Title :
Security through Information Risk Management
Author :
Johnson, M. Eric ; Goetz, Eric ; Pfleeger, Shari Lawrence
Author_Institution :
Dartmouth Coll., Hanover, NH
Abstract :
Managing information risk means building risk analysis into every business decision. Chief information security officers widely agree that action plans must include risk categorization, communication, and measurement.
Keywords :
risk management; security of data; information risk management; information security officers; Business; Companies; Corporate acquisitions; Cryptography; Data security; Information security; Manufacturing; Privacy; Protection; Risk management; CISO; chief information security officer; information risk; organizational; security;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2009.77
