File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1016/j.cose.2012.09.001
- Scopus: eid_2-s2.0-84870289385
- WOS: WOS:000312677200002
- Find via
Supplementary
- Citations:
- Appears in Collections:
Article: Managing information security risks during new technology adoption
| Title | Managing information security risks during new technology adoption |
|---|---|
| Authors | |
| Keywords | Proactive investment Information security management Reactive investment System dynamics Integrated Operations Delay |
| Issue Date | 2012 |
| Citation | Computers and Security, 2012, v. 31, n. 8, p. 859-869 How to Cite? |
| Abstract | In the present study, we draw on previous system dynamics research on operational transition and change of vulnerability to investigate the role of incident response capability in controlling the severity of incidents during the adoption of new technology. Toward this end, we build a system dynamics model using the Norwegian Oil and Gas Industry as the context. The Norwegian Oil and Gas Industry has started to adopt new information communication technology to connect its offshore platforms, onshore control centers, and suppliers. In oil companies, the management is generally aware of the increasing risks associated with operational transition; however, to date, investment in incident response capability has not been highly prioritized because of the uncertainty related to risks and the present reactive mental model of security risk management. The model simulation shows that a reactive approach to security risk management might trap the organization into blindness to minor incidents and low incident response capability, which can lead to severe incidents. The system dynamics model can serve as a means to promote proactive investment in incident response capability. © 2012 Elsevier Ltd. All rights reserved. |
| Persistent Identifier | http://hdl.handle.net/10722/307369 |
| ISSN | 2021 Impact Factor: 5.105 2020 SCImago Journal Rankings: 0.861 |
| ISI Accession Number ID |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Qian, Ying | - |
| dc.contributor.author | Fang, Yulin | - |
| dc.contributor.author | Gonzalez, Jose J. | - |
| dc.date.accessioned | 2021-11-03T06:22:28Z | - |
| dc.date.available | 2021-11-03T06:22:28Z | - |
| dc.date.issued | 2012 | - |
| dc.identifier.citation | Computers and Security, 2012, v. 31, n. 8, p. 859-869 | - |
| dc.identifier.issn | 0167-4048 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/307369 | - |
| dc.description.abstract | In the present study, we draw on previous system dynamics research on operational transition and change of vulnerability to investigate the role of incident response capability in controlling the severity of incidents during the adoption of new technology. Toward this end, we build a system dynamics model using the Norwegian Oil and Gas Industry as the context. The Norwegian Oil and Gas Industry has started to adopt new information communication technology to connect its offshore platforms, onshore control centers, and suppliers. In oil companies, the management is generally aware of the increasing risks associated with operational transition; however, to date, investment in incident response capability has not been highly prioritized because of the uncertainty related to risks and the present reactive mental model of security risk management. The model simulation shows that a reactive approach to security risk management might trap the organization into blindness to minor incidents and low incident response capability, which can lead to severe incidents. The system dynamics model can serve as a means to promote proactive investment in incident response capability. © 2012 Elsevier Ltd. All rights reserved. | - |
| dc.language | eng | - |
| dc.relation.ispartof | Computers and Security | - |
| dc.subject | Proactive investment | - |
| dc.subject | Information security management | - |
| dc.subject | Reactive investment | - |
| dc.subject | System dynamics | - |
| dc.subject | Integrated Operations | - |
| dc.subject | Delay | - |
| dc.title | Managing information security risks during new technology adoption | - |
| dc.type | Article | - |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.doi | 10.1016/j.cose.2012.09.001 | - |
| dc.identifier.scopus | eid_2-s2.0-84870289385 | - |
| dc.identifier.volume | 31 | - |
| dc.identifier.issue | 8 | - |
| dc.identifier.spage | 859 | - |
| dc.identifier.epage | 869 | - |
| dc.identifier.isi | WOS:000312677200002 | - |