Abstract
In this paper it is described aspects of standardisation of information security and itsimplementation in banking and insurance companies in countries of Western Balkans. Interms of approaching the standards of EU, one of the areas that need to be fully justified isthe information security. It has been identified and applied a new dual methodology whichcovers measurement of same variables of information security into two opposite populations.Authors identify banking and insurance sector as a key sector for research due to sensitivityof financial data and information that these companies work with. Key obstacles inimplementation of information security come from managers who consider that existing levelof information security is on much higher level than it actually is. The authors have identifiedintensity of perception of information security and gap in perception between managers offinancial institutions and auditors, and rank of significant properties of information security.Factor analyses were conducted and four factors were identified which show managers’perception of information security. Also, the authors have identified attributes of marketingaspects of information security and market potential of information security of banking andinsurance sector in countries of Western Balkans.
Highlights
Information technology security is currently one of the most important topics that users and providers of information technology are facing
We present the textual interpretations of the results gathered from 35 banking and insurance companies and 4 information security auditing companies
The biggest gap in perception was in Organisation of Information Security (2.24) while lowest gap in perception was in Information System Acquisition, Development and Maintenance (0.99)
Summary
Information technology security is currently one of the most important topics that users and providers of information technology are facing. This means that they are more vulnerable on information threats. There are number of threats within and outside organisation that must be taken into account. These problems are caused by threats such as illegal access, malware, spam mails, and system troubles (Takemura, Osajima and Kawano, 2009). Consequences of these threats can occur in forms of destroying resources, malfunction of applications and data, denial of service, stealing the service and stealing the resources (Seen, 2004)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
