Title
A research journey into maturing the business information security of mid market organizations
Author
Faculty/Department
Faculty of Applied Economics
Publication type
article
Publication
Subject
Economics
Source (journal)
International journal of IT/business alignment and governance
Volume/pages
1(2010) :4 , p. 18-39
ISSN
1947-9611
vabb
c:vabb:308778
Carrier
E
Target language
English (eng)
Full text (Publishers DOI)
Affiliation
University of Antwerp
Abstract
Most information security methodologies are aimed at large enterprise organizations with a top-down structure, while relatively smaller organizations have insufficient knowledge to adopt this methodology. Most of the frameworks used by enterprises focus on high-level policy-making and the overwhelming amount of controls might suffocate practitioners in smaller organizations. This article examines the results of an exploratory study, performed in the Netherlands in Q1&Q2 of 2010. The study used expert panel research followed by a survey. The research found essential interventions to easily and effectively increase security maturity for mid market organizations. The research also found barriers for not implementing these interventions by the midmarket. This paper provides a minimum core set of practices for organizations. It shows that mid market organizations struggle with implementing relevant interventions. This research contributes a new pragmatic approach to assist mid market organizations practitioners with more guidance on how to effectively establish the desired state of security maturity.
E-info
https://repository.uantwerpen.be/docman/iruaauth/a22b1f/0acb1a0661f.pdf
Handle