Information Security Management: A Case Study in a Portuguese Military Organization

Information Security Management: A Case Study in a Portuguese Military Organization

José Martins, Henrique dos Santos, António Rosinha, Agostinho Valente
Copyright: © 2013 |Pages: 17
DOI: 10.4018/ijcwt.2013070103
(Individual Articles)
No Current Special Offers


The authors present a Case Study conducted in a Portuguese military organization, to answer the following research questions: (1) what are the most relevant dimensions and categories of information security controls applied in military organizations? (2) What are the main scenarios of information security incidents that are expected to occur? (3) What is the decision process used for planning and selection information security controls? This study reveals that: (1) information security within the military organization is built on the basis of physical and human attack vectors, and targeting the infrastructure that supports the flow of information in the organization; (2) the information security controls applied in the military organization are included in ISO/IEC 27001; (3) planning and selection of applied information security controls are made by decision makers and information security specialists. It appears that specialists impose their planning options essentially seeking to select and retrieve past successful information security cases.
Article Preview

Research Plan

Given the numerous military organizations of the Portuguese Army, the first task was defining the criteria for the selection of the military organization, namely:

  • 1.

    A level one military organization that possesses critical information to the Portuguese Army (information criterion);

  • 2.

    The excellence of the organization’s management model if possible based on processes (governance criterion);

  • 3.

    Having a technologically advanced Information System at the level of the Portuguese Army (technology criterion).

Complete Article List

Search this Journal:
Volume 14: 1 Issue (2024)
Volume 13: 1 Issue (2023)
Volume 12: 4 Issues (2022): 2 Released, 2 Forthcoming
Volume 11: 4 Issues (2021)
Volume 10: 4 Issues (2020)
Volume 9: 4 Issues (2019)
Volume 8: 4 Issues (2018)
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing