TY - GEN
T1 - Coping with systems threats
T2 - 2006 IEEE International Conference on Management of Innovation and Technology, ICMIT 2006
AU - Chang, Arthur Jung Ting
AU - Yeh, Quey Jen
PY - 2006
Y1 - 2006
N2 - Modernized information systems (IS) have brought enterprises not only enormous benefits, but also linked information threats. Most enterprises solve their IS security-related problems using technical means alone, and focus on technical rather than managerial controls, which may imply potential crises. This study examines whether the security preparation of Taiwan's firms matches the severity of IS threats they perceive, especially in issues concerning 'people' and 'administration'. The empirical data was provided by 109 Taiwan's enterprises from four industries. The analytical results revealed differences in both the IS threats concerned and the security scopes prepared among the four sectors. Moreover, the preparation scopes were not commensurate with the perceived severity of threats. All four industries rated the network as posing the strongest threat, followed by regulation and personnel issues, while among the countermeasures in use, these three issues have larger application deficiencies. This study concludes that firms do not well prepare themselves against IS threats entailed to non-technical administration issues and discusses appropriate threat mitigation strategies for an firm in the four sectors and with the three levels of computerization. Specifically, firms should be aware of IS threats to their business and prepare suitable security protections.
AB - Modernized information systems (IS) have brought enterprises not only enormous benefits, but also linked information threats. Most enterprises solve their IS security-related problems using technical means alone, and focus on technical rather than managerial controls, which may imply potential crises. This study examines whether the security preparation of Taiwan's firms matches the severity of IS threats they perceive, especially in issues concerning 'people' and 'administration'. The empirical data was provided by 109 Taiwan's enterprises from four industries. The analytical results revealed differences in both the IS threats concerned and the security scopes prepared among the four sectors. Moreover, the preparation scopes were not commensurate with the perceived severity of threats. All four industries rated the network as posing the strongest threat, followed by regulation and personnel issues, while among the countermeasures in use, these three issues have larger application deficiencies. This study concludes that firms do not well prepare themselves against IS threats entailed to non-technical administration issues and discusses appropriate threat mitigation strategies for an firm in the four sectors and with the three levels of computerization. Specifically, firms should be aware of IS threats to their business and prepare suitable security protections.
UR - http://www.scopus.com/inward/record.url?scp=34249737486&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34249737486&partnerID=8YFLogxK
U2 - 10.1109/ICMIT.2006.262308
DO - 10.1109/ICMIT.2006.262308
M3 - Conference contribution
AN - SCOPUS:34249737486
SN - 1424401488
SN - 9781424401482
T3 - ICMIT 2006 Proceedings - 2006 IEEE International Conference on Management of Innovation and Technology
SP - 689
EP - 693
BT - ICMIT 2006 Proceedings - 2006 IEEE International Conference on Management of Innovation and Technology
Y2 - 21 June 2006 through 23 June 2006
ER -