Organizational perspectives on converged security operations

IF 1.6 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS Information and Computer Security Pub Date : 2023-11-01 DOI:10.1108/ics-03-2023-0029
Herbert Mattord, Kathleen Kotwica, Michael Whitman, Evan Battaglia
{"title":"Organizational perspectives on converged security operations","authors":"Herbert Mattord, Kathleen Kotwica, Michael Whitman, Evan Battaglia","doi":"10.1108/ics-03-2023-0029","DOIUrl":null,"url":null,"abstract":"Purpose The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises. Design/methodology/approach This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence? Findings In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel. Research limitations/implications This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn. Practical implications Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations. Social implications Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats. Originality/value Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.","PeriodicalId":45298,"journal":{"name":"Information and Computer Security","volume":null,"pages":null},"PeriodicalIF":1.6000,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information and Computer Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ics-03-2023-0029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Purpose The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises. Design/methodology/approach This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence? Findings In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel. Research limitations/implications This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn. Practical implications Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations. Social implications Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats. Originality/value Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
聚合安全操作的组织视角
本文的目的是探讨当前商业企业中企业安全和网络安全流程之间的安全融合实践。设计/方法/方法本文是一个计划中的多阶段项目的第一阶段,旨在更好地了解商业组织正在实施的安全优化工作的当前实践,这些组织正在探索在降低运营成本的同时安全运营的手段和方法。调查的研究问题是:网络安全和企业安全融合的一般兴趣水平是什么?组织之间的趋同观点是如何一致的?组织在多大程度上追求融合?组织如何从融合中实现预期的结果?在组织中,向更优化的安全结构的演变,无论是合并还是合作,传统上都是由于计划外或不可预见的事件;例如,剥离/收购,新的安全领导或负面的安全事件是发起者。这与出于降低运营成本和/或改善结果以降低运营风险的原因而改变或增强安全结构的主动管理决策或正式计划形成对比。主要的例外是对监管要求的回应。初步研究结果表明,在单一领导者领导下的组织合并情况下,聚合组织的结果不一定更优化。优化最终可能取决于管理人员、网络安全和企业安全人员之间关系的强度和合作的开放性。本报告及其调查受访者的数量不支持可推广的发现。每个类别的答复太少,无法作出可靠的预测,在分析中,大多数类别的答复数量不足,无法得出可支持的结论。实践意义实践者可能会找到有用的上下文线索,以满足他们对趋同的需求,或者响应本报告中在其他一些组织中发现的趋同指令。随着组织在面对日益严重的网络安全威胁时变得更加高效,提高组织网络安全的有效性和/或降低成本将是一个有用的社会结果。原创性/价值融合作为一个概念在实践和研究界已经存在了一段时间。它最初是由ASIS国际和ISACA于2005年正式推广的。然而,对于这一术语并没有普遍认可的定义,也没有为实现这一定义而采取的措施。此外,为实现这一目标而采取的业务驱动因素和实践仍未得到充分理解。如果与其他结构相比,聚合操作的收敛或优化提供了更好的操作结构,那么就有责任发现是否存在可衡量的好处。本研究希望对安全协同优化的概念进行更全面的界定。最终的目标是开发和推广一种工具,用于组织衡量它们在这种连续体中的位置。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Information and Computer Security
Information and Computer Security COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
4.60
自引率
7.10%
发文量
23
期刊介绍: Information and Computer Security (ICS) contributes to the advance of knowledge directly related to the theory and practice of the management and security of information and information systems. It publishes research and case study papers relating to new technologies, methodological developments, empirical studies and practical applications. The journal welcomes papers addressing research and case studies in relation to many aspects of information and computer security. Topics of interest include, but are not limited to, the following: Information security management, standards and policies Security governance and compliance Risk assessment and modelling Security awareness, education and culture User perceptions and understanding of security Misuse and abuse of computer systems User-facing security technologies Internet security and privacy The journal is particularly interested in receiving submissions that consider the business and organisational aspects of security, and welcomes papers from both human and technical perspective on the topic. However, please note we do not look to solicit papers relating to the underlying mechanisms and functions of security methods such as cryptography (although relevant applications of the technology may be considered).
期刊最新文献
Informational inequality: the role of resources and attributes in information security awareness Organizational perspectives on converged security operations Applying the Goal, Question, Metric method to derive tailored dynamic cyber risk metrics Determining cybersecurity culture maturity and deriving verifiable improvement measures Exploring the role of assurance context in system security assurance evaluation: a conceptual model
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1