Documente Academic
Documente Profesional
Documente Cultură
SYSTEMS SECURITY: A
CASE STUDY IN THE
BANKING SECTOR
SEPTEMBER 20TH, 2012
CONFENIS - GHENT, BELGIUM
Agenda
Introduction
Research Approach
Conceptual Model
Phase I Banking Sector
Results
Future Research
Current Events
Research Approach
Bank B
Bank C
Bank D
Public
100
Years
1.1 Bil
USD
Assets
11
Branches
Private,
70 years
20 Mil
USD in
Assets
2
Branches
Private,
15 years
1.8 Bil
USD in
assets
13
Branches
Private, 8
years
550 Mil
USD in
assets
10
Branches
Conceptual Framework
Enterprise Information
System Security
Implementation
Security Policy
Security
Awareness
Access
Control
Corporate Governance
Top Level
Management
Support
Continued education
Collective and individual activities
Formal classes, emails, discussion groups
Employee compliance
Limit information
Access linked to job function
Restrict information not relevant to position
Management of access rule changes
EMEA
US
C-Level
Yes
250
44%
243
28%
21
30%
No
313
56%
616
72%
50
70%
Grand Total
563
100%
859
100%
71
100%
24%
12%
Agree
64%
Disagree
Not Sure
Source: Cyber-Ark 2012 TRUST, SECURITY & PASSWORDS SURVEY, June 2012
IT governance is a mystery
to key decision-makers at
most companies and that
only about one-third of the
managers surveyed
understood how IT is
governed at his or her
company.
Source: Weill, P., and Ross, J., A Matrixed Approach to
Designing IT Governance, Sloan Management Review,
46(2), 2005, p. 26.
Results
Future Research
Phase II
Developing and administering a survey to a
larger sample.
Seeking advice on potential sponsorship,
professional affiliations that may be interested
in working with us.
Thank You!
Dankje!
Merci!
Danke!