The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January/February (2011 vol.9)
pp: 49-57
M. Eric Johnson , Dartmouth College
Shari Pfleeger , Dartmouth College
ABSTRACT
Turbulent times exacerbate many existing information risks and create new security management challenges. Discussions and interviews with chief information security officers from a broad range of large firms about how they addressed the challenges of the economic downturn provide both actionable ideas and clues for future research.
INDEX TERMS
risk-assessment rating, information security, offshoring, economic downturn, CISO, human behavior
CITATION
M. Eric Johnson, Shari Pfleeger, "Addressing Information Risk in Turbulent Times", IEEE Security & Privacy, vol.9, no. 1, pp. 49-57, January/February 2011, doi:10.1109/MSP.2010.116
REFERENCES
1. P. Sandman, "Understanding the Risk: What Frightens Rarely Kills," Neiman Reports, Nieman Foundation for Journalism at Harvard Univ., Spring 2007; www.psandman.com/articlesNiemanReports.pdf .
2. E. Nakashima and D. Wilgoren, "Obama Names Howard Schmidt as Cybersecurity Coordinator," Washington Post, 22 Dec. 2009, p. A1.
3. B. Brenner, "Providence Health CSO on Recovering from HIPAA Violations," CSO Online, 11 Aug. 2008; www.csoonline.com/article/443119Providence_Health_CSO_on_Recovering_From_HIPAA_Violations .
4. E. Nakashima and B. Krebs, "As Attacks Increase, U.S. Struggles to Recruit Computer Security Experts," Washington Post, 23 Dec. 2009, p. A1.
5. J. Riegelsberger, M.A. Sasse, and J. McCarthy, "The Mechanics of Trust: A Framework for Research and Design," Int'l J. Human-Computer Studies, vol. 62, 2005, pp. 381–422.
6. D.J. Simons and M.S. Jensen, "The Effects of Individual Differences and Task Difficulty on Inattentional Blindness," Psychonomic Bull. and Rev., vol. 16, no. 2, 2009, pp. 398–403.
7. D.J. Simons and C.F. Chabris, "Gorillas in Our Midst: Sustained Inattention Blindness for Dynamic Events," Perception, vol. 28, 1999, pp. 1059–1074.
8. M. Shermer, "None So Blind," Scientific Am., Mar. 2004, p. 42.
9. S.L. Pfleeger et al., "Insiders Behaving Badly: Addressing Bad Actors and Their Actions," IEEE Trans. Information Forensics and Security, vol. 5, no. 2, 2010, pp. 169–179.
10. "Thousands of Counterfeit Handbags, Shoes Seized," CBS News, 19 Aug. 2008; http://cbs2.com/localCounterfeit.Handbags.Shoes.2.798948.html .
11. "Compromised US and Chinese Computers Launch Greatest Number of Cyber Attacks, According to SecureWorks' Data," SecureWorks press release, 22 Sept. 2008; www.secureworks.com/media/press_releases 20080922-attacks.
12. M. Moore, "China's Global Cyber-Espionage Network GhostNet Penetrates 103 Countries," The Telegraph, 29 Mar. 2009, p. 1.
13. S.L. Pfleeger and R.K. Cunningham, "Why Measuring Security Is Hard," IEEE Security & Privacy, vol. 8, no. 4, 2010, pp. 46–54.
40 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool