Identifying gaps in IT retail Information Security policy implementation processes

机译：找出IT零售信息安全策略实施流程中的差距

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

With a considerable amount of support in literature, there is no doubt that the human factor is a major weakness in preventing Information Security (IS) breaches. The retail industry is vulnerable to human inflicted breaches due to the fact that hackers rely on their victims' lack of security awareness, knowledge and understanding, security behavior and the organization's inadequate security measures for protecting itself and its clients. The true level of security in technology and processes relies on the people involved in the use and implementation thereof [1]. Therefore, the implementation of IS requires three elements namely: human factors, organizational aspects and technological controls [2]. All three of these elements have the common feature of human intervention and therefore security gaps are inevitable. Each element also functions as both security control and security vulnerability. The paper addresses these elements and identifies the human aspect of each through current and extant literature which spawns new human-security elements. The purpose of this research is to provide evidence that the IT sector of the South African retail industry is vulnerable to the human factor as a result of the disregard for human-security elements. The research points out that the IT sector of the South African retail industry is lacking trust and does not pay adequate attention to security awareness and awareness regarding security accountability. Furthermore, the IT sector of the South African retail industry is lacking: 1) IS policies, 2) process and procedure documentation for creating visibility, and 3) transparency necessary to promote trust. These findings provide support that the identified gaps, either directly or indirectly, relate to trust, and therefore, might be major contributing factors to the vast number of breaches experienced in the South African retail industry. These findings may also provide valuable insight into combatting the human factor of IS w- thin the IT sector, irrespective of industry, which choose to follow an IS model built on the foundation of trust.

机译：有了大量文献支持，毫无疑问，人为因素是防止信息安全（IS）违规的主要弱点。由于黑客依赖受害者缺乏安全意识，知识和理解，安全行为以及组织用于保护自身和客户的安全措施不足，因此零售业容易受到人为破坏。技术和过程中真正的安全性水平取决于使用和实施这些技术的人员[1]。因此，信息系统的实施需要三个要素，即：人为因素，组织方面和技术控制[2]。所有这三个要素都具有人工干预的共同特征，因此安全漏洞是不可避免的。每个元素还同时充当安全控制和安全漏洞。本文探讨了这些要素，并通过当前和现有的文献确定了每种要素的人为方面，这些文献催生了新的人类安全要素。这项研究的目的是提供证据，证明南非零售业的IT部门由于无视人的安全因素而容易受到人为因素的影响。研究指出，南非零售业的IT部门缺乏信任，没有充分注意安全意识和有关安全责任的意识。此外，南非零售业的IT部门缺乏：1）IS政策，2）用于创建可见性的流程和过程文档，以及3）促进信任所必需的透明度。这些发现为所识别的差距直接或间接与信任有关提供了支持，因此，可能是导致南非零售行业中大量违规行为的主要因素。这些发现也可能为与IT部门（无论是哪个行业）抗衡IS的人为因素提供有价值的见解，而这些行业选择遵循建立在信任基础上的IS模型。

著录项

来源
《2015 Second International Conference on Information Security and Cyber Forensics》|2015年|126-133|共8页
会议地点 Cape Town(ZA)
作者
Ileen E. van Vuuren; Elmarie Kritzinger; Conrad Mueller;
展开▼
作者单位

Department of Science, Engineering and Technology, University of South Africa, Pretoria, South Africa;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
ability; acceptance; accountability; benevolence; collaboration; communication; human factor; integrity; knowledge; management workflows; organizational aspects; policies; procedures; retail industry; security awareness; social engineering; technological controls; training; transparency; trust; trust factors; understanding; visibility;

机译：能力;接受程度;责任心;仁慈;合作;沟通;人为因素;诚信;知识;管理工作流程;组织方面;政策;程序;零售业;安全意识;社会工程;技术控制;培训;透明度;信任;信任因素;理解;可见度;

相似文献

外文文献
中文文献
专利

1. Commentary: "Is the gap in policy processes towards better food security and nutrition interventions mainly a gap between knowledge and action?". [J] . Schuftan C Ecology of Food and Nutrition . 2006,第4期

机译：评论：“在改善粮食安全和营养干预措施的政策过程中的差距是否主要是知识与行动之间的差距？”。
2. Mobile app to identify gaps in implementation and provide evidences for effective policy change [J] . S Cyril Alexander, Regina Anthony Tobacco Induced Diseases . 2018,第1期

机译：移动应用程序可识别实施中的差距并为有效的政策变更提供证据
3. Identifying implementation gaps in water recycling policy of Beijing municipality [J] . Danielle Neighbour, Ye Qi 中国人口·资源与环境（英文版） . 2018,第004期

