IT Security Governance Innovations: Theory and Research

IT Security Governance Innovations: Theory and Research

Daniel Mellado (Spanish Tax Agency, Spain), Luis Enrique Sánchez (University of Castilla-La Mancha, Spain), Eduardo Fernández-Medina (University of Castilla – La Mancha, Spain) and Mario G. Piattini (University of Castilla - La Mancha, Spain)
Release Date: September, 2012|Copyright: © 2013 |Pages: 373
ISBN13: 9781466620834|ISBN10: 1466620838|EISBN13: 9781466620841|DOI: 10.4018/978-1-4666-2083-4


Information technology in the workplace is vital to the management of workflow in the company; therefore, IT security is no longer considered a technical issue but a necessity of an entire corporation. The practice of IT security has rapidly expanded to an aspect of Corporate Governance so that the understanding of the risks and prospects of IT security are being properly managed at an executive level.

IT Security Governance Innovations: Theory and Research provides extraordinary research which highlights the main contributions and characteristics of existing approaches, standards, best practices, and new trends in IT Security Governance. With theoretical and practical perspectives, the book aims to address IT Security Governance implementation in corporate organizations. This collection of works serves as a reference for CEOs and CIOs, security managers, systems specialists, computer science students, and much more.

Topics Covered

The many academic areas covered in this publication include, but are not limited to:

  • Auditing IT Security Governance
  • IT Security Governance
  • IT Security Governance Implantation Models
  • IT Security Governance in Case Studies, Real Applications, Implementations in Different Types of Organizations, and Failures
  • Resource Management
  • Risk Management
  • Security Metrics
  • Security Necessities
  • Strategic Alignment
  • Value Delivery

Reviews and Testimonials

For technical personnel or non-technical executives in companies, computer and information scientists, some in academia and some in business, compile existing approaches, standards, best practices, and new trends in governing the security of information technology. The topics include electronic banking, legal issues, assessing the maturity of the control objectives for information and related technology framework in the Egyptian banking sector, the adoption of ISO 27001 in Cyprus enterprises, biometrics, ontology-based multi-agent modeling for measuring information security, and the art of detecting hidden malware.

– Book News Inc. Portland, OR

Table of Contents and List of Contributors

Search this Book:
Editorial Advisory Board
Table of Contents
Ernesto Damiani
Daniel Mellado, Luis Enrique Sánchez, Eduardo Fernández-Medina, Mario G. Piattini
Chapter 1
Oscar Rebollo
Security awareness has spread inside many organizations leading them to tackle information security not just as a technical matter, but from a... Sample PDF
Overview of Key Information Security Governance Frameworks
Chapter 2
Theodosios Tsiakis, Theodoros Kargidis, Aristeidis Chatzipoulidis
Most industries have been influenced in different ways by e-commerce, and the banking industry is no exception. Particularly, banks are embracing... Sample PDF
IT Security Governance in E-banking
Chapter 3
Gemma María Minero Alejandre
The protection of the investment and creativity made in producing computer programs and databases by intellectual property rights is still not... Sample PDF
IT Security Governance Legal Issues
Chapter 4
Magdalena Arcilla, Jose A. Calvo-Manzano, Mercedes de la Cámara, Javier Sáenz, Luis Sánchez
Nowadays, there is an increasing dependence on information and on the systems that provide such information. So, for many organizations, the... Sample PDF
Information Technology Service Management
Chapter 5
Hisham M. Abdelsalam, Ahmed M Marzouk, Haitham S. Hamza
Banking sector in Egypt is one of the largest business sectors in terms of contributing to country economic growth and in terms of investing in... Sample PDF
Assessing the Maturity of Control Objectives for Information and Related Technology (COBIT) Framework in the Egyptian Banking Sector
Chapter 6
Ioanna Dionysiou, Angelika Kokkinaki, Skevi Magirou, Theodosios Iacovou
This chapter presents the findings of an investigation on current security practices in Cypriot organizations, including enterprises and public... Sample PDF
Adoption of ISO 27001 in Cyprus Enterprises: Current State and Challenges
Chapter 7
Matthew Nicho
The purpose of this paper is to propose an IS security governance model to enhance the security of information systems in an organisation by viewing... Sample PDF
An Information Governance Model for Information Security Management
Chapter 8
Shrikant Tiwari, Sanjay Kumar Singh
To establish the identity of an individual is very critical with the advancement of technology in networked society. Thus, there is need for... Sample PDF
Information Security Governance Using Biometrics
Chapter 9
Partha Saha, Ambuj Mahanti
IT security governance bridges the gap between corporate governance and information security which is defined as the protection of information and... Sample PDF
Ontology Based Multi Agent Modelling for Information Security Measurement
Chapter 10
Olav Skjelkvåle Ligaarden, Atle Refsdal, Ketil Stølen
Systems of systems are collections of systems interconnected through the exchange of services. Their often complex service dependencies and very... Sample PDF
Using Indicators to Monitor Security Risk in Systems of Systems: How to Capture and Measure the Impact of Service Dependencies on the Security of Provided Services
Chapter 11
Mamoun Alazab, Sitalakshmi Venkatraman, Paul Watters, Moutaz Alazab
Detecting malicious software or malware is one of the major concerns in information security governance as malware authors pose a major challenge to... Sample PDF
Information Security Governance: The Art of Detecting Hidden Malware
About the Contributors

Author(s)/Editor(s) Biography

Luis Enrique Sánchez is PhD and MsC in Computer Science and is an Assistant Professor at the Escuela Superior de Informática of the Universidad de Castilla- La Mancha in Ciudad Real (Spain) (Computer Science Department, University of Castilla La Mancha, Ciudad Real, Spain), MSc in Information Systems Audit from the Polytechnic University of Madrid, and Certified Information System Auditor by ISACA. He is the Director of Professional Services and R&D departments of the company Sicaman Nuevas Tecnologías S.L. COIICLM board or committee member and responsible for the professional services committee. His research activities are management security system, security metrics, data mining, data cleaning, and business intelligence. He participates in the GSyA research group of the Department of Computer Science at the University of Castilla- LaMancha, in Ciudad Real (Spain). He belongs to various professional and research associations (COIICLM, ATI, ASIA, ISACA, eSEC, INTECO, etc).
Mario G. Piattini is MSc and PhD in Computer Science from the Politechnical University of Madrid. He is certified information system auditor by ISACA (Information System Audit and Control Association). He is Associate Professor at the Escuela Superior de Informática of the Castilla- La Mancha University (Spain). He is author of several books and papers on databases, security, software engineering and information systems. He leads the ALARCOS research group of the Department of Information Technologies and Systems at the University of Castilla- La Mancha, in Ciudad Real (Spain). His research interests are: advanced database design, database quality, software metrics, object-oriented metrics and software maintenance.