Managements Role in Information Security in a Cyber Economy Harvard Case Solution & Analysis

Information security is not a technical issue, it is a question of management. It rests on three pillars - the critical infrastructure, organization and technology. Despite the critical infrastructure are beyond the direct control of the organization, balancing them is an important component of corporate governance. Total security is neither technically feasible nor operational capacity. Thus, the organization must determine which information assets need to be protected and the degree of protection. As Internet commerce diffuses through society, will be reduced tolerance by customers for losses arising from actual or perceived vulnerability of cyberspace. Only top management can initiate plans and policies for the various aspects of security in a balanced and integrated manner. Leaving the security primarily IT functions will strengthen only one of the pillars, namely - technology - and will not give the desired results. Safety management failures failures than technical failures. This article presents an organizational approach to security that senior managers can use as a road map to initiate the security plans and policies and audit of their implementation. "Hide
by Amitava Datta, Kevin McCrohan Source: California Management Review 23 pages. Publication Date: 01 Oct 2002. Prod. #: CMR242-PDF-ENG

Share This

SALE SALE

Save Up To

30%

IN ONLINE CASE STUDY

FOR FREE CASES AND PROJECTS INCLUDING EXCITING DEALS PLEASE REGISTER YOURSELF !!

Register now and save up to 30%.