Skip to main content
SpringerLink
Log in

Weak Signals in Information Security Management

  • Conference paper
Computational Intelligence and Security (CIS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3802))

Included in the following conference series:

Abstract

Usually, information security management practices do not explicitly take account of weak signals, factors that lie below the detection surface, which may, however, constitute a huge security threat. This study analyses what kinds of weak signals are present in information security, followed by a discussion on their detection. Responses to weak signals are also considered as well as certain privacy concerns related to the issue. These issues are of great urgency not only for government officials responsible of public security and dealing with the current wave of terrorism, but also to corporate information security and top managers running the day to day business of their companies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ansoff, I.: Managing Strategic Surprise by Response to Weak Signals. California Management Review XVII(2) (1975)

    Google Scholar 

  2. Ansoff, I.: Implementing Strategic Management. Prentice Hall, Englewood Cliffs (1985)

    Google Scholar 

  3. Anttila, J., Kajava, J., Varonen, R.: Balanced Integration of Information Security into Business Management. In: Proceedings of the Euromicro 2004 Conference. IEEE Computer Society, Los Alamitos (2004)

    Google Scholar 

  4. British Standards Institution: A Code of Practice for Information Security Management, Department of Trade and Industry, DISC PD003 (1993)

    Google Scholar 

  5. British Standards Institution: BS 7799-2. Information Security Management Systems – Specification with Guidance for Use, Part 2, London (2002)

    Google Scholar 

  6. Gustafsson, R., et al.: Uuden sukupolven teknologiaohjelmia etsimässä (In Finnish, Executive Summary in English available), TEKES National Technology Agency of Finland (2003)

    Google Scholar 

  7. Information Technology Security Evaluation Criteria (ITSEC) Version 1.2, Commission for the European Communities (1991)

    Google Scholar 

  8. INFOSEC Assurance Capability Maturity Model (IA-CMM), Version 3.0 (2003)

    Google Scholar 

  9. ISO/IEC 15408. Information Technology – Security Techniques – Evaluation Criteria for IT Security (1999)

    Google Scholar 

  10. ISO/IEC 17799. Information Technology – Code of Practice for Information Security Management (2001)

    Google Scholar 

  11. ISO/IEC 21827. Information Technology – Systems Security Engineering – Capability Maturity Model SSE-CMM (2002)

    Google Scholar 

  12. ISO/IEC JTC1/SC27. Guidelines for the Management of IT Security (1995)

    Google Scholar 

  13. London, K.: The People Side of System – The Human Aspects of Computer Systems. McGraw-Hill, London (1976)

    Google Scholar 

  14. Murine, G.E., Carpenter, C.L.: Measuring Computer System Security Using Software Security Metrics. In: Finch, J.H., Dougall, E.G. (eds.) Computer Security: A Global Challenge. Elsevier Science Publisher, Barking (1984)

    Google Scholar 

  15. Royal Canadian Mounted Police: Security in the EDP Environment, 2nd edn., Gendarmerie Royale du Canada, Canada. Security Information Publication (1981)

    Google Scholar 

  16. Stacey, T.R.: Information Security Program Maturity Grid. Information Systems Security 5(2) (1996)

    Google Scholar 

  17. Trusted Computer System Evaluation Criteria (TCSEC) “Orange Book”, U.S. Department of Defense Standard, DoD 5200.28-std (1985)

    Google Scholar 

  18. VAHTI – Valtionhallinnon tietoturvallisuuden kehitysohjelma 2004-2006 (The Finnish Government Information Security Development Program 2004-2006), Finnish Ministry of Finance. In: Finnish, English summary available (2004)

    Google Scholar 

  19. Voas, J.: Why is it so Hard to Predict Software System Trustworthiness from Sofware Component Trustworthiness? In: Proceedings of the 20th IEEE Symposium on Reliable Distributed Systems, p. 179 (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Oulu, Oulu, Finland

    Jorma Kajava & Rauno Varonen

  2. VTT Technical Research Centre of Finland, Oulu, Finland

    Reijo Savola

Authors
  1. Jorma Kajava
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reijo Savola
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rauno Varonen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microelectronic Instiute, Xidian University, 710071, Xi’an, China

    Yue Hao

  2. Department of Computer Science, Hong Kong Baptist University, Kowloon Tong, Hong Kong

    Jiming Liu

  3. School of Computer Science and Technology, Xidian University, Xi’an, China

    Yu-Ping Wang

  4. Department of Computer Science, Hong Kong Baptist University, Hong Kong,  

    Yiu-ming Cheung

  5. School of Electrical and Electronic Engineering, University of Manchester, UK

    Hujun Yin

  6. Life Science Research Center, School of Electronic Engineering, Xidian University, 710071, Xi’an, Shaanxi, China

    Licheng Jiao

  7. Key Laboratory of Computer Networks and Information Security(Ministry of Education), Xidian University, 710071, Xi’an, China

    Jianfeng Ma

  8. National Laboratory of Antennas and Microwave Technology, Xidian University, 710071, Xi’an, Shanxi, P.R. China

    Yong-Chang Jiao

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kajava, J., Savola, R., Varonen, R. (2005). Weak Signals in Information Security Management. In: Hao, Y., et al. Computational Intelligence and Security. CIS 2005. Lecture Notes in Computer Science(), vol 3802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596981_75

Download citation

  • DOI: https://doi.org/10.1007/11596981_75

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30819-5

  • Online ISBN: 978-3-540-31598-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation