Threats and countermeasures for information system security: A cross-industry study

Threats and countermeasures for information system security: A cross-industry study

IS security threats have increased significantly in recent years. We identified the gaps between manager perceptions of IS security threats and the security countermeasures adopted by firms by collecting empirical data from 109 Taiwanese enterprises. Industry type and organizational use of IT were s...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Information & management 2007-07, Vol.44 (5), p.480-491
Hauptverfasser: Yeh, Quey-Jen, Chang, Arthur Jung-Ting
Format: Artikel
Sprache:eng
Schlagworte:
Applied sciences
Computer science
control theory
systems
Countermeasures
Cybersecurity
Exact sciences and technology
Information systems
Information systems. Data bases
IS security
IS threats
Memory and file management (including protection and security)
Memory organisation. Data processing
Perceptions
Security adoption
Software
Studies
Threat mitigation
Threats
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:IS security threats have increased significantly in recent years. We identified the gaps between manager perceptions of IS security threats and the security countermeasures adopted by firms by collecting empirical data from 109 Taiwanese enterprises. Industry type and organizational use of IT were seen as the two factors that affected the motivation of firms to adopt security countermeasures, but their implementation did not necessarily affect the threat perceptions of the managers. Analyses of responses suggested that the scope of the countermeasures adopted were not commensurate with the severity of the perceived threats. Among the threats, networks were rated as contributing the most severe threat and yet had the lowest level of protection, this was followed by threats due to personnel and administrative issues. We therefore addressed threat mitigation strategies, specifically in terms of the differences between industries.
ISSN:0378-7206
1872-7530
DOI:10.1016/j.im.2007.05.003