Skip to main content
SpringerLink
Log in
Book cover

International Conference on e-Infrastructure and e-Services for Developing Countries

AFRICOMM 2012: e-Infrastructure and e-Services for Developing Countries pp 279–288Cite as

A Model for Information Security Governance in Developing Countries

  • Conference paper

Abstract

The proliferation of e-business, e-services and e-governance in developing countries has resulted in businesses and governments becoming highly dependent on business information and related information technologies. Such information is, however, constantly exposed to real threats that could result in security breaches. If these are realised, the prevailing economic structure of a developing country, which is often frail and dependent on the success of its businesses, may be significantly affected as a result of monetary losses. It is thus vital for businesses in these countries to implement, manage and govern information security adequately so as to ensure that valuable information resources are effectively protected. Regrettably, many businesses in developing countries lack the expertise to perform these activities owing to a lack of resources or expertise. Accordingly, the aim of this paper is to establish a model for information security governance that can be implemented with little expertise, as well as minimal effort and capital outlay.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Von Solms, R.: Information security management (1): why information security is so important. Information Management & Computer Security 6(4), 174–177 (1998), doi:10.1108/EUM0000000004533

    Article  Google Scholar 

  2. Von Solms, S.H., Von Solms, R.: Information Security Governance. Springer (2008) ISBN 0387799834

    Google Scholar 

  3. Information technology - code of practice for information security management. Number 27002. International Organization for Standardization (ISO) (2005) ISBN 978-0-626-21372-5

    Google Scholar 

  4. Posthumus, S., Von Solms, R., King, M.: The board and IT governance: The what, who and how. South African Journal of Business Management 41(3), 23–32 (2010) ISSN 20785976

    Google Scholar 

  5. Von Solms, S.: Information Security - The Fourth Wave. Computers & Security 25(3), 165–168 (2006), doi:10.1016/j.cose.2006.03.004

    Article  Google Scholar 

  6. Institute of Directors in Southern Africa. King III Report on Corporate Governance. Institute Of Directors in Southern Africa, Parklands (2009) ISBN 2300000012576

    Google Scholar 

  7. IT Governance Institute. Cobit 4.1. ISACA (2007) ISBN 1933284722

    Google Scholar 

  8. Goodman, S., Harris, A.: Emerging markets: The coming african tsunami of information insecurity. Communications of the ACM 53(12), 24–27 (2010), doi:10.1145/1859204.1859215

    Article  Google Scholar 

  9. Peffers, K., Tuunanen, T., Rothenberger, M., Chatterjee, S.: A Design Science Research Methodology for Information Systems Research. Journal of Management Information Systems 24(3), 45–77 (2007), doi:10.2753/MIS0742-1222240302, ISSN 0742-1222

    Article  Google Scholar 

  10. European Multi stakeholder Forum on CSR. Final results & recommendations. Technical report, European Multi-stakeholder Forum on CSR (2004)

    Google Scholar 

  11. Raynard, P., Forstater, M.: Corporate social responsibility: Implications for small and medium enterprises in developing countries. Technical report, United Nations Industrial Development Organization (2002)

    Google Scholar 

  12. Wall, D.: The internet as a conduit for criminal activity. In: Patavina, A. (ed.) Information Technology and the Criminal Justice System. Sage Publications (2005)

    Google Scholar 

  13. Gupta, A., Hammond, R.: Information systems security issues and decisions for small businesses: An empirical examination. Information Management & Computer Security 13(4), 297–310 (2005), doi:10.1108/09685220510614425, ISSN 0968-5227

    Article  Google Scholar 

  14. Von Solms, R., Von Solms, S.: Information Security Governance: A model based on the Direct/Control Cycle. Computers & Security 25(6), 408–412 (2006), doi:10.1016/j.cose.2006.07.005

    Article  Google Scholar 

  15. IT Governance Institute. Information Security Governance: Guidance for Boards of Directors and Executive Management. IT Governance Institute, 2nd edn. (2006) ISBN 1933284293

    Google Scholar 

  16. Perera, O.: How material is iso 26000 to small and medium-sized enterprises (smes). Technical report, International Institute for Sustainable Development (2008)

    Google Scholar 

  17. Upfold, C.T., Sewry, D.A.: An investigation of Information Security in Small and Medium Enterprises (SMEs) in the Eastern Cape. In: Venter, H.S., Eloff, J.H.P., Labuschagne, L., Eloff, M.M. (eds.) Proceedings of the ISSA 2005 New Knowledge Today Conference, pp. 1–17 (2005)

    Google Scholar 

  18. Tawileh, A., Hilton, J., McIntosh, S.: Managing information security in small and medium sized enterprises: a holistic approach. Proceedings of the ISSE/SECURE, pp. 331–339 (2007)

    Google Scholar 

  19. Yildirim, E., Akalp, G., Aytac, S., Bayram, N.: Factors influencing information security management in small- and medium-sized enterprises: A case study from Turkey. International Journal of Information Management (November 2010), doi: 10.1016/j.ijinfomgt.2010.10.006, ISSN 02684012

    Google Scholar 

  20. Hoppe, O.A., Van Niekerk, J., Von Solms, R.: The Effective Implementation of Information Security in Organizations. In: Proceedings of the IFIP TC11 17th International Conference on Information Security: Visions and Perspectives, pp. 1–18. Kluwer, B.V., Deventer, The Netherlands (2002) ISBN 1-4020-7030-6

    Google Scholar 

  21. Vermeulen, C., Von Solms, R.: The information security management toolbox - taking the pain out of security management. Information Management & Computer Security 10(3), 119–125 (2002), doi:10.1108/09685220210431872

    Article  Google Scholar 

  22. Information technology - Security techniques - Information security management systems - Requirements. Number 27001. International Organization for Standardization (ISO) (2005) ISBN 0-626-17724-3

    Google Scholar 

  23. Von Solms, R., Von Solms, S.: Information security governance: Due care. Computers & Security 25(7), 494–497 (2006), doi:10.1016/j.cose.2006.08.013, ISSN 01674048

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for ICT Advancement, Nelson Mandela Metropolitan University, Port Elizabeth, South Africa

    Jacques Coertze & Rossouw von Solms

Authors
  1. Jacques Coertze
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rossouw von Solms
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Schloss Birlinghoven, Fraunhofer FOKUS, 53754, Sankt Augustin, Germany

    Karl Jonas

  2. State University of Zanzibar, Zanzibar, Tanzania

    Idris A. Rai

  3. University Yaoundé 1, Lirima, Cameroon

    Maurice Tchuente

Rights and permissions

Reprints and permissions

Copyright information

© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Coertze, J., von Solms, R. (2013). A Model for Information Security Governance in Developing Countries. In: Jonas, K., Rai, I.A., Tchuente, M. (eds) e-Infrastructure and e-Services for Developing Countries. AFRICOMM 2012. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 119. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41178-6_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41178-6_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41177-9

  • Online ISBN: 978-3-642-41178-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation