Show simple item record

dc.contributor.authorLoft, Paul
dc.contributor.authorHe, Ying
dc.contributor.authorJanicke, Helge
dc.contributor.authorWagner, Isabel
dc.date.accessioned2019-04-12T13:01:15Z
dc.date.available2019-04-12T13:01:15Z
dc.date.issued2019-04-05
dc.identifier.citationLoft, P., He, Y., Janicke, H. and Wagner, I. (2019) Dying of a Hundred Good Symptoms: Why Good Security Can Still Fail - A Literature Review and Analysis. Enterprise Information Systems,en
dc.identifier.issn1751-7575
dc.identifier.urihttps://www.dora.dmu.ac.uk/handle/2086/17710
dc.description.abstractMany organizations suffer serious information security incidents, despite having taken positive steps towards achieving good security standards. Security certifications and high levels of maturity may have been obtained, but fundamental security problems remain. The authors hypothesize that these issues are often as a result of security arrangements not being sufficiently integrated with how the whole organization actually goes about its business. Whether embarking on a new Enterprise Information System (EIS) or refreshing a security strategy, we believe that adopting an enterprise architecture (EA) approach to implementing information security – commonly referred to as an ‘Enterprise Information Security Architecture’ (EISA) - will deliver substantial benefits. However, EAs typically require specialist resources to develop and maintain them, and this takes time; which makes it difficult for architectures to keep pace with business change. These barriers must be overcome if the EISA is to be effective. Our paper has reviewed and analyzed literature concerning the root causes of information security incidents and describes a novel approach for ensuring that the most critical factors are considered when building an EISA framework. We propose 8 domains that must be managed together to ensure that an EISA is successful.en
dc.language.isoenen
dc.publisherTaylor & Francisen
dc.subjectInformation Securityen
dc.subjectEnterprise Information Security Architecture (EISA)en
dc.subjectSecurity Failuresen
dc.titleDying of a Hundred Good Symptoms: Why Good Security Can Still Fail - A Literature Review and Analysisen
dc.typeArticleen
dc.identifier.doihttps://doi.org/10.1080/17517575.2019.1605000
dc.peerreviewedYesen
dc.funderNo external funderen
dc.cclicenceCC-BY-NCen
dc.date.acceptance2019-04-05
dc.researchinstituteCyber Technology Institute (CTI)en


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record