Abstract
Securing information is vital for the survival of many organizations. Therefore, information must be proactively secured against harmful attacks. This securing of information becomes more complex when such information is transmitted over networks. This paper identifies five non-technical pillars (essentials) for network security management. For each pillar a number of specific actions are specified, resulting in a check list for a high level evaluation of the security status of these 5 pillars in a networked environment.
Chapter PDF
Similar content being viewed by others
5. References
CCH Enterprises Solutions 2000: “Security is a management issue, not a technology issue.” Online: www.cch.za/es/news/articles/news59
CCTA-Championing Electronic Government, 1999: Online: http://www.ccta.gov.uk/index.htm
Department of trade and industry, 2000: “Information Security Management Policy.” Online: http://www.dti.gov.uk
Finne T., 2000: “Information systems risk Management: Key concepts and business processes.” Computer & Security, 19(3) 2000.
Guidelines for Management of IT Security — GMITS, 2000 Online: http://www.cancert.ca/Pages/lSStandards.htm
IIA, AICPA 2000: “A call to action for corporate governance.” Online: http://www.nitc.state.ne.us/tp/workgroups/security.htm
“Information Security Governance: Guide for Boards of Directors and Executive Management.” IT Governance Institute
International Federation of Accountants, 1998: “Managing Security of Information.”
Katzke S., 2001: “Security Metrics.” Online: http://www.acsac.org/measurement/position-papers
Kwok L. & Longley D., 1999; “Information Security Management and Modeling.” Information Management & Computer Security. Vol 7, 1999.
Lewis A., 2002: “Time to elevate IT security to the boardroom” E-Secure, Volume 1, Issue 1.
Lewis R. 2003: “The need for Establishing a Security Awareness Training Program,” As part of GIAC practial respository. SANS Institute
National Institute of Standards and Technology 2000: “An Introduction to Computer Security.” Online available: www.nist.gov
Netigy 2001: “Information security awareness program.” Online: http://www.netigy.com/solutions/security/sec_foundation/infosec_aware.htm Author unknown.
Von Solms S.H., 2000: “Information Security-The third wave?” Computer and Security, Volume 19, Issue 7.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this paper
Cite this paper
Kritzinger, E., von Solms, P.S. (2005). Five Non-Technical Pillars of Network Information Security Management. In: Chadwick, D., Preneel, B. (eds) Communications and Multimedia Security. IFIP — The International Federation for Information Processing, vol 175. Springer, Boston, MA. https://doi.org/10.1007/0-387-24486-7_21
Download citation
DOI: https://doi.org/10.1007/0-387-24486-7_21
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-24485-3
Online ISBN: 978-0-387-24486-0
eBook Packages: Computer ScienceComputer Science (R0)