A Taxonomy of Challenges in Information Security Risk Management

Risk Management is viewed by many as the cornerstone of information security and is used to determine what to protect and how. How to approach risk management for information security is an ongoing debate as there are several difficulties in existing approaches. The problems and challenges within th...

Full description

Saved in:
Bibliographic Details
Main Authors: Wangen, Gaute, Snekkenes, Einar
Format: Book
Language:English
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Risk Management is viewed by many as the cornerstone of information security and is used to determine what to protect and how. How to approach risk management for information security is an ongoing debate as there are several difficulties in existing approaches. The problems and challenges within the discipline are not easily visible being dispersed throughout literature. There is therefore a need for an overview for both industry and researchers to obtain a holistic picture of the research area and to contribute in making progress. In this paper, we present a taxonomy of identified problems from literature within information security risk management, and highlight some of the important prevailing issues that are contributing to lack of progress within the research field.