Introduction to IT Security Management

0.0(0)

Studied by 3 people

Knowt Play

Learn

Practice Test

Spaced Repetition

Match

Flashcards

Card Sorting

1/27

Earn XP

Description and Tags

Vocabulary-style flashcards covering key terms and definitions from the lecture notes.

Study Analytics

Name	Mastery	Learn	Test	Matching	Spaced

No study sessions yet.

28 Terms

New cards

IT Security Management (ITSM)

Monitoring and administering an organization's IT systems to secure information and data, aiming to ensure confidentiality, integrity, and availability.

New cards

CIA

Confidentiality, Integrity, and Availability—the core security properties protecting information and IT services.

New cards

IT Management

Management of hardware, networks, and software to meet business requirements, budgets, security, and service delivery.

New cards

On-premises, Cloud, and Hybrid IT

Deployment models: on-premises (in-house), cloud (external), or hybrid (a mix).

New cards

CIO

Chief Information Officer; senior leader setting IT strategy and overseeing implementation.

New cards

CISO

Chief Information Security Officer; senior leader focusing on information, cyber, and technology security.

New cards

Security Administrator

Person responsible for day-to-day management of security technology and systems.

New cards

Cloud Security Manager

Role focusing on security management of cloud-based infrastructure.

New cards

Threat Intelligence Manager

Role focusing on proactive identification and mitigation of cyber threats.

New cards

Cybersecurity

The study, protection, and prevention of computer systems from adversaries; involving a wide range of devices and networks.

New cards

Data Breaches (2019 data)

In the first nine months of 2019, 7.9 billion records were exposed by data breaches.

New cards

Scale of Cyber Threats—Financial Sector

Disruptive and destructive attacks have increased; responsibility for protection is unclear, but resources exist to implement solutions.

New cards

Cybersecurity Culture

The knowledge, beliefs, attitudes, norms, and values about cybersecurity and how they influence behavior with information technologies.
How they think and act in cybersecurity.

New cards

Organizational determinants of culture

Leadership, clear policies, regular training, updated technology, accountability, and open communication that support secure practices.

New cards

Individual determinants of culture

Awareness, responsibility, ethics, knowledge, positive attitudes, and good habits of individuals that contribute to cybersecurity.

New cards

Need for CSC

Most data breaches result from human factors; cybersecurity culture aims to embed a secure mindset in the organization.

New cards

Organizational Cybersecurity Culture (OCC)

A model examining how organizational culture, national culture, and information security culture interact in cybersecurity.

New cards

Organizational Culture Types

Four orientations:
support (focus on people/relationships),
innovation (Encourage creativity/risk-taking),
rules (Emphasizes stability/procedures),
and goal (results-driven).

New cards

Hofstede's National Culture Dimensions

Cross-cultural framework on how national culture affects compliance with rules and policies (dimensions include individualism-collectivism, long-term vs short-term, indulgence vs restraint).

New cards

Individualism VS Collectivism

Individualism- Prioritizing personal goals, independence, and self-interest.

Collectivism -Valuing group harmony, loyalty, and shared responsibility.

New cards

Long-term VS Short-term Orientation

Long-term- Focus on future rewards, perseverance, and tradition.

Short-term- Want quick results and respect for tradition.

New cards

Indulgence VS Restraint

Indulgence- Societies allowing free gratification of desires and leisure.

Restraint societies regulate needs through strict norms and self-control.