Global ETD Search

191	An exploration of the chasm in the protection of classified information in South African government departments Mahlatsi, Lehlohonolo Wonderboy 08 1900 (has links) The chasm in the protection of classified information in South African government indicates that all the departments have at their disposal information that is to some extent sensitive in nature and obviously requires security measures. This study shows that government officials who in their official duties come to contact with classified information are either vulnerable or are implementing the security controls incorrectly. It is also clear that in the absence of a comprehensive statutory framework, the government departments’ classified information has resulted in an unstable and inconsistent classification and declassification environment. The statutory framework would, in addition to other things, address the rising threat of espionage and antagonistic activities, the selling of information and the protection of critical records in government, without hindering the constitutional rights of citizens to access information. This would create a system of valuable informantion and clarify which information requires security measures with respect to the protection of classified information. / Kgaohanao e tshireletsong ya tlhahisoleseding e sireleditsweng ke mmuso wa Afrika Borwa e supa hore mafapha ohle a ona a na le tlhahisoleseding eo, ka ho hong, e leng ya sephiri mme e hloka maemo a tshireletso. Boithuto bona bo bontsha hore bahlanka ba mmuso bao, tshebetsong ya bona ya semmuso, ba teanang le tlhahisoleseding ya sephiri, ba kotsing hobane ba sebedisa ditaelo tsa polokeho ka mokgwa o fosahetseng. Ho boetse ho hlakile hore, bosikong ba moralo o phethahetseng wa semolao, disistimi tse sa sebetseng hantle tsa mafapa a mmuso tsa tlhahisoleseding ya sephiri di bakile tikoloho e sa tsitsang hape e sa hlophiswang ya tlhophiso le tloso ya tlhophiso ya tlhahisoleseding. Moralo wa semolao, hara tse ding, o ka sebetsana le phephetso e eketsehang ya bohlwela le diketsahalo tse ding tse belaetsang tse jwalo ka thekiso ya tlhahisoleseding, mme o sireletse direkote tsa mmuso tsa bohlokwa ntle le ho hatakela tokelo ya Molaotheo ya baahi ya phihlello ho tlhahisoleseding. Hona ho ka theha sistimi ya tlhahisoleseding ya bohlokwa le ho hlakisa hore na ke tlhahisoleseding efe e hlokang maemo a tshireletso ha ho tluwa ntlheng polokeho ya tlhahisoleseding ya sephiri. / Umsantsa okhoyo ekukhuseleni ulwazi olukhethekileyo kurhulumente woMzantsi Afrika ubonisa ukuba onke amaSebe anolwazi analo olunokuba nkenenkene, kwaye oludinga ukhuseleko. Esi sifundo sibonisa ukuba asesichengeni amagosa karhulumente aye athi apha ekusebenzeni kwawo, adibane nolwazi olukhethekileyo, ngoba azisebenzisa gwenxa iindlela zokulawula ukhuseleko. Kukwacaca ukuba, ekubeni kungekho sikhokelo namigaqo isemthethweni, iinkqubo ezingasebenzi kakuhle zamaSebe karhulumente, ulwazi olukhethekileyo aluhlelwa ngendlela eyiyo kwaye lufumaneka kwiimeko ezingaluphathi ngokukhetheka. Ubukho besikhokelo nemigaqo yokhuseleko lolwazi inganceda ekunqandeni isoyikiso esikhulu sobhukuqo mbuso nezinye iziganeko ezikrokrisayo, ezifana nokuthengiswa kolwazi, Esi sikhokelo singanceda nasekukhuseleni iingxelo zikarhulumente ezinkenenkene ngaphandle kokucinezela amalungelo abemi okufumana ulwazi njengoko uvuma uMgaqo Siseko. Oku kuya kuvelisa inkqubo yolwazi olunexabiso kwaye kuya kucacisa ukuba loluphi ulwazi oludinga imimiselo yokhuseleko malunga nokukhuselwa kolwazi olukhethekileyo. / Criminology and Security Science / M. Tech. (Forensic Investigation) Classified information Confidential Protection of security Restricted Screcy Security threats South African Government Departments Threats Top-secret 363.250968 Executive departments -- South Africa Forensic sciences -- South Africa
