Abstract
Information security to date has been driven a lot of attention in business world. The cyber security standards play significant and crucial role in promoting feasible approaches to organizations while making comprehensive strategical planning. This paper aims at providing a systematic overview of information technology (IT) security management in organizations. Conducted a structured literature from academic database and industry whitepapers, we review a number of the critical issues and challenges facing the industry today and in the future. In line with the fundamental elements of information security, we propose an integrated framework to understand the current situation of IT security management. In particular, we focus on several critical fundamental functions of IT security management: Security and Risk Management, Security Operations, and Security Assessments and Testing. Then, we use the proposed framework as a lens to discuss and solve the security issues in bring your own device (BYOD) in organizations. Keywords: IT security, IT security framework, bring your own device DOI : 10.7176/EJBM/12-18-01 Publication date :June 30th 2020
Highlights
The rapid development in information technology (IT), the accessibility it offers, and ease of use have contributed to an increasing tendency for organizations to invest in developing information systems (Jones et al, 2005)
The purpose of this paper is to provide a systematic overview of information technology security management in organizations
This study attempts to provide a comprehensive understanding of IT security management for business organizations
Summary
The rapid development in information technology (IT), the accessibility it offers, and ease of use have contributed to an increasing tendency for organizations to invest in developing information systems (Jones et al, 2005). Since the internet has been widely implemented into modern business processes, organizations are more susceptible to potential attacks on their information systems (Bojanc and Jerman-Blazic, 2008; Silva et al, 2014). These attacks may lead to security failures that cause huge losses (e.g., market failure) for companies (Chen et al, 2011). Many organizations applied the Failure Mode and Effects Analysis (FMEA) in identifying flaws of key processes in the operation level since it offers a set of measures and comparison, as well as provides an effective way to build business process knowledge (Silva et al.,2014)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
