Isabel Candal Vicente is a Full Professor of Management Information System at Universidad Ana G. Méndez University (UAGM), Carolina. She received her Ph.D. from the San Pablo-CEU University, Spain. Her current research interests include data warehouse, data mining and Information Security. Supervisors: Dr. José Berrios Lugo
Due to the spread of the internet and the appearance of more sophisticated hacking techniques, co... more Due to the spread of the internet and the appearance of more sophisticated hacking techniques, companies face a serious computer security threat today. Security incidents caused by computer attacks such as hacking, denial of service, viruses, and theft of information can have a negative effect on a company’s reputation, such as loss of credibility, as well as bringing huge financial damage to the organization (Bulgurcu et al. 2010). The Committee on National Security Systems (CNSS), formerly known as National Security Telecommunications and Information Systems Security Committee (NSTISSC), defines information security as the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information. “It’s a preservation of confidentiality, integrity, and availability of information: in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved” (ISO/IEC 17799 2005; National Institute of Standards and Technology 2011). The information security risk management environment is changing; therefore it should constantly be reviewed and updated. It is understood that information security is composed of all preventive and reactive measures that allow the safeguarding and protection of information in order to maintain confidentiality, availability and integrity (Maiwald and Sieglein 2002).
Due to the spread of the internet and the appearance of more sophisticated hacking techniques, co... more Due to the spread of the internet and the appearance of more sophisticated hacking techniques, companies face a serious computer security threat today. Security incidents caused by computer attacks such as hacking, denial of service, viruses, and theft of information can have a negative effect on a company’s reputation, such as loss of credibility, as well as bringing huge financial damage to the organization (Bulgurcu et al. 2010). The Committee on National Security Systems (CNSS), formerly known as National Security Telecommunications and Information Systems Security Committee (NSTISSC), defines information security as the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information. “It’s a preservation of confidentiality, integrity, and availability of information: in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved” (ISO/IEC 17799 2005; National Institute of Standards and Technology 2011). The information security risk management environment is changing; therefore it should constantly be reviewed and updated. It is understood that information security is composed of all preventive and reactive measures that allow the safeguarding and protection of information in order to maintain confidentiality, availability and integrity (Maiwald and Sieglein 2002).
Uploads
Papers by Isabel Candal-Vicente
The information security risk management environment is changing; therefore it should constantly be reviewed and updated. It is understood that information security is composed of all preventive and reactive measures that allow the safeguarding and protection of information in order to maintain confidentiality, availability and integrity (Maiwald and Sieglein 2002).
The information security risk management environment is changing; therefore it should constantly be reviewed and updated. It is understood that information security is composed of all preventive and reactive measures that allow the safeguarding and protection of information in order to maintain confidentiality, availability and integrity (Maiwald and Sieglein 2002).