In this paper it is described aspects of standardisation of information security and itsimplementation in banking and insurance companies in countries of Western Balkans. Interms of approaching the standards of EU, one of the areas that need to be fully justified isthe information security. It has been identified and applied a new dual methodology whichcovers measurement of same variables of information security into two opposite populations.Authors identify banking and insurance sector as a key sector for research due to sensitivityof financial data and information that these companies work with. Key obstacles inimplementation of information security come from managers who consider that existing levelof information security is on much higher level than it actually is. The authors have identifiedintensity of perception of information security and gap in perception between managers offinancial institutions and auditors, and rank of significant properties of information security.Factor analyses were conducted and four factors were identified which show managers’perception of information security. Also, the authors have identified attributes of marketingaspects of information security and market potential of information security of banking andinsurance sector in countries of Western Balkans.
Read full abstract