Achieving Business Value in Information Security
Zusammenfassung
The beginning of the 21st century with the fear of the "Year 2000"-threat (Y2K) became a milestone for the "Information Age", a term coined for the post-industrial stage of leading countries [ ] when information and information technologies become the main strategic national resource which results in an avalanche growth of information dependence in all spheres of society and state activities.. In organisations the awareness of the dependence on information has led to corporate initiatives to treat information as an asset, which includes various efforts for its protection. Management trends such as "knowledge management" have identified "knowledge sharing" as a new means for achieving competitive advantage, thus promoting information to be disseminated. Due to an ever closer relationship with customers, suppliers and even competitors, organisations have expanded their "information network" outside of the original boundaries.
The dualism of protection of information assets on the one hand and a free flow of information has been identified to become a challenge for organisations, described as [ ] how to satisfy this need to share information without exposing the organization to undue risk.. With the information society implying radical changes, the need to act has been accelerated by a new mindset reacting to the advent of "e-business".
Information Security (InfoSec) is often mistaken to be a purely technical issue, handled by information system (IS) departments and used as a synonym for firewall, access controls, and encryption of e-mails. However, because of the risks involved for an organisation - including legal liabilities, loss of trust and severe financial damage - InfoSec needs to be a top management issue. Then again, although paying lip-service to treating information as an asset, top-management usually does not act upon it: the average InfoSec spending in the U.S. today is only 0.4 percent of an organisations revenue.
In the following work it will be shown that a new approach to and a new understanding of InfoSec is vital for organisations to excel in the challenges faced by the information environment of the 21st century. The key focus of this study is to link existing InfoSec approaches to the concept of business value by ensuring their strategic fit with the corporate objectives. The first part will provide a common foundation with an evaluation of the role of information for organisations, relevant trends […]
Leseprobe
Inhaltsverzeichnis
The Author
Torsten Kriedt, born in Munich in 1971, started his dual-degree course in European Business Studies, for which he held a scholarship of the ‘Stiftung der Deutschen Wirtschaft’, the foundation initiated by the German employers’ federation (BDA) for high potentials, after a 7.5 years career in the business travel industry.
Having majored in International Finance Management he graduated with distinction in February 2002 as Diplom-Betriebswirt (Fh) from the University of Applied Sciences, Regensburg (Germany), and as Bachelor of Arts with First Class Honours Degree in European Business Studies from Oxford Brookes University, Oxford (England). His interest in the business value of information was triggered during his time with the internal management consultancy of the UK Post Office Group, in which he was member of the Enterprise Planning Team and the knowledge management special interest group.
Since February 2002 he has been employed as Director Strategic Projects with TQ3 Travel Solutions, one of the leading global travel management companies. Based in London, he is responsible for the successful management and development of the strategic project portfolio in Europe, Middle-East, Africa and Asia/Pacific; his current focus is the global implementation of a new business methodology for travel expense management consulting with a focus on change leadership and value management. Adapted to travel management his concept of the maturity model as blueprint for enterprise transformation has already been very handy for his new role...
The author can be reached on InfoSec@Solesa.com
[...]
Details
- Seiten
- Erscheinungsform
- Originalausgabe
- Jahr
- 2001
- ISBN (eBook)
- 9783832460099
- ISBN (Paperback)
- 9783838660097
- DOI
- 10.3239/9783832460099
- Dateigröße
- 973 KB
- Sprache
- Englisch
- Institution / Hochschule
- Fachhochschule Regensburg – unbekannt
- Erscheinungsdatum
- 2002 (Oktober)
- Note
- 1,3
- Schlagworte
- maturity model balanced scorecard change management knowledge enterprise
