Informacijos saugos valdymo karkasas smulkiam ir vidutiniam verslui

Information security is one of the concerns any organization or person faces. The list of new threats appears, and information security management mechanisms have to be established and continuously updated to be able to fight against possible security issues. To be up to date with existing information technology threats and prevention, protection, maintenance possibilities, more significant organizations establish positions or even departments, to be responsible for the information security management. However, small and medium enterprise (SME) does not have enough capacities. Therefore, the information security management situation in SMEs is fragmented and needs improvement. In this thesis, the problem of information security management in the small and medium enterprise is analyzed. It aims to simplify the information security management process in the small and medium enterprise by proposing concentrated information and tools in information security management framework. Existence of an information security framework could motivate SME to use it in practice and lead to an increase of SME security level. The dissertation consists of an introduction, four main chapters and general conclusions. The first chapter introduces the problem of information security management and its’ automation. Moreover, state-of-the-art frameworks for information security management in SME are analyzed and compared. The second chapter proposes a novel information security management framework and guidelines on its adoption. The framework is designed based on existing methodologies and frameworks. A need for a model for security evaluation based on the organization’s management structure noticed in chapter two; therefore, new probability theory-based model for organizations information flow security level estimation presented in chapter three. The fourth chapter presents the validation of proposed security evaluation models by showing results of a case study and experts ranking of the same situations. The multi-criteria analysis was executed to evaluate the ISMF suitability to be applied in a small and medium enterprise. In this chapter, we also analyze the opinion of information technology employees in an SME on newly proposed information security management framework as well as a new model for information security level estimation. The thesis is summarized by the general conclusions which confirm the need of newly proposed framework and associated tools as well as its suitability to be used in SME to increase the understanding of current information security threat situation.Dissertatio

Disentangling the Innovation - Internalization Process Through a Structural Equation Model

Innovation virtuously impacts on the degree of international growth, which in turn positively influences innovation activities and then firms�™ performance (Filipescu et al., 2009). Many authors have tried to identify and explain the relationship between these two phenomena at firm level. Only recently, few empirical studies investigate them at a more aggregate level (see e.g. Mariotti et al., 2008). Moreover the literature focuses only on one direction of causality, while scant attention has been paid to inspect empirically innovation and internationalization together (Kafouros et al., 2008; Filippetti et al., 2009; Frenz and Ietto-Gillies, 2007). This paper provides an empirical analysis of the mutual relationship of these two phenomena, taking into account various features of the regions themselves. The empirical study is conducted on data concerning 20 Italian regions covering the period 2000-2008. To better understand the complex relationship between internationalization and innovation, we refer to the Structural Equation Models (SEM). These are multivariate regression type models, in which response variables could in turn act as dependent and predictor within a system of equations, and all variables are assumed to influence one-another reciprocally, either directly or through other variables as intermediaries (Bollen, 1989; McAdam et al., 2010). Through the SEM the relationships are expressed by a set of parameters which explain the magnitude of the effect (direct or indirect) between independent (either observed or latent) and dependent variables. Indeed, internationalization and innovation could act as both dependent and predictor which measurement could be difficult then suggesting the use of latent variables, and where the system of indicators is complex enough to lead at a model specified through two-way relations intrinsically connected. Using SEM approach we are able to specify flexible models dealing with non-standard relations stylized along panel data structure, in which spatial and temporal dimensions do matter

Addressing Knowledge Leakage Risk caused by the use of mobile devices in Australian Organizations

Information and knowledge leakage has become a significant security risk to Australian organizations. Each security incident in Australian business cost an average US$2.8 million. Furthermore, Australian organisations spend the second most worldwide (US$1.2 million each on average) on investigating and assessing information breaches. The leakage of sensitive organizational information occurs through different avenues, such as social media, cloud computing and mobile devices. In this study, we (1) analyze the knowledge leakage risk (KLR) caused by the use of mobile devices in knowledge-intensive Australian organizations, (2) present a conceptual research model to explain the determinants that influence KLR through the use of mobile devices grounded in the literature, (3) conduct interviews with security and knowledge managers to understand what strategies they use to mitigate KLR caused by the use of mobile devices and (4) use content analysis and the conceptual model to frame the preliminary findings from the interviews

Carbon Leakage with International Technology Spillovers

In this paper we study the effect of international technology spillovers on carbon leakage. We first develop and analyse two simple competing models for carbon leakage. The first model represents the pollution haven hypothesis. It focuses on the international competition between firms that produce energy-intensive goods. The second model highlights the role of a globally integrated carbon-energy market. We calculate formulas for the leakage rates in both models and, through meta-analysis, show that the second model captures best the major mechanisms reported in the CGE literature on carbon leakage. We extend this model with endogenous energy-saving technology and international technology spillovers. This feature is shown to decrease carbon leakage. We build-in the endogenous energy-saving technology in a large CGE model and verify that the results from the formal model carry over. Carbon leakage becomes negative for moderate levels of international technology spillover.arbon-Leakage, Climate Policy, Induced Technological Change; Trade and Environment

Addressing Knowledge Leakage Risk caused by the use of mobile devices in Australian Organizations

Information and knowledge leakage has become a significant security risk to Australian organizations. Each security incident in Australian business cost an average US$\$$2.8 million. Furthermore, Australian organisations spend the second most worldwide (US$\$$1.2 million each on average) on investigating and assessing information breaches. The leakage of sensitive organizational information occurs through different avenues, such as social media, cloud computing and mobile devices. In this study, we (1) analyze the knowledge leakage risk (KLR) caused by the use of mobile devices in knowledge-intensive Australian organizations, (2) present a conceptual research model to explain the determinants that influence KLR through the use of mobile devices grounded in the literature, (3) conduct interviews with security and knowledge managers to understand what strategies they use to mitigate KLR caused by the use of mobile devices and (4) use content analysis and the conceptual model to frame the preliminary findings from the interviews. Keywords: Knowledge leakage, mobile devices, mobile contexts, knowledge leakage riskComment: Pages 14. arXiv admin note: text overlap with arXiv:1606.0145