Author :
Fenz, Stefan ; Parkin, Simon ; Van Moorsel, Aad
Abstract :
Does every organization need to reinvent the wheel when it comes to IT security? Not if the IT community can develop a formal knowledge base for sharing and applying IT security management knowledge. Corporate IT security managers have a difficult time staying on top of the endless tide of new technologies and security threats sweeping into their organizations and information systems. The effectiveness of security controls must be balanced with a variety of operational issues, including the impact on employee productivity, legal and ethical stipulations, and business and financial concerns. IT security managers in different organizations face many of the same threats and establish similar solutions, and they´re often gathering and applying the same knowledge. However, they´re doing so largely on their own, which is clearly inefficient. We propose a formalized community project for sharing and applying IT security management knowledge. Here, we present our community knowledge-base prototype, designed to benefit IT security managers in a variety of organizations.
Keywords :
information systems; knowledge based systems; knowledge management; personnel; productivity; security of data; IT community; IT security management knowledge; business concern; community knowledge base; corporate IT security; employee productivity; ethical stipulation; financial concern; formal knowledge base; formalized community project; information system; knowledge sharing; legal stipulation; organization; security control; security threat; Communities; Data security; Knowledge based systems; Management; Security and protection; information technology; knowledge acquisition; knowledge management;
