Abstract
The aim of this work is focused on research of information security in organizations, with a focus on cybersecurity. In accordance with the theoretical analysis, the subject of the empirical part of the work is the analysis of information security in Serbia, in order to better understand the information security programs and management structures in organizations in Serbia. The survey covers a variety of industries and discusses how organizations assess, develop, create and support their programs to ensure information security. The survey included 53 companies. The results that were obtained enabled us to select five core elements of the program on the state of information security and cybersecurity in Serbian companies: most companies had not been exposed to cybersecurity incidents; in most companies policy, procedures and spheres of responsibility for information security exist, there are not enough controls to ensure compliance with relevant safety standards by third parties, top management and end-users are insufficiently familiar with cybersecurity risks, although they apply basic measures of protection, safety protection systems are very rare. The scientific goal of this work is to, on the basis of the results obtained, make conclusions that can contribute to the study of corporate information security with special emphasis on cybersecurity. The practical aim of the research is the application of the results for more efficient implementation process of security against cyber attacks in the Serbian organizations.
Highlights
An organization, as a social system, consists of people who have their own expectations from it
The instrument we use is made from the questionnaire for determining the level of information security in organizations in Serbia, that has been created for this research
To get to know the current state of information security program and management structure of the Serbian organizations, we conducted a survey on information security
Summary
As a social system, consists of people who have their own expectations from it. The organization's purpose is to provide: personalsatisfaction to its employees and managers, social structure, efficiency, flexibilityand creation of identity(Stojanović et al.,2013,p.75). The number of incidents in the information security is growing throughout the world, from passive monitoring of announcements to real attacks. The data from many studies around the world show that the number of cyber attacks is relatively small, this does not mean that organizations are not at risk. They can have a sense of false security. Taking into account global trends and an increase in the number of attacks, and not to think about cyber security matters, in the end can lead to many Serbian companies become victims of hackers
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
