Abstract
This article presents synthetically expressed results of studies on information security management system in Polish local self-government bodies. Standardized surveys, internal network scans and penetration tests of web portals were carried out in five institutions. These were municipal offices and local budgetary companies. Research surveys were conducted among all employees of the aforementioned organizations.
The research allowed identifying key factors and proposing methods to solve the most common problems faced by local self-government bodies. Moreover, the paper presents a model of a system supporting information security management developed based on the identified factors.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
De Walt, D.: Unsecured Economies: Protecting Vital Information. McAfee Inc. (2009)
House of Lords: Personal Internet Security. In: Science and Technology Committee 5th Report of Session (2006)
Frangopoulos, E.D., Eloff, M.M., Venter, L.M.: Psychosocial risks: Can their effects on the security of information systems really be ignored? Information Management & Computer Security 21(1), 53–65 (2013)
Yin, R. K.: Case study research design and methods. Sage Publications Inc. (2003)
Friedenthal, S., Moore, A., Steiner, R.: A practical guide to SysML: the systems modeling language. Morgan Kaufmann, San Francisco (2011)
Weilkiens, T.: Systems engineering with SysML/UML: modeling, analysis, design. Morgan Kaufmann, San Francisco (2011)
Jensen, J., Sherry, Y.: Opportunities and threats: A security assessment of state e-government websites. Government Information Quarterly (2010)
Karokola, G.R., Kowalski, S., Yngström, L.: Towards An Information Security Maturity Model for Secure e-Government Services: A Stakeholders View. In: Proceedings of the 5th International Symposium on Human Aspects of Information Security & Assurance, HAISA 2011, pp. 58–73 (2011)
Groves, R.M., Fowler, F.J., Couper, M.P., Lepkowski, J.M., Singer, E., Tourangeau, R.: Survey Methodology. John Wiley & Sons Inc. (2009)
Bau, J., Bursztein, E., Gupta, D., Mitchell, J.: State of the art: Automated black-box web application vulnerability testing. In: IEEE Symposium on Security and Privacy (SP) (2010)
Ofuonye, E., Beatty, P., Dick, S., Miller, J.: Prevalence and classification of web page defects. Online Information Review 34(1) (2010)
Posey, B.: GFI network security and PCI compliance power tools. Syngress (2011)
Lowis, L., Accorsi, R.: On a classification approach for SOA vulnerabilities. In: 33rd Annual IEEE International Computer Software and Applications Conference, COMPSAC 2009, vol. 2, pp. 439–444 (2009)
Feng, N., Wang, H.J., Li, M.: A Security Risk Analysis Model for Information Systems: Causal Relationships of Risk Factors and Vulnerability Propagation Analysis. In: Sixth International Conference on Information Assurance and Security (IAS), pp. 143–148 (2010)
Fienberg, S.E.: The analysis of cross-classified categorical data. Springer (2007)
Technology users believe human errors is the leading cause of data loss. Kroll Ontrack Releases Results of Global Data Loss Causes Survey, Revealing Gaps Between Data Loss Cause Perceptions and Realities (July 26, 2010), http://www.krollontrack.com/company/news-releases/?getpressrelease=61462
Calder, A.: Implementing Information Security Based on ISO 27001/ISO 17799: A Management Guide. Van Haren Publishing (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jatkiewicz, P. (2013). Identifying Factors of an Information Security Management System of Local Self-government Bodies. In: Wrycza, S. (eds) Information Systems: Development, Learning, Security. SIGSAND/PLAIS 2013. Lecture Notes in Business Information Processing, vol 161. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40855-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-40855-7_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40854-0
Online ISBN: 978-3-642-40855-7
eBook Packages: Computer ScienceComputer Science (R0)