Author:
Atoum Issa,Otoom Ahmed,Abu Ali Amer
Abstract
Purpose
– The purpose of this paper is to propose a holistic cyber security implementation framework (HCS-IF) that lays out the ground for a conceptual, coherent, systematic, overarching and consolidated approach to implement cyber security strategies (CSSs).
Design/methodology/approach
– The HCS-IF is conceptually proposed to address the actual needs that are extracted from literature review. The HCS-IF uses and integrates a set of high-level conceptual security controls, solutions, processes, entities, tools, techniques or mechanisms that are already known in the domains of information security management, software engineering and project management to address the identified needs.
Findings
– The HCS-IF components and controls collectively interact and cooperate to implement CSSs. The proposed framework is compared with other related frameworks, and the results show that the HCS-IF outperforms other frameworks on most of the suggested comparison criteria.
Originality/value
– From a practical standpoint, governments and practitioners alike stand to gain from the findings of this research. Governments who want to implement CSSs on a national level will find the proposed framework useful in overseeing cyber security implementation. Practitioners will be prepared to address the anticipated cyber security implementation challenges and the required controls needed to facilitate cyber-security implementation in a holistic overarching manner.
Subject
Library and Information Sciences,Management Science and Operations Research,Business and International Management,Management Information Systems
Reference45 articles.
1. Barnat, R.
(2005), “Strategic management: the nature of strategy implementation”, available at: www.strategy-implementation.24xls.com/en100 (accessed 3 February 2012).
2. Broom, A.
(2009), “Security consolidation and optimisation: gaining the most from your IT assets”, Computer Fraud and Security, Vol. 2009 No. 5, pp. 15-17, available at: http://linkinghub.elsevier.com/retrieve/pii/S1361372309700612 (accessed 25 February 2012).
3. Buecker, A.
,
Borrett, M.
,
Lorenz, C.
and
Powers, C.
(2010), “Introducing the IBM security framework and IBM security blueprint to realize business-driven security”, IBM Redpaper, Vol. 4528 No. 1, pp. 1-96.
4. Dasgupta, D.
and
Rahman, M.
(2011), “A framework for estimating security coverage for cloud service insurance”. In Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, ACM Press, New York, New York, USA, p. -, available at: http://dl.acm.org/citation.cfm?doid=2179298.2179342 (accessed 20 April 2012).
5. David, F.
(2011),
Strategic Management: Concepts and Cases, 13th ed, Prentice Hall, available at: www.malone.edu/media/1/39/480/MMP405_Online_Corporate_Strategy.pdf (accessed 12 February 2012).
Cited by
26 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献