File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Article: Managing information security risks during new technology adoption

TitleManaging information security risks during new technology adoption
Authors
KeywordsProactive investment
Information security management
Reactive investment
System dynamics
Integrated Operations
Delay
Issue Date2012
Citation
Computers and Security, 2012, v. 31, n. 8, p. 859-869 How to Cite?
AbstractIn the present study, we draw on previous system dynamics research on operational transition and change of vulnerability to investigate the role of incident response capability in controlling the severity of incidents during the adoption of new technology. Toward this end, we build a system dynamics model using the Norwegian Oil and Gas Industry as the context. The Norwegian Oil and Gas Industry has started to adopt new information communication technology to connect its offshore platforms, onshore control centers, and suppliers. In oil companies, the management is generally aware of the increasing risks associated with operational transition; however, to date, investment in incident response capability has not been highly prioritized because of the uncertainty related to risks and the present reactive mental model of security risk management. The model simulation shows that a reactive approach to security risk management might trap the organization into blindness to minor incidents and low incident response capability, which can lead to severe incidents. The system dynamics model can serve as a means to promote proactive investment in incident response capability. © 2012 Elsevier Ltd. All rights reserved.
Persistent Identifierhttp://hdl.handle.net/10722/307369
ISSN
2023 Impact Factor: 4.8
2023 SCImago Journal Rankings: 1.566
ISI Accession Number ID

 

DC FieldValueLanguage
dc.contributor.authorQian, Ying-
dc.contributor.authorFang, Yulin-
dc.contributor.authorGonzalez, Jose J.-
dc.date.accessioned2021-11-03T06:22:28Z-
dc.date.available2021-11-03T06:22:28Z-
dc.date.issued2012-
dc.identifier.citationComputers and Security, 2012, v. 31, n. 8, p. 859-869-
dc.identifier.issn0167-4048-
dc.identifier.urihttp://hdl.handle.net/10722/307369-
dc.description.abstractIn the present study, we draw on previous system dynamics research on operational transition and change of vulnerability to investigate the role of incident response capability in controlling the severity of incidents during the adoption of new technology. Toward this end, we build a system dynamics model using the Norwegian Oil and Gas Industry as the context. The Norwegian Oil and Gas Industry has started to adopt new information communication technology to connect its offshore platforms, onshore control centers, and suppliers. In oil companies, the management is generally aware of the increasing risks associated with operational transition; however, to date, investment in incident response capability has not been highly prioritized because of the uncertainty related to risks and the present reactive mental model of security risk management. The model simulation shows that a reactive approach to security risk management might trap the organization into blindness to minor incidents and low incident response capability, which can lead to severe incidents. The system dynamics model can serve as a means to promote proactive investment in incident response capability. © 2012 Elsevier Ltd. All rights reserved.-
dc.languageeng-
dc.relation.ispartofComputers and Security-
dc.subjectProactive investment-
dc.subjectInformation security management-
dc.subjectReactive investment-
dc.subjectSystem dynamics-
dc.subjectIntegrated Operations-
dc.subjectDelay-
dc.titleManaging information security risks during new technology adoption-
dc.typeArticle-
dc.description.naturelink_to_subscribed_fulltext-
dc.identifier.doi10.1016/j.cose.2012.09.001-
dc.identifier.scopuseid_2-s2.0-84870289385-
dc.identifier.volume31-
dc.identifier.issue8-
dc.identifier.spage859-
dc.identifier.epage869-
dc.identifier.isiWOS:000312677200002-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats