The Security Management Model for Small Organization in Intelligence All-Things Environment

  • Hangbae ChangEmail author
  • Jonggu Kang
  • Youngsub Na
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 107)


Since organizations have recognized needs for industrial technique leakage prevention, they tend to construct information security system causing huge consumption of budget, yet many of them are not affordable to organize information security team to operate integrated information security management system with consistent investment and maintenance. It is fact that there only occur instant introductions of certain system. In this study, we designed information security management system for organizations’ industrial technology leakage prevention which is differentiated from those of large enterprises based on current status of small and medium-sized organizations’ industrial technology leakage. Specifically we analyzed current status and vulnerability of organizations’ industrial technique leakage and we designed industrial technique leakage prevention management system for organizations. Then we applied Delphi method to validate appropriateness of study result. We strongly believe that organizations may estimate an appropriate level of investment on information security and develop countermeasures for control by utilizing this study result.


Information security Information security management system for small organization Vulnerability of information security 


  1. 1.
    Weill P, Vitale M (2002) What IT infrastructure capabilities are needed to implement e-business models? MIS Q Executive 1(1):17–34Google Scholar
  2. 2.
    BSI (1999) BS 7799 Part1: information security management—code of practice for information security managementGoogle Scholar
  3. 3.
    Doukidis GI, Lybereas P, Galliers RD (1996) Information systems planning in small business: a stages of growth analysis. J Syst Softw Arch 33Google Scholar
  4. 4.
    Eloff MM, von Solms SH (2000) Information security management: an approach to combine process certification and product evaluation. Comput Secur 19Google Scholar
  5. 5.
    NIST Technology Administration (1998) An introduction to computer security: the NIST handbook. NIST, USAGoogle Scholar
  6. 6.
    ISACA (2001) Information security governance, guidance for boards of directors and executive management. IT Governance InstituteGoogle Scholar
  7. 7.
    Levy M, Powell P (1998) SME flexibility and the role of information systems. Small Bus Econ 2Google Scholar

Copyright information

© Springer Science+Business Media B.V. 2011

Authors and Affiliations

  1. 1.Department of Business AdministrationDaejin UniversityPocheon-SiKorea

Personalised recommendations