192	Att förebygga det interna hotet med IT-regler / Preventing internal threats with IT-policy Olsson, Martin, Ring, Max, Sabbagh, Hassan January 2018 (has links) Uppsatsen ämnar undersöka det interna hotet inom organisationer som medförs av mänskliga misstag och ovarsamhet hos anställda. Syftet med uppsatsen är att identifiera orsaker bakom misstagen och ovarsamheten, redogöra för några konsekvenser av det och även undersöka hur utformningen och arbetet med IT-regler, som är regler och riktlinjer för IT-säkerhetsarbete, bör utföras för att minimera misstag och ovarsamhet. Till det har en undersökning av tidigare litteratur och en kvalitativ datainsamling gjorts, den kvalitativa undersökningen innefattade intervjuer med ett E-handelsföretag, ett IT-konsultföretag samt en IT-säkerhetskonsult. Teori och insamlad data har analyserats och genererat ett antal förslag, där bland annat ett anpassat språkbruk och kategorisering av IT-regler men även kontinuerlig utbildning av anställda förespråkas för att förebygga anställdas misstag och ovarsamhet. Därigenom förebyggs det interna hotet. Uppsatsens framförda förslag kan användas av alla typer av företag som vill förbättra sin IT-säkerhet genom att förebygga det interna hotet som orsakas av de anställda. / The study aims to investigate the internal threat within organizations caused by human mistakes and negligence amongst employees. The purpose of this paper is to identify reasons for the mistakes and the negligence, describe some of the consequences and also investigate how the design of and work with IT policies, which is a set of rules and guidelines for IT security work, should be performed to minimize mistakes and negligence. A survey of previous literature has been conducted and a qualitative data collection has been made. The qualitative data collection included interviews with an e-commerce company, an IT consulting company and an IT security consultant. Previous literature and collected data have been analysed which resulted in a set of suggestions, for instance that customized language usage and categorization of IT policies, together with continuous training of employees is advocated to help prevent employees' mistakes and negligence. Thereby minimizing the internal threat. Any type of company that wants to improve its IT security by preventing the internal threat caused by its employees will benefit from these suggestions. Human mistakes and negligence IT security IT-policies information systems internal threats employees cyber threats Mänskliga misstag och ovarsamhet IT-säkerhet IT-regler Interna hot Informationssystem Anställda IT-hot Information Systems
193	When Patients Threaten to Kill: A Texas View of Tarasoff Morgan, Minor Latham 08 1900 (has links) A serious problem confronts the psychologist whose patient threatens, within the privacy of a therapy session, to inflict violent harm upon some third person. Therapists in Texas face a risk of unjust legal liability because of a lack of widely accepted, clearly and fully articulated standards. A questionnaire was submitted to Texas psychologists and Texas judges of mental illness courts. It involved a hypothetical case of a patient who threatened to kill his girlfriend. The hypothesis that no consensus exists at present among psychologists or judges appears to be supported by the data. Comparisons are made of the attitudes of psychologists and judges. Correlations between psychologist attitudes and certain demographic and practice variables are reported. The need for new legislation in Texas concerning legal liability of therapists for the violent behavior of patients is discussed. Proposed legislation for Texas is set out. Among its important features are (1) recognition that continued therapy is itself a protective strategy and (2) establishment of good faith as the standard by which the behavior of the therapist is to be judged. Tarasoff v. University of California patient threats mental illness death threats Wrongful death -- California.
