PRELIMINARY SURVEY RESULTS ON IT SECURITY PRACTICES IN CYPRUS PRIVATE AND PUBLIC SECTORS

This paper discusses users’ practices on IT security in Cyprus organizations. This investigation is part of a broader research effort initiated by researchers at University of Nicosia that aims in the development of an enterprise Mashup application that private and public organizations could use to specify and manage their strategies regarding ICT security. The questionnaire was drafted based on the IT Security Guidelines promoted by the national security agency of the German federal government, as it is a comprehensive checklist on security matters. A survey is currently underway among Cypriot organizations and enterprises regarding established security procedures and policies on ICT security. Based on the received responses (approximately half the expected sample size), preliminary results show that security mechanisms and their management are deployed in a majority of the organizations. A more accurate and complete analysis will be available upon completion of the survey

SECURITY PRACTICES IN CYPRUS

This focus of this paper is to investigate current security practices in Cypriot organizations, including enterprises and public sector divisions. It is viewed as part of a broader research effort that aims towards the development of an open-source Web-enabled interface that may provide specialized guidelines and suggestion for improved security and management of the ICT resources within an organization. In order to gain knowledge on the deployed security technologies by organizations, a survey has been conducted; the research instrument was a questionnaire composed from the IT Security Guidelines that are included in the ISO27001. The survey primarily examined established security policies and procedures. A research analysis has been performed and identified that, security mechanisms and the management of ICT resources may be improved on a number of aspects as outlined in this paper