Title :
Systemic Security Management
Author :
Kiely, Laree ; Benzel, Terry V.
Abstract :
The University of Southern California´s Institute for Critical Information Infrastructure Protection (ICIIP) developed a conceptual framework for enterprise security. ICIIP (which shouldn´t be confused with the Institute for Information Infrastructure Protection, or I3P) sought to close the gap between the current corporate cybersecurity risk profile and what´s needed to protect the US´s critical infrastructure information. The ICIIP framework analyzes organizational systems (not computer systems, but rather coordinated organizational bodies), incorporates multiple disciplines, and makes recommendations about those systems´ structure and relationships
Keywords :
organisational aspects; risk management; security of data; Institute for Critical Information Infrastructure Protection; corporate cybersecurity risk profile; critical infrastructure information; enterprise security; organizational systems; systemic security management; Communication system security; Computer security; Crisis management; Data security; Human factors; Information security; Information systems; Privacy; Protection; Risk management; Institute for Critical Information Infrastructure Protection; enterprise security; systemic security management;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2006.167