194	"Jag vill inte alltid behöva se mig om utifrån mitt yrkesval" : En kvalitativ studie om socialsekreterares upplevelser av klientutövat hot och våld / “I don’t want to have to look over my shoulder based of my career choice" : A qualitative study of social workers experiences of client-perpetrated threats and violence Darwich, Helin, Tutuncu, Dilara January 2023 (has links) Syftet med denna studie var att undersöka socialsekreterares erfarenheter och upplevelser av klientutövat hot och våld i arbetet med barn och unga. Det har gjorts en kvalitativ studie med en semistrukturerad intervjumetod och det har genomförts sex intervjuer. Empirin har tolkats utifrån en tematisk analys och en hermeneutisk meningstolkning. Materialet har analyserats utifrån tidigare forskning och socialkonstruktionismen som vetenskaplig grund samt coping och rollteorin som teoretiskt perspektiv. Studien visar att socialsekreterarna beskriver klientutövat hot och våld som tvetydigt eftersom de har delade meningar om vad hot och våld är samt att allvarlighetsgraden är en påverkande faktor i det. Tröskeln kopplat till hotet och våldets omfattning inom organisationen och medarbetarna har visat sig vara hög vilket medfört att socialsekreteraren i många fall reducerar händelser av hotfull- och våldsam karaktär. Det kan handla om att tillämpa strategier i sitt vardagliga arbete för att lättare kunna hantera riskfyllda situationer och nyttja organisatoriska säkerhetsåtgärder i ett förbyggande syfte. Vidare framkom det att det egna ansvaret är centralt i hot- och våldssituationer vilket har resulterat i underrapporteringar och mindre anmälningar. Resultatet visar också att tillgängligheten av socialsekreterares personuppgifter är ett orosmoment för socialsekreterare och används som innehåll i hot som framförs. / The purpose of this study was to examine social workers experiences of client-perpetrated threats and violence in their work with children and youths. A qualitative study has been made with a semi-structured interview method and have conducted six interviews. The material has been interpreted through a thematic analysis and hermeneutic interpretation of meaning. The material has been analyzed based on previous research and social constructionism as a scientific basis and coping and role theory as a theoretical perspective. The study shows that the social workers describe client-perpetrated threats and violence as ambiguous, because they have divided opinions about what threat and violence is and that the degree of seriousness is an influencing factor. The bar for the threat and violence extent within the organization and the employees has proven to be high which has resulted in that social workers in many cases reduces incidents of threatening and violent nature. It can be about applying strategies in your everyday work to be able to handle riskful situations more easily and to use organizational security measures in a preventive purpose. Furthermore it appears that your own responsibility is central in threat and violence situations which has resulted in under-reportings and less reports. The results also show that the availability of social workers personal data is a point of concern for social workers and is being used as content in threats that are made. Social worker Exposure Client-perpetrated threats and violence Threats Violence Indirect violence Culture of silence Professional role Availability of personal data Socialsekreterare Utsatthet Klientutövat hot och våld Hot Våld Indirekt våld Tystnadskultur Yrkesroll Tillgänglighet av personuppgifter Social Work Socialt arbete
195	Les menaces à l’ère de la technologie: analyse du processus de détermination de la peine Gagné, Stéphanie 03 1900 (has links) Les réseaux sociaux et les mediums de télécommunication ont donné naissance à une abondance de propos menaçants par lesquels sont véhiculés des messages de haine qui sont possiblement annonciateurs d’une violence future (Laforest & al., 2017). À ce jour, les études ne permettent pas de décrire le contexte dans lequel les menaces proférées par un medium technologique s’insèrent. Elles ne permettent pas non plus de comprendre les facteurs qui influencent les sentences de tels comportements. À partir d’une approche méthodologique mixte et d’un échantillon de 93 décisions judiciaires canadiennes, l’objectif principal de ce mémoire consiste, dans un premier temps, à décrire les facteurs circonstanciels entourant les menaces de mort et de lésions corporelles à l’ère numérique. En général, les résultats montrent que les menaces qui ont donné lieu à une décision écrite présentent un risque considérable de se concrétiser. De plus, nous avons découvert que même si dans certaines situations ce sont des témoins qui ont dénoncé les menaces