It security management and business process automation: Challenges, approaches, and rewards

Information Systems Security

Volumn 16, Issue 2, 2007, Pages 114-122

  Tracy, Richard P ^a  

^a Telos Corporation   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 84859059243     PISSN: 1065898X     EISSN: None     Source Type: Journal    
DOI: 10.1080/10658980601051706     Document Type: Article

References (17)

1. De Santis, J. (2004). –Do the right thing' for continuous protection and network safety.— Computerworld, October 7. http://www.com- puterworld.com/securitytopics/security/story/0,10801,96417,00. html
2. Ye, T.-S. and Hon, L.-W. (2005). How Much Security Is Enough? CIO Asia, March. http://cio-asia.com/ShowPage.aspx?pagetype=2& articleid=278&pubid=5&issueid=25
3. Richard A. Caralli et al., –The Critical Success Factor Method: Establishing a Foundation for Enterprise Security Management,— Carnegie Mellon University Software Engineering Institute, July 2004.
4. Wood, C. C. (2004). Action-forcing mechanisms encourage policy compliance. SearchSecurity.com, April 14. http://searchsecurity. techtarget.com/tip/1,289483, sid14_gci959197,00.html
5. Peltier, T. R. (2005). Implementing an Information Security Awareness Program. Security Management Practices, May/June, p. 37.
6. Chapple, M. (2005). Four ways to measure security success. Search- Security, March 22.9.
7. Berg, A. (2004). Six key practices for a successful Interdepartmental security committee. SearchSecurity, May 25. http://searchsecurity. techtarget.com/tip/1,289483, sid14_gci966036,00.html
8. Berinato, S. (2003). The Future of Security. CIO Magazine, December 15. http://www.cio.com/archive/121503/securityfuture.html
9. Vijayan, J. (2005). Study: Insider Revenge Often Behind Business Cyberattacks. Computerworld, May 23. http://www.computer- world.com/securitytopics/security/story/0,10801,101900,00.html
10. Vacca, J. R. (2005). All the Rage: Security Spending Not a Solution to Problems. Network Computing, March 7. http://www.nwc.secu- ritypipeline.com/trends/60401432.
11. Discini, S. (2005). Addicted to Security? eSecurity Planet, March 23. http://www.esecurityplanet.com/best_practices/article.php/ 3492251.
12. Richard A. Caralli et al., –The Challenges of Security Management,— Carnegie Mellon University Software Engineering Institute (2004). http://www.cert.org/ archive/pdf/ESMchallenges.pdf
13. Richard A. Caralli et al., –Managing for Enterprise Security,— Carnegie Mellon University Software Engineering Institute, December 2004, p. 4. http://www.cert.org/archive/pdf/04tn046.pdf
14. Sweeney, T. (2005). Opinion: Security Is a Process, Not an Endpoint. Security Pipeline, May 5. http://www.securitypipeline. com/policy_privacy/162600266
15. Drew, S. (2005). Reducing Enterprise Risk with Effective Threat Management. Information Security Management, January/February, p. 41.
16. Galletto, N. (2003). Information Security: Protecting Critical Assets in the New Economy. Government Purchasing Guide, April/May.
17. Drew, S. (2005). p. 41.