information security management in the context of globalization
DESCRIPTION
Presentation from the 69th Annual MeetingThe Polish Institude of Arts & Sciences of AmericaTRANSCRIPT
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
Information Security ManagementInformation Security Managementin context of globalizationin context of globalization
69th Annual Meeting69th Annual MeetingThe Polish Institude of Arts & Sciences of AmericaThe Polish Institude of Arts & Sciences of America
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
22
Globalizations definitionsGlobalizations definitionsDifferent authors define globalization as:
internationalization
liberalization
universalization
westernization
relations building
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
33
Globalization and IT influenceGlobalization and IT influence
Globalization Informationtechnology
Accelerates globalization trends
Changes conditions for IT (new threats)
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
44
Information security issuesInformation security issuesIS is often overlooked in management decisions
Outsourcing of IT is welcome due to short run cost decrease
Functionality more important than security (applications)
IS departments detached from the rest of the company
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
55
Approach to IS in PolandApproach to IS in PolandIncreasing awareness of risks related to IS among managersChanges in law
protection of personal dataprotection of classified informationprovision of electronic servicescomputerization of public serviceICT requirementsminimum requirements for information systems
Additional requirements for public administration
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
66
Example of local government offices in PolandExample of local government offices in Poland
other services
permission to sell alcoholic beverages
registry office
issuing identity cards
census
monitoring the status of the case
permission for felling trees
taxes, tax information
download of forms and applications
public information
entrepreneur registration
access to the electoral register
complaints, petitions, inquiries to the office
0% 10% 20% 30% 40% 50% 60%
planned current percentage of offices
Services provided by offices electronically
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
77
Example of local government offices in PolandExample of local government offices in Poland
28%
25% 16%
6%
9%
15%
brak < 10% 11 – 20%21 – 50% 51 – 75% 76 – 100%
Officials trained in information security
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
88
Example of local government offices in PolandExample of local government offices in Poland
57%
39%
4%
no audits audits done by employees (internal)
audits carried out by an external organization
Information security audits in 2010
dr Sławomir Wawak, 2011dr Sławomir Wawak, 2011
99
ISO 27001ISO 27001ISO 27001:2005 – Information Security Management Systems – Requirements
confidentialityavailabilityintegritybusiness continuity
System approach to ISStep towards conscious IS management in companies as well as public administration