aux autorités, ce sont principalement les victimes elles-mêmes qui dénoncent le plus souvent leur assaillant, craignant pour leur sécurité et celle de leurs proches. Dans un deuxième temps, nous cherchions à comprendre la réponse juridique canadienne pour de telles infractions. Plus précisément, un test de régression logistique a été élaboré afin de comprendre les facteurs contextuels qui influencent le recours à une sentence d’emprisonnement. Les résultats de cette analyse montrent que parmi les facteurs susceptibles d’influencer de telles sentences, quatre se sont avérés significatifs : (1) un lien conjugal avec la victime, (2) l’utilisation des médias sociaux, (3) la consommation d’alcool ou de drogues et (4) la gravité de la menace. Finalement, à partir de nos analyses, nous pouvons conclure que de nombreux enjeux subsistent dans le processus de détermination de la peine pour les menaces proférées par un medium technologique. En effet, plusieurs éléments peuvent interférer dans l’analyse du juge, notamment la crédibilité de la victime et l’intention criminelle de l’accusé. / Social networks and telecommunications tools have risen an abundance of threatening words through which violent messages are conveyed. They are possibly predictors of future violence (Laforest & al., 2017). To date, studies do not allow us to describe the context in which the threats uttered by a technological medium occur. They also do not allow us to understand the factors that influence the sentences of such behaviors. Based on a mixed methodological approach and a sample of 93 Canadian court decisions, the main objective of this study consists, firstly, in describing the circumstances factors surrounding threats of death and bodily harm in the digital age. Overall, the results show that threats that resulted in a written decision have a significant risk of materializing. Furthermore, we discovered that although in some situations it was witnesses who reported the threats to the authorities, it was mainly the victims themselves who most often reported their assailant, fearing for their safety and that of their loved ones. Second, we sought to understand the Canadian legal responses for such offences. More specifically, a logistic regression test was developed to understand the contextual factors that influence the use of a prison sentence. The results of this analysis show that among the factors likely to influence such sentences, four were found to be significant: (1) a marital relationship with the victim, (2) the use of social media to make the threat, (3) the use of alcohol or drugs and finally (4) the seriousness of the threat. Finally, based on our analyses, we can conclude that that many issues remain in the sentencing process for threats made by a technological medium. Indeed, several elements can interfere in the judge’s analysis, in particular the credibility of the victim and the criminal intentions of the accused. Processus de détermination de la peine Menaces de lésions corporelles Menaces de mort Sentence Dangerosité Réseaux sociaux Technologies de communication Threats of bodily harm Death threats Technologies Social networks Danger Legal system Sentencing process Criminology / Criminologie (UMI : 0627)
196	A framework for an adaptive early warning and response system for insider privacy breaches Almajed, Yasser M. January 2015 (has links) Organisations such as governments and healthcare bodies are increasingly responsible for managing large amounts of personal information, and the increasing complexity of modern information systems is causing growing concerns about the protection of these assets from insider threats. Insider threats are very difficult to handle, because the insiders have direct access to information and are trusted by their organisations. The nature of insider privacy breaches varies with the organisation’s acceptable usage policy and the attributes of an insider. However, the level of risk that insiders pose depends on insider breach scenarios including their access patterns and contextual information, such as timing of access. Protection from insider threats is a newly emerging research area, and thus, only few approaches are available that systemise the continuous monitoring of dynamic insider usage characteristics and adaptation depending on the level of risk. The aim of this research is to develop a formal framework for an adaptive early warning and response system for insider privacy breaches within dynamic software systems. This framework will allow the specification of multiple policies at different risk levels, depending on event patterns, timing constraints, and the enforcement of adaptive response actions, to interrupt insider activity. Our framework is based on Usage Control (UCON), a comprehensive model that controls previous, ongoing, and subsequent resource usage. We extend UCON to include interrupt policy decisions, in which multiple policy decisions can be expressed at different risk levels. In particular, interrupt policy decisions can be dynamically adapted upon the occurrence of an event or over time. We propose a computational model that represents the concurrent behaviour of an adaptive early warning and response system in the form of statechart. In addition, we propose a Privacy Breach Specification Language (PBSL) based on this computational model, in which event patterns, timing constraints, and the triggered early warning level are expressed in the form of policy rules. The main features of PBSL are its expressiveness, simplicity, practicality, and formal semantics. The formal semantics of the PBSL, together with a model of the mechanisms enforcing the policies, is given in an operational style. Enforcement mechanisms, which are defined by the outcomes of the policy rules, influence the system state by mutually interacting between the policy rules and the system behaviour. We demonstrate the use of this PBSL with a case study from the e-government domain that includes some real-world insider breach scenarios. The formal framework utilises a tool that supports the animation of the enforcement and policy models. This tool also supports the model checking used to formally verify the safety and progress properties of the system over the policy and the enforcement specifications. 658.4
197	Evropská právní úprava kyberzločinů s porovnáním právní úpravy kyberzločinů ve Spojených státech amerických / European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA Nováčková, Eliška January 2015 (has links) 6 Abstract Thesis title: European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA The diploma thesis deals with the legislation of cybercrime and cyber security of the United States of America and the European Union. The introduction defines the basic concepts and important moments of history of related legislation and discusses key policy documents adopted in the transatlantic area. It also presents the politics of these two units and their key legislation and describes the international Convention on Cybercrime. Selected documents are subsequently compared and evaluated in the context of legal terminology, technological development and application of regulations in practice. The thesis is concluded by the basic steps of transatlantic cooperation on issues of cyber security. The conclusion summarizes the lessons learned by comparing documents, particularly international emphasis on ratification of the Convention on Cybercrime and adequate levels of awareness of cyber space, and highlights some terminological inaccuracies. Keywords Cyber threats * cyber security * cybercrime * international cooperation * strategic documents
198	Informationssäkerhet : Interna och externa hot i mindre företag / Information security : Internal and external threats in smaller business Petersson, Alexander January 2019 (has links) Informationssäkerhet är en viktig aspekt i dagens samhälle då information i alla former är väsentligt för företag att förvalta och använda för att driva verksamheten vidare. Inom informationssäkerhet existerar det interna och externa hot. Syftet med denna rapport är att undersöka hur mindre företag upplever interna respektive externa informationssäkerhetshot samt hur de hanterar dem. Frågeställningen till studien presenteras nedan. Till vilken grad påverkas mindre företag av informationssäkerhetshot? Den primära frågeställningen är uppdelad i två frågor som presenteras nedan Till vilken grad upplever mindre företag interna hot? Till vilken grad upplever mindre företag externa hot? I studien beskrivs shadow security, brist på utbildning och stöld på informationstillgångar som tre största interna informationssäkerhetshot. Ransomware, phishing och bring your own devices beskrivs som tre av de största externa informationssäkerhetshoten. Detta resultat förväntas att kunna ge kunskap och bidra till identifieringen och försåtelsen av olika informationssäkerhetshot mot mindre företag. De respondenterna som har deltagit i semistrukturerade intervjuerna under denna studie hade alla någon slags roll som IT-ansvarig på respektive företag. Alla intervjuer genomfördes med företag från Hälsingland. / Information security is an important aspect of today's society as information in all forms is essential for companies to manage and use to drive the business further. Within information security, internal and external threats are two aspects that exist. The purpose of this report is to examine how smaller companies experience internal and external information security threats and