Publication
Title
A research journey into maturing the business information security of mid market organizations
Author
Abstract
Most information security methodologies are aimed at large enterprise organizations with a top-down structure, while relatively smaller organizations have insufficient knowledge to adopt this methodology. Most of the frameworks used by enterprises focus on high-level policy-making and the overwhelming amount of controls might suffocate practitioners in smaller organizations. This article examines the results of an exploratory study, performed in the Netherlands in Q1&Q2 of 2010. The study used expert panel research followed by a survey. The research found essential interventions to easily and effectively increase security maturity for mid market organizations. The research also found barriers for not implementing these interventions by the midmarket. This paper provides a minimum core set of practices for organizations. It shows that mid market organizations struggle with implementing relevant interventions. This research contributes a new pragmatic approach to assist mid market organizations practitioners with more guidance on how to effectively establish the desired state of security maturity.
Language
English
Source (journal)
International journal of IT/business alignment and governance
Publication
2010
Volume/pages
1:4(2010), p. 18-39
Full text (Publishers DOI)
Full text (publishers version - intranet only)
UAntwerpen
Faculty/Department
Research group
Publication type
Subject
Affiliation
Publications with a UAntwerp address
External links
VABB-SHW
Record
Identification
Creation 22.12.2011
Last edited 22.11.2016
To cite this reference