Information systems security from a knowledge management perspective-Reference-Cited by-同舟云学术

Information systems security from a knowledge management perspective

Published:2005-07-01 Issue:3 Volume:13 Page:189-202
ISSN:0968-5227
Container-title:Information Management & Computer Security
language:en
Short-container-title:

Author:

Belsis Petros,Kokolakis Spyros,Kiountouzis Evangelos

Abstract

PurposeInformation systems security management is a knowledge‐intensive activity that currently depends heavily on the experience of security experts. However, the knowledge dimension of IS security management has been neglected, both by research and industry. This paper aims to explore the sources of IS security knowledge and the potential role of an IS security knowledge management system.Design/methodology/approachThe results of this paper are based on field research involving five organizations (public and private) and five security experts and consultants. A model to illustrate the structure of IS security knowledge in an organization is then proposed.FindingsSuccessful security management largely depends on the involvement of users and other stakeholders in security analysis, design, and implementation, as well as in actively defending the IS. However, most stakeholders lack the required knowledge of IS security issues that would allow them to play an important role in IS security management.Originality/valueIn this paper, the knowledge management aspect of IS security management has been highlighted. Moreover, the basic sources of security‐related knowledge have been identified and a model of IS security knowledge has been created. Also, the activities to be supported by a security‐focused KM system have been identified. Thus, the basis for the development of specialized security KM systems has been set.

Publisher

Emerald

Subject

Library and Information Sciences,Management Science and Operations Research,Business and International Management,Management Information Systems

Reference19 articles.

1. Baskerville, R. (1991), “Risk analysis: an interpretive feasibility tool in justifying information systems security”, European Journal of Information Systems, Vol. 1 No. 2, pp. 121‐30.

2. Beijerse, R. (1999), “Questions in knowledge management”, Journal of Knowledge Management, Vol. 3 No. 2, pp. 94‐109.

3. BSI (2002), Information Security Management – Part 2: Specification for Information Security Management Systems, BS 7799‐2:2002, British Standards Institute, London.

4. Davenport, T. and Prusak, L. (1998), Working Knowledge: How Organizations Manage What They Know, Harvard Business School Press, Cambridge, MA.

5. Davenport, T. and Volpel, S. (2001), “The rise of knowledge towards attention management”, Journal of Knowledge Management, Vol. 5 No. 3, pp. 212‐21.

Cited by 27 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Enterprise risk management and firm performance: Exploring the roles of knowledge, technology, and supply chain;Problems and Perspectives in Management;2024-04-26

2. Enablers of knowledge sharing for organizational sustainability: proposing a conceptual framework;Industrial and Commercial Training;2022-12-27

3. Cyber Business Management;Conflict Management in Digital Business;2022-09-15

4. Tools and Technologies for the Governance of Knowledge Management;Understanding, Implementing, and Evaluating Knowledge Management in Business Settings;2022-06-24

5. Security quality of KMS and KMS adoption: The context of SMEs;Human Systems Management;2021-09-07