how they manage these threats. The question to the study is presented below. To what extent are smaller companies affected by information security threats? The primary question is divided into two questions presented below To what extent do smaller companies experience internal threats? To what extent do smaller companies experience external threats? The study describes shadow security, lack of education and theft of information assets as three largest internal information security threats. Ransomware, phishing and bring your own devices are described as three of the largest external information security threats. This result is expected to provide knowledge and contribute to the identification and neglect of various information security threats to smaller companies. The respondents who have participated in the semi-structured interviews during this study all had some sort of role as IT manager at each company. All interviews were done with respondents with companies from Hälsingland. Information security internal threats small businesses Informationssäkerhet interna hot externa hot mindre företag Information Systems
199	Vulnerabilidade da paisagem pantaneira: estudo de caso da Reserva Particular do Patrimônio Natural Sesc Pantanal e entorno / Vulnerability of the pantaneira landscape: case study of the Sesc Pantanal Private Reserve of Natural Heritage and around Neves, Cristina Cuiabália Rodrigues Pimentel 10 March 2015 (has links) Os impactos negativos das atividades humanas no ambiente vêm historicamente acelerando a transformação e a degradação das paisagens no mundo. Atualmente, a questão socioambiental vem sendo colocada em pauta diante deste cenário, fazendo com que a implantação de reservas naturais protegidas ganhe importância, pois constituem um dos pilares da proteção da biodiversidade, contribuindo sobremaneira na manutenção dos serviços ecossistêmicos gerados pelos processos naturais. Mesmo com os avanços e benefícios desta estratégia de conservação in situ, há desafios a serem superados. Em linhas gerais, as ameaças às áreas naturais protegidas variam amplamente conforme o contexto, porém, as consequências geralmente conduzem à fragmentação, degradação e perda de hábitat em seu entorno ou podem ainda atingir diretamente as reservas. Nesta direção, a presente pesquisa tem como área de estudo a Reserva Particular do Patrimônio Natural (RPPN) Sesc Pantanal e seu entorno, sendo esta a mais extensa unidade de conservação do Brasil nesta categoria, localizada no município de Barão de Melgaço, Mato Grosso. O objetivo geral deste estudo visa compreender os elementos da paisagem pantaneira no âmbito da RPPN e seu entorno, para verificar as causas e os efeitos das principais pressões e ameaças à sua conservação, visando identificar áreas vulneráveis e propor mecanismos de monitoramento. Portanto, esta pesquisa, de caráter aplicado, poderá auxiliar no processo de gestão da RPPN contribuindo para o planejamento e conservação da paisagem. Sendo uma pesquisa essencialmente interdisciplinar, os métodos e procedimentos operacionais foram definidos a partir da articulação entre abordagens quantitativas e qualitativas. Com relação à natureza das fontes de informações, foi realizada pesquisa bibliográfica para o levantamento de dados secundários e os dados primários foram obtidos através de pesquisa documental e pesquisa de campo com os sujeitos envolvidos por meio de diferentes técnicas, tais como: observação direta, análise documental, entrevistas não dirigidas e semi-estruturadas e oficinas de planejamento. A análise dos dados teve como apoio os recursos da cartografia digital, da multirreferencialidade, ou triangulação, das observações, escutas (entrevistas) e fala (oficina de planejamento). Como principal base conceitual, esta pesquisa faz uso da noção da paisagem cultural para compreender as dimensões nas quais as áreas naturais protegidas se inserem, incorporando aspectos sociais, ambientais e econômicos. No contexto amplo brasileiro, foram identificados 18 tipos de pressões e ameaças relacionadas às unidades de conservação e seu entorno, dos quais 07 estão presentes na área de estudo, quais sejam: desmatamento; remoção de fauna; pesca predatória; turismo e recreação; deposição de resíduos; incêndios de origem antrópica e narcotráfico. Quanto ao grau de importância de cada aspecto, os levantamentos indicaram a pesca predatória e o narcotráfico como as mais relevantes ameaças à proteção da paisagem em estudo. Portanto, os resultados demonstraram um campo heterogêneo quanto aos pontos de vistas relacionados à conservação da paisagem, possibilitando desvelar aspectos significativos, porém até então obscuros da vulnerabilidade, para a definição das estratégias de conservação efetiva na Reserva, indo além de