SCOPE
Information Security Management is an issue that managers and decision makers have to deal with, especially when the organization's activity deeply depends on ITC resources. Caring about information security is no more an option, but a management objective that needs to be managed as any other organizational resource. The use of new technologies, the increase use of the Internet, the emergence of the Internet-enabled services (BYOD and IoT), software logs and mobile applications, have altogether promoted the collection of massive amounts of data, contributing to the emergence of the concept of Big Data. A growing portion of that data is directly or indirectly related to security events, creating a true nightmare to security managers. In this context, it is fundamental de adopt decision support systems in the information security domain, to support management decisions. Currently, the rapid response to the security events and the establishment of preventive actions to manage security are starting to become a competitive strategy to organizations.
This special session provides a forum for researchers and practitioners to discus practical challenges encountered and solutions adopted in the scope of Information Security Intelligence and all related issues.
Main topics:
- Information Security (InfoSec);
- Information Security Management (ISM);
- Decision Support System for ISM;
- Big Data within InfoSec;
- Small-to-medium Size Enterprises Security Management;
- Collaborative decision making in Security Management;
- Data Loss;
- InfoSec Risk Management;
- InfoSec Analysis;
- InfoSec monitoring and auditing;
- Ontologies to InfoSec domain;
- Security of critical information operations;
- Perception within Security Management;
- InfoSec awareness;
- InfoSec governance;
- InfoSec standards and good practices;
- InfoSec Controls;
- Risk assessment;
- Risk evaluation;
- Domain specific security management issues (Healthcare, Financial and e-Government);
- InfoSec and ISM case studies;
- Frameworks for risk management