ISSEC: A Socio-technical Decision Support System for Information Security Planning

The traditional notion of information security, rooted in a solidly technical foundation, has within the past decade seen wide criticism within academia - much of which has originated from the social sciences community - as being narrow and technology-centric instead of holistic and organizational in its focus. As information security awareness encompasses an ever-greater scope of organizational dynamics, it becomes necessary for us to develop design methodologies and ultimately, systems, capable of dealing practically with the complex and multifaceted nature of the decision-making of information systems security which is entailed by the emerging notions of a new paradigm for security. To this end, we present an architecture which implements a web-based multi-user decision support system (DSS) driven by an operational security model within a qualitative multi-criteria framework that utilizes AHP as its inference engine. The system is then demonstrated in action, by addressing a multi-criteria security control selection decision

Environmental Management Information Systems (EMIS) for Sustainable Development: A Conceptual Overview

Environmental management information systems (EMIS) is defined as \u27organizational-technical systems for systematically obtaining, processing, and making available relevant environmental information available in companies\u27. Such systems evolved out of a growing need to manage environmental information in response to internal and external pressures such as regulations, consumers, stockholders, and changes in the business environments. While over the past decade EMIS have proliferated in the corporate landscape, these systems have received little attention within the information systems research community as whole. The objective of this paper is to serve as a tutorial providing a conceptual overview of EMIS, highlighting organizational and technical issues, as well as research opportunities. In this paper we suggest that there are significant and relatively untapped research synergies existing between information systems and environmental management for sustainable development at the organizational and technical levels

Decision Support in Information Systems Security

As the structure of modern organizations shifts, so correspondingly must the methodologies which underlie the evaluation and development of the security posture of their information systems. We have witnessed an ever-growing gap between organizational policy and technology. We have also witnessed an ever increasing complexity of decisions regarding the planning and design of IS security. Within this paper, we propose a decision support framework consistent with security and decision theory and develop a model of the decision analysis space suitable for multiple criteria decision making (MCDM). The adoption of MCDM techniques within the context of this model can show inherent trade-offs between alternatives in a security decision, encapsulate qualitative as well as quantitative elements within the analysis space, and facilitate group-decision making thereby dealing with conflicting perspectives of multiple stakeholders. The paper concludes with a demonstration of the proposed model through a case study conducted with a major financial services provider

ISSEC: A socio-technical DSS for information security planning

The traditional notion of information security, rooted in a solidly technical foundation, has within the past decade seen wide criticism within academia - much of which has originated from the social sciences community - as being narrow and technology-centric instead of holistic and organizational in its focus. As information security awareness encompasses an ever-greater scope of organizational dynamics, it becomes necessary for us to develop design methodologies and ultimately, systems, capable of dealing practically with the complex and multifaceted nature of the decision-making of information systems security which is entailed by the emerging notions of a new paradigm for security. To this end, we present an architecture which implements a web-based multi-user decision support system (DSS) driven by an operational security model within a qualitative multi-criteria framework that utilizes AHP as its inference engine. The system is then demonstrated in action, by addressing a multi-criteria security control selection decision

Business Process Re-engineering and Information Security Planning: Opportunities for integration

Business process re-engineering (BPR) has come to recognize a need for the adoption of socio-technical methodologies and capabilities for knowledge representation of qualitative concerns. Security planning and decision-making has a similar need, and furthermore socio-technical methods common to BPR can be usefully applied in this capacity. The introduction of security models like Defense-in- Depth and similar efforts to recognize the organizational impact of security planning in operational security management serve as an initial step in educating security personnel and provide a more comprehensive view, but unfortunately, security decision-making has traditionally relied almost solely upon quantitative risk assessment, cost/benefit mechanisms, and related, functionalistic methodologies. This greatly limits the representational capacity of the decision process, and with it the possible dimensions of analysis in which to consider security issues. Within this paper, we briefly examine security planning and the relevant techniques of BPR and Socio-technical design, and present a framework for their integration within the context of information security. It is our contention that such methodologies can be utilized in the security decision process to facilitate representation of subjective concerns and broadly-defined issues germane to security policy, within an organizational context

A web-based multi-perspective decision support system for information security planning