suas fronteiras espaciais e do alcance de sua capacidade de gestão. / Anthropogenic negative impacts on the environment have catalyzed landscape transformation and degradation over time. In the present time, social-environmental issues have been more and more addressed facing this scenario. Thus the implementation of nature reserves have become more relevant, once it constitutes one of the main pillars of biodiversity protection, and so highly contributing to the maintenance of ecosystem services. Despite all benefits coming from this in situ conservation strategy, there is a range of challenges to be overcome. In general, threats towards nature reserves vary according to the context in which they are inserted. However their consequences usually lead to fragmentation, degradation and habitat loss in its surroundings and within the nature reserve itself. The present work\'s study site was the Sesc Pantanal Private Reserve of Natural Heritage (PRNH, or RPPN - Reserva Particular do Patrimônio Natural), the largest in Brazil in its category, located in the municipality of Barão de Melgaço, state of Mato Grosso. This work aimed the understanding of landscape elements within the PRNH and its surroundings through the verification of cause-effect mechanisms amongst the main pressures and threats to its conservation, and so identifying vulnerable areas and proposing monitoring strategy suggestions. Therefore, this applied research might assist in the management of the Sesc Pantanal PRNH, specifically concearning planning and landscape conservation. The interdisciplinary character of this work demanded both qualitative and quantitative approaches. Secondary data were accessible through literature consultation. Primary data were acquired through a documentation survey and the field surveys with different stakeholders (e.g., direct observation, unguided interviews, semi structured interviews, and planning workshops). Data analysis has been supported by digital cartography and triangulation of field-acquired data. The adopted conceptual framework is based on the idea of cultural landscape, allowing the comprehension of social, environmental and economic aspects related to the nature reserve. The study has found 18 types of pressures and threats to conservation units in Brazil, from which 07 of them influence the study site: deforestation; fauna suppression; predatory fishing; tourism and recreation; waste disposal; anthropic-related fires; and illegal drug trade. The most relevant impacts in the area were predatory fishing and illegal drug trade. According to the present study, the conservation of this particular landscape relies on heterogeneous elements, what unveils its vulnerability and enables the development of more effective conservation strategies that pervade the PRNH itself and its management capacity. ameaça Landscape Paisagem threats vulnerabilidade vulnerability
200	General Deterrence Theory: Assessing Information Systems Security Effectiveness in Large versus Small Businesses Schuessler, Joseph H. 05 1900 (has links) This research sought to shed light on information systems security (ISS) by conceptualizing an organization's use of countermeasures using general deterrence theory, positing a non-recursive relationship between threats and countermeasures, and by extending the ISS construct developed in prior research. Industry affiliation and organizational size are considered in terms of differences in threats that firms face, the different countermeasures in use by various firms, and ultimately, how a firm's ISS effectiveness is affected. Six information systems professionals were interviewed in order to develop the appropriate instruments necessary to assess the research model put forth; the final instrument was further refined by pilot testing with the intent of further clarifying the wording and layout of the instrument. Finally, the Association of Information Technology Professionals was surveyed using an online survey. The model was assessed using SmartPLS and a two-stage least squares analysis. Results indicate that a non-recursive relationship does indeed exist between threats and countermeasures and that countermeasures can be used to effectively frame an organization's use of countermeasures. Implications for practitioners include the ability to target the use of certain countermeasures to have desired effects on both ISS effectiveness and future threats. Additionally, the model put forth in this research can be used by practitioners to both assess their current ISS effectiveness as well as to prescriptively target desired levels of ISS effectiveness. countermeasures Information systems security threats risk assessment Computer networks -- Security measures. Computer security.

Search results