机译：找出北京市水循环利用政策中的实施差距
4. Identifying gaps in IT retail Information Security policy implementation processes [C] . Ileen E. van Vuuren, Elmarie Kritzinger, Conrad Mueller International Conference on Information Security and Cyber Forensics . 2015

机译：识别IT零售信息安全策略实施过程中的空白
5. Why Are Non-Malicious Employees Non-Compliant: Guidance for Identifying Employee Negligence and Implementing Information Security Policies to Reduce Employees Inadvertently Becoming Insider Threats [D] . Brown, Andrew. 2020

机译：为什么非恶意员工不符合规定：确定员工疏忽和实施信息安全政策的指导，以减少员工无意中成为内部威胁
6. Gap analysis for drug development policy-making: An attempt to close the gap between policy and its implementation [O] . Ria Christine Siagian, Dumilah Ayuningtyas 2012

机译：药物开发政策制定的差距分析：试图缩小政策与其实施之间的差距
7. ABSTRACT Various body parts or organs can be analysed to identify the different diseases in the human body. Fingernail analysis is one of the ways to identify disease in the human body. Nails are the body part which are farthest from the heart and therefore receive oxygen at last. As a result the nails are the first who show the symptoms of a disease in the human body. Fingernails can be easily captured for diagnosis and there are no heavy equipment or no specific conditions required to use nail image for disease diagnosis, like in other tests and scanning processes. Human nails deliver beneficial information about complaints or any nutritive imbalances in the human body depending upon their shape, texture and colour. In human beings, numerous systemic and skin diseases can be easily analyzed through careful examination of nails of both the limbs. A lot of nail illnesses have been found to be primary signs of numerous underlying systemic illnesses. The colour, texture or shape changes in nails are signs of many diseases mainly affecting nails. Considering all these properties of nails a system is proposed that uses digital image processing (DIP) methods for identifying such changes in the human nail to get more precise results and predict numerous diseases effortlessly. With the emerging Internet of Things (IOT) concept the generated report is made available remotely, this will help users to reduce transportation efforts. As the system has to deal with large and private data, the security of data must be ensured. To keep the data confidential, the Blockchain concept which is one of the most emerging concepts in the field of data management is used. The paper contains the implementation of the digital image processing for feature extraction of nail images, usage of IOT (ThingSpeak cloud) for data storage and implementation of Blockchain to keep the system secured and theft free. KEY WORDS: Int ernet of thin gs (IOT), Image proc essin g, Thin gSpeak, RG B vavalues, Mean pi xel vavalues, Bloc kchain , Hash key. Disease Diagnostic System: Abnormalities in Human Nail [O] . Pranav S. Wazarkar 2020

机译：摘要的各个身体部位或器官可被分析以识别在人体内的不同的疾病。指甲分析来识别人体疾病的方法之一。指甲是身体一部分是离心脏最远，因此在最后接受氧气。作为结果，指甲是第一谁表现出人体疾病的症状。指甲可以容易地捕获用于诊断和没有重装或需要使用指甲图像用于疾病诊断，比如在其他测试和扫描过程没有特定的条件。人的指甲提供有关投诉或取决于它们的形状，纹理和色彩在人体内的任何营养失衡有益的信息。在人类中，许多全身性皮肤疾病是可以很容易地通过两个四肢指甲的仔细检查分析。很多指甲病已发现众多潜在系统性疾病的主要症状。在指甲的颜色，质地和形状的变化是许多疾病主要影响指甲的迹象。考虑到所有的指甲的这些性能的系统被提出，用于识别人指甲这样的变化以获得更精确的结果，并毫不费力预测许多疾病用途的数字图像处理（DIP）方法。随着物联网（IOT）的概念，新兴的互联网将生成的报告提供远程，这将帮助用户降低运输工作。由于系统必须处理大量的私人数据，数据的安全性必须得到保证。为了保持数据的机密性，使用Blockchain的概念，它是在数据管理领域的大多数新兴的概念之一。本文包含了数字图像处理的指甲图像，IOT（ThingSpeak云）的使用为数据存储和执行Blockchain的特征提取的执行，以保持固定的系统和盗窃免费。关键词：诠释薄GS（IOT），图像的ERNET PROC essin克，薄型gSpeak，RG乙vavalues，平均数PI XEL vavalues，阵营kchain，哈希密钥。疾病诊断系统：在人类指甲异常

Identifying gaps in IT retail Information Security policy implementation processes

摘要

著录项

相似文献

相关主题

期刊订阅