Abstract
Behavioural security, technical security and organisational security are inter-related. Issues addressing security should therefore consider those three pillars in common not in silos.
This paper summarizes a keynote speech held on this topic at the 16th IFIP Summer School on Privacy and Identity Management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
Some cyber-criminal business-cases could only materialize with the help of crypto-currencies.
- 10.
For instance, company networks opened to the Internet to allow for teleworking during the Covid-19 pandemic, leading to process and technical vulnerabilities.
- 11.
Stakeholder is defined in the standard ISO/IEC 31000 as “person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity.”
- 12.
- 13.
- 14.
- 15.
References
ENISA: Cybersecurity Culture Guidelines: Behavioural Aspects of Cybersecurity (2019). https://www.enisa.europa.eu/publications/cybersecurity-culture-guidelines-behavioural-aspects-of-cybersecurity
ENISA: Threat Landscape 2020 – Main Incidents (2020). https://www.enisa.europa.eu/publications/enisa-threat-landscape-2020-main-incidents
ENISA: Threat Landscape 2015 (2016). https://www.enisa.europa.eu/publications/etl2015
ENISA: Proactive detection – Good practices gap analysis recommendations (2020). https://www.enisa.europa.eu/publications/proactive-detection-good-practices-gap-analysis-recommendations
OpenIOC: Sophisticated Indicators for the Modern Threat Landscape: An Introduction to OpenIOC (2017)
ENISA: Exploring the opportunities and limitations of current Threat Intelligence Platforms (2018). https://www.enisa.europa.eu/publications/exploring-the-opportunities-and-limitations-of-current-threat-intelligence-platforms
ISO: ISO 31000:2018 Risk management — Guidelines (2018)
Europol: Internet Organised Crime Threat Assessment (IOCTA) (2020). https://www.europol.europa.eu/publications-events/main-reports/iocta-report
Verlaine, M.: On the extraction of cyber risks from structured products. Appl. Econ. 54, 22 (2021). https://doi.org/10.1080/00036846.2021.1998327
The Luxembourg Government – Ministry of the Economy: The Data-Driven Innovation Strategy for the Development of a Trusted and Sustainable Economy in Luxembourg (2019). https://gouvernement.lu/en/publications/rapport-etude-analyse/minist-economie/intelligence-artificielle/data-driven-innovation.html
The Luxembourg Government – Ministry of the Economy: Ons Wirtschaft vu muer – Roadmap for a competitive and sustainable economy 2025 (2021). https://meco.gouvernement.lu/en/publications/strategie/strategie-ons-wirtschaft.html
OECD: Digital Security Risk Management for Economic and Social Prosperity - OECD Recommendation and Companion Document (2015). https://www.oecd.org/sti/ieconomy/digital-security-risk-management.htm
OECD: OECD Studies on SMEs and Entrepreneurship: The Digital Transformation of SMEs (2021). https://www.oecd.org/publications/the-digital-transformation-of-smes-bdb9256a-en.htm
The Luxembourg Government – High Commission for National Protection: Stratégie nationale en matière de cybersécurité III (2018). https://hcpn.gouvernement.lu/en/publications/strategie-nationale-cybersecurite-3/strategie-nationale-cybersecurite-3/strategie-nationale-cybersecurite-3.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Thill, F. (2022). Information Security Risk Management. In: Friedewald, M., Krenn, S., Schiering, I., Schiffner, S. (eds) Privacy and Identity Management. Between Data Protection and Security. Privacy and Identity 2021. IFIP Advances in Information and Communication Technology, vol 644. Springer, Cham. https://doi.org/10.1007/978-3-030-99100-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-99100-5_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-99099-2
Online ISBN: 978-3-030-99100-5
eBook Packages: Computer ScienceComputer Science (R0)