Computing and Information Systems - Research Publications
Permanent URI for this collection
Search Results
1 - 3 of 3
-
ItemAssessing and controlling risks associated with Denial of Service (DoS) attacks on organizational networks( 2014-08)and control of information security risks have emerged as a primary mean by which organizations secure information infrastructure. Key assets are identified and protected as a part of risk management strategy. In this process, commonly Denial of Service (or DoS) attacks are overlooked. DoS service is traditionally not considered as information security risk, hence the treatment of that remains low priority. But in the recent past, several such attacks had made high profile business’s web servers unavailable or un-accessible for considerable period of time, which consequently caused monitory and reputational losses. Hence now there is a substantial need to consider DoS attacks as a potential risk for information security and its assessment and treatment should be included in organization’s risk management process. This paper examines the major forms of DoS attacks that are lodged on critical network infrastructure of an organization, targeting the availability and access of its critical business and IT Services and further how the risk of such attacks can be reduced or mitigated through risk management process.
-
ItemImplications of social media networks on information security risks( 2014-08)The user base of Social Media Networks (SMN) has grown dramatically over the last 10 years, with the Facebook platform alone commanding 18% of the world’s population as active users. Thus SMN provide a mechanism to disseminate information both rapidly and globally. Despite this fact, little research has been conducted into the implications of SMN on information security risk. Here we conduct a literature review in order to provide information security professionals with insight into the threats, threat agents, vulnerabilities and potential risks faced by individuals and organisations from SMN. Findings suggest that confidentiality and integrity of information can be threatened by multiple actors and mechanisms, putting information and reputation at risk. Information security professionals face a mammoth task to manage such risks and a standard approach to risk management seems unlikely to be effective.
-
ItemInformation security culture as an enabler: addressing the gap between organisational knowledge sharing and information security( 2014-08-01)Knowledge sharing is a vital business strategy that creates value for an organisation. It also leads to accidental or deliberate loss of information and knowledge. With an ideal culture, the knowledge sharing barrier can be broken without leaking information. We gathered data from the literature on the benefits of knowledge sharing in organisations and the related risks, addressing the role of a positive organisational culture. We interviewed information security specialists in small and large organisations in Melbourne and overseas. The study confirms the findings from literature that organisations value knowledge sharing to gain a competitive advantage. They also revealed that the preventive measures of knowledge leakage usually involved fostering a sharing culture with strategy, policies and controls in place with regular training and awareness. Based on these observations, we propose the need for future research on organisations that have fostered a culture of sharing knowledge without compromising its security.