With the increasing exposure and vulnerability to cyber attacks, it becomes necessary to develop methodologies and systems that are capable of dealing with the complex and multifaceted nature of decision situations encountered in security planning and management. In this paper we present the theoretical basis, architecture and design of a web-based multi-perspective decision support system (DSS) and an underlying decision multi-criteria decision framework that is consistent with security and decision theory. The system is illustrated through a multi-stakeholder scenario that captures the complexity encountered in a multi-criteria security control selection decision problem

A Framework for Decision Support in Information Systems Security

As the structure of modern organizations shifts, so correspondingly must the methodologies which underlie the evaluation and development of the security posture of their information systems. We have witnessed an ever-growing gap between organizational policy and technology. We have also witnessed an ever increasing complexity of decisions regarding the planning and design of IS security. Within this paper, we propose a decision support framework consistent with security and decision theory and develop a model of the decision analysis space suitable for multiple criteria decision making (MCDM). The adoption of MCDM techniques within the context of this model can show inherent trade-offs between alternatives in a security decision, encapsulate qualitative as well as quantitative elements within the analysis space, and facilitate group-decision making thereby dealing with conflicting perspectives of multiple stakeholders. The paper concludes with a demonstration of the proposed model through a case study conducted with a major financial services provider

Circulating Cell-Free DNA in Dogs with Mammary Tumors: Short and Long Fragments and Integrity Index

Circulating cell-free DNA (cfDNA) has been considered an interesting diagnostic/prognostic plasma biomarker in tumor-bearing subjects. In cancer patients, cfDNA can hypothetically derive from tumor necrosis/apoptosis, lysed circulating cells, and some yet unrevealed mechanisms of active release. This study aimed to preliminarily analyze cfDNA in dogs with canine mammary tumors (CMTs). Forty-four neoplastic, 17 non-neoplastic disease-bearing, and 15 healthy dogs were recruited. Necrosis and apoptosis were also assessed as potential source of cfDNA on 78 CMTs diagnosed from the 44 dogs. The cfDNA fragments and integrity index significantly differentiated neoplastic versus non-neoplastic dogs (P<0.05), and allowed the distinction between benign and malignant lesions (P<0.05). Even if without statistical significance, the amount of cfDNA was also affected by tumor necrosis and correlated with tumor size and apoptotic markers expression. A significant (P<0.01) increase of Bcl-2 in malignant tumors was observed, and in metastatic CMTs the evasion of apoptosis was also suggested. This study, therefore, provides evidence that cfDNA could be a diagnostic marker in dogs carrying mammary nodules suggesting that its potential application in early diagnostic procedures should be further investigated

An empirical analysis of the determinants of mobile instant messaging appropriation in university learning

Published ArticleResearch on technology adoption often profiles device usability (such as perceived usefulness) and user dispositions (such as perceived ease of use) as the prime determinants of effective technology adoption. Since any process of technology adoption cannot be conceived out of its situated contexts, this paper argues that any pre-occupation with technology acceptance from the perspective of device usability and user dispositions potentially negates enabling contexts that make successful adoption a reality. Contributing to contemporary debates on technology adoption, this study presents flexible mobile learning contexts comprising cost (device cost and communication cost), device capabilities (portability, collaborative capabilities), and learner traits (learner control) as antecedents that enable the sustainable uptake of emerging technologies. To explore the acceptance and capacity of mobile instant messaging systems to improve student performance, the study draws on these antecedents, develops a factor model and empirically tests it on tertiary students at a South African University of Technology. The study involved 223 national diploma and bachelor’s degree students and employed partial least squares for statistical analysis. Overall, the proposed model displayed a good fit with the data and rendered satisfactory explanatory power for students’ acceptance of mobile learning. Findings suggest that device portability, communication cost, collaborative capabilities of device and learner control are the main drivers of flexible learning in mobile environments. Flexible learning context facilitated by learner control was found to have a positive influence on attitude towards mobile learning and exhibited the highest path coefficient of the overall model. The study implication is that educators need to create varied learning opportunities that leverage learner control of learning in mobile learning systems to enhance flexible mobile learning. The study also confirmed the statistical significance of the original Technology Acceptance Model constructs