Issue No. 03 - May/June (2007 vol. 5)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.59
Eric Goetz , Institute for Information Infrastructure Protection (13P) at Dartmouth College
M. Eric Johnson , Center for Digital Strategies, Tuck School of Business at Dartmouth College
Risk and business have always been inseparable, but new information security risks pose unknown challenges. How should firms organize and manage to improve enterprise security? Here, the authors describe how CISOs are working to build secure organizations.
security, organizational security, building security in, CISOs, information security risks
Eric Goetz, M. Eric Johnson, "Embedding Information Security into the Organization", IEEE Security & Privacy, vol. 5, no. , pp. 16-24, May/June 2007, doi:10.1109/MSP.2007.59