Skip to main content
SpringerLink
Log in

Evaluation of Information Security Approaches: A Defense Industry Organization Case

  • Conference paper
Challenges of Information Management Beyond the Cloud (IMCW 2013)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 423))

Included in the following conference series:

  • 888 Accesses

Abstract

Information security systems are important to ensure business continuity and protect organizations against potential risks. In this context organizations have to analyze their information system processes and they should develop their information systems according to results of the analysis. This paper aims to evaluate the current information security approaches in a defense industry organization in Turkey. The case of the assessment demonstrates information security standards and approaches and reflects the importance of information security implementation within the organizations. In order to achieve research objectives and aims, Information Security Assessment Tool for State Agencies (an information security assessment tool) was chosen as the research instrument for this study. The results obtained from the assessment tool revealed that major applications were implemented by the defense industry organization. According to the assessments, the study recommends that education and training programs and policies should be developed, and that interoperability of information security functions should be provided in the defense industry.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Blackley, B., McDermott, E., Geer, D.: Information Security is Information Risk Management. In: Proceedings of the 2001 Workshop on New Security Paradigms, pp. 97–104. ACM, New York (2001)

    Chapter  Google Scholar 

  2. Canbek, G., Sağıroğlu, Ş.: Bilgi, Bilgi Güvenliği ve Süreçleri Üzerine Bir Inceleme [An Evaluation on Information, Information Security and Processes]. Politeknik Dergisi 9(3), 165–174 (2006)

    Google Scholar 

  3. Doğantimur, F.: ISO 27001 Çerçevesinde Kurumsal Bilgi Güvenliği [Organizational Information Security within the Framework of ISO 27001]. Unpublished thesis of professional competence, Ministry of Finance (2009)

    Google Scholar 

  4. Vural, Y., Sağıroğlu, Ş.: Kurumsal Bilgi Güvenliği ve Standartları Üzerine bir İnceleme [A Review on Organizational Information Security and Standards]. Gazi Üniversitesi Mühendislik ve Mimarlık Fakültesi Dergisi 23(2), 507–522 (2008)

    Google Scholar 

  5. DPT: e-Dönüşüm Türkiye Projesi Birlikte Çalışabilirlik Esasları Rehberi [e-Transformation Turkey Project Principles of Interoperability Guide]. Devlet Planlama Teşkilatı, Ankara (2005)

    Google Scholar 

  6. DPT: Bilgi Toplumu Stratejisi Eylem Planı (2006- 2010) [Information Society Strategy Action Plan (2006- 2010)]. Devlet Planlama Teşkilatı, Ankara (2006)

    Google Scholar 

  7. Bilisim 2023 Derneği, http://bilisim2023.org/index.php?option=com_content&view=article&id=189:tuerkyede-blg-guevenl-yatirimlari-artiyor&catid=7:goerueler&Itemid=18

  8. Thomas, G.: A Typology for the Case Study in Social Science Following a Review of Definition, Discourse and Structure. Qualitative Inquiry 17(6), 511–521 (2011)

    Article  Google Scholar 

  9. Zainal, Z.: Case Study as a Research Method. Jurnal Kemanusiaan Bil 9, 1–5 (2007)

    Google Scholar 

  10. Scarfone, K., Souppaya, M., Cody, A., Orebaugh, A.: Technical Guide to Information Security Testing and Assessment: Recommendations of the National Institute of Standards and Technology. U.S. Department of Commerce, Gaithersburg (2008)

    Google Scholar 

  11. Risk Assessment Toolkit, http://www.cio.ca.gov/OIS/government/risk/toolkit.asp

Download references

Author information

Authors and Affiliations

  1. Department of Information Management, Hacettepe University, Ankara, Turkey

    Tolga Çakmak & Şahika Eroğlu

Authors
  1. Tolga Çakmak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Şahika Eroğlu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hacettepe University, 06800, Beytepe, Turkey

    John N. Gathegi  & Serap Kurbanoğlu  & 

  2. Department of Information Management, Hacettepe University, 06800, Beytepe, Ankara, Turkey

    Yaşar Tonta

  3. Hacettepe University, 06800, Ankara, Turkey

    Umut Al  & Zehra Taşkın  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Çakmak, T., Eroğlu, Ş. (2014). Evaluation of Information Security Approaches: A Defense Industry Organization Case. In: Gathegi, J.N., Tonta, Y., Kurbanoğlu, S., Al, U., Taşkın, Z. (eds) Challenges of Information Management Beyond the Cloud. IMCW 2013. Communications in Computer and Information Science, vol 423. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44412-2_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-44412-2_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-44411-5

  • Online ISBN: 978-3-662-44412-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation