
In this thesis, we analyse the security criteria of some public key encryption schemes. In this respect, we present the notion of adversarial goals and adversarial capabilities. We give the definition of provably security by means of several games between the challenger and the adversary in some security models, namely the standard model and the random oracle model. We state the main differences between these two models and observe the advantage of the success probability of the adversary in breaking the cr...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
F. Ö. Sönmez, “A Conceptual Model for a Metric Based Framework for the Monitoring of Information Security Tasks’ Efficiency,” 2019, vol. 160, p. 181, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/58147.