Information security management needs more holistic approach: A literature review

Information technology has dramatically increased online business opportunities; however these opportunities have also created serious risks in relation to information security. Previously, information security issues were studied in a technological context, but growing security needs have extended researchers' attention to explore the management role in information security management. Various studies have explored different management roles and activities, but none has given a comprehensive picture of these roles and activities to manage information security effectively. So it is necessary to accumulate knowledge about various managerial roles and activities from literature to enable managers to adopt these for a more holistic approach to information security management. In this paper, using a systematic literature review approach, we synthesised literature related to management's roles in information security to explore specific managerial activities to enhance information security management. We found that numerous activities of management, particularly development and execution of information security policy, awareness, compliance training, development of effective enterprise information architecture, IT infrastructure management, business and IT alignment and human resources management, had a significant impact on the quality of management of information security. Thus, this research makes a novel contribution by arguing that a more holistic approach to information security is needed and we suggest the ways in which managers can play an effective role in information security. This research also opens up many new avenues for further research in this area.     

The French defence industry in the knowledge management era: A historical overview and evidence from empirical data

In the defence industry the recent development of a ‘market for technology’, the creation of new European high-technology companies as well as transformations in government agencies have driven firms to reposition their technological and organizational skills. Our objective is to show that the transformations that have occurred in the past 10 years have not only redefined skills and the organization of production, but also have given a more strategic place to knowledge management (KM) practices. We provide a contextual and historical overview based on qualitative interviews, in order to better understand the relation between KM and innovative behaviour in this industry. We build an original industrial and technological database comprising various samples that provides quantitative information concerning KM and innovative practices. The results of the statistical analysis reveal the specificity of firms in this industry. Taking account of the size of these firms and their technological intensity, we show that the behaviour of defence industry firms in terms of KM practices, differs from that of other firms. This is evident from their technological performance, and innovation and patenting intensity. This structural tendency is explained as an innovative behaviour in the French national innovation system rather than merely a ‘trend’.     

How to design the master data architecture: Findings from a case study at Bosch

Master data management (MDM) is a topic of increasing prominence both in the scientific and in the practitioners’ information systems (IS) community. As a prerequisite for meeting strategic business requirements, such as compliance with regulations, business integration, or integrated customer management, MDM comprises numerous activities. One of the central activities is designing and maintaining the master data architecture. Interestingly, though, the scientific community has remained almost silent with regard to the question as to how companies should proceed when designing the master data architecture. In order to shed light on this unexplored topic, the paper at hand presents the findings of a case study at Bosch Group. The case study shows that designing the master data architecture is a multidimensional task which requires balancing the interests of various organizational stakeholders, managing an array of technical opportunities, and meeting requirements of numerous master data classes. Also, the case study suggests that taking advantage of architectural design patterns may be an appropriate way to adequately address the complexity of the task.     

Studying the amateur artist: A perspective on disguising data collected in human subjects research on the Internet

In the mid-1990s, the Internet rapidly changedfrom a venue used by a small number ofscientists to a popular phenomena affecting allaspects of life in industrialized nations. Scholars from diverse disciplines have taken aninterest in trying to understand the Internetand Internet users. However, as a variety ofresearchers have noted, guidelines for ethicalresearch on human subjects written before theInternet's growth can be difficult to extend toresearch on Internet users.In this paper, I focus on one ethicalissue: whether and to what extent to disguisematerial collected online in publishedaccounts. While some people argue thatvulnerable human subjects must always be madeanonymous in publications for their ownprotection, others argue that Internet usersdeserve credit for their creative andintellectual work. Still others argue thatmuch material available online should betreated as ``published.' To attempt to resolvethese issues, I first review my own experiencesof disguising material in research accountsfrom 1992 to 2002. Some of the thorniestissues emerge at the boundaries betweenresearch disciplines. Furthermore, manyhumanities disciplines have not historicallyviewed what they do as human subjects research. Next, I explore what it means to do humansubjects research in the humanities. Inspiredby issues raised by colleagues in thehumanities, I argue that the traditional notionof a ``human subject' does not adequatelycharacterize Internet users. A useful alternatemental model is proposed: Internet users areamateur artists. The Internet can be seen as aplayground for amateur artists creatingsemi-published work. I argue that thisapproach helps make some ethical dilemmaseasier to reason about, because it highlightskey novel aspects of the situation,particularly with regard to disguisingmaterial. Finally, I conclude by proposing aset of practical guidelines regardingdisguising material gathered on the Internet inpublished accounts, on a continuum from nodisguise, light disguise, moderate disguise, toheavy disguise.     

非传统安全研究的语言学途径:以安全话语隐喻图景建构为例

[目的/意义]语言贯穿于非传统安全的多个方面,不仅可以成为安全化的指涉对象,还能够发挥其修辞、认知、评价与建构功能赋予存在性威胁以合法性,影响受众对国家政策的接受度。深入探究隐喻图景与反恐现实之间的关联,有助于发挥隐喻在反恐情报汇集、甄别与研判中的重要作用。[方法/过程]选取12个国家的52家主流媒体相关报道建立非传统安全话语专题语料库,使用Wmatrix语料库软件和语义网络分析技术整体呈现隐喻图景,揭示隐喻模式及其蕴涵意义。[结果/结论]恐怖主义媒介话语的隐喻图景以犯罪隐喻、战争隐喻、道德隐喻、疾病隐喻和自然隐喻为主要的隐喻类别,通过揭示恐怖主义基本特征、塑造参与者身份形象、描述两极化与妖魔化的故事情节、激活受众认知框架并做出道德评价等方式建构出一幅复杂多元的隐喻图景。隐喻通过塑造受众的认知模式间接地作用于反恐政策的制定与实施,是拓展非传统安全研究维度的可能路径。