Spelling suggestions: "subject:"corporate 2security"" "subject:"corporate bsecurity""
1 |
Social media and business: balancing risks and opportunities : A literature reviewZorraquino, Alicia January 2020 (has links)
Purpose This thesis analyses what are the current information security risks and opportunities of social media in a business context based on publications from 2015 to 2020. Design/methodology/approach This papers follows a qualitative method, particularly a Systematic Literature Review guided by Okoli and and Schabram (2010), the concept-centric approach described by Webster and Watson (2002) and thematic analysis described by Braun and Clarke (2006). Findings Data leaks, non-compliance and reputational risks seem to be the most significant corporate social media risks. Adopting social media policies and providing employees social media security education, training and awareness are the most mentioned controls by the reviewed literature. Social media are more and more used as a threat intelligence source and for cyber security prediction and detection. Furthermore, social media may be used for InfoSec discussion, as a tool for Information Security Training and Awareness, for internal cyber threat sharing and for incident response handling. Originality/value This thesis provides an overall view of the risks, controls and opportunities that social media use implies for private organizations. Further research is needed that focuses primarily on the opportunities that social media offer to strengthen business Information Security.
|
2 |
企業安全暨風險管理策略之研究—台北101大樓個案分析 / The Study of Corporate Security & Risk Management Strategy and Practices - A Case Study of Taipei 101徐子文, Hsu,Daniel Tzu-Wen Unknown Date (has links)
企業風險安全管理隨著趨勢的發展和需求,企業安全從原本的被動式保護工作,進步到主動式的預防作為,由原來對實體環境和人員的防護,拓展到資訊網路和商譽競爭力保護的領域,逐漸的成為企業中不可或缺的重要功能部門。
國內一般文獻研究在記載研究企業風險安全管理和危機處理議題,常見以外部觀點為研究方向,來自於實際參與企業風險安全管理第一線和決策人員的個案研究則相對缺乏。本研究是希望以作者擔任台北金融大樓股份有限公司(台北101)首任安全總監期間(2003年九月到2004年七月),實際面臨之風險安全管理挑戰之狀況及處置為主軸,並以事後結果觀察為驗證,以其他個案和文獻研究來探討:一位在企業中實際負責企業風險安全管理之專業經理人面對各式風險威脅狀況時的決策基礎和作為考量,繼而驗證相關風險管理和安全管理理論在企業安全和風險管理的實際運用狀況及成效。
企業安全管理是風險管理的一部份,重點是在處理風險類別中的純粹風險。風險管理的理論和分析架構為企業安全管理帶來了理論基礎架構,讓每一對應措施對策可以有正確的定位,而達到管理的效率。企業安全管理是一個應用科學,必須要依據實務需要,利用企業安全以及其他領域的專業知識,尋求相當的對策。「安全」代表一種穩定的、在一定程度內可以預期的環境,讓個人或團體可以在追求目標時,不受干擾或傷害,也不必擔心任何動亂或意外。安全管理同時也是一個高度和所處環境互動的過程。其所受影響的變數繁多,影響所產生的結果也多變。所以,企業安全管理不但重視建置上大架構的完善,更重視的是在細節小處的積極維護。
一個良好企業安全管理始自於有一個明確的「企業安全政策」。在這企業安全政策中要揭示企業安全的宗旨。作者以為,企業的安全目標為:「保護企業資產完整,使可能發生的損害降至最低、而使投資報酬及事業機會增至最大,進而確保企業的永續經營。」本研究認為,「實體與環境安全」、「人事安全」、「資訊安全」、「緊急應變計劃」、「企業安全稽核及事件調查」、「企業安全教育訓練及宣導」形成完整的企業安全管理架構,並以「人員」、「程序」和「科技」並重的方式進行,可以達到實效。而「未知」、「瞬時」和「大量」是企業安全管理範疇中危機的三特性,如果這三者同時發生,危機就產生,若是消彌其中一部,危機就有機會可以被制止。 / 關鍵字:企業管理、風險管理、風險評估、企業安全、安全管理、危機管理。 / Along with the business trend and demand, the function of Corporate Security is changing from reactively protection to proactively prevention. It also expends from its original functions on physical and personnel protection activities to information networks and business competition activities. Gradually, Corporate Security is becoming an irreplaceable function in modern business operations.
In Taiwan, most of the researches on corporate risk and security management issues were on external perspective. There are relatively limited researches on internal perspective and being done by practioners who could provide the first hand experiences and very own observations. This study is based on the Writer’s own experiences and observations during his tenure as the very first Director of Corporate Security and Life Safety of the Taipei Financial Center Corporation, the owner of the world’s tallest building – “Taipei 101”, in September 2003 ~ July 2004. This thesis records and studies the situations the Writer faced and why certain counter-measures were selected and implemented against some corporate security related theories and best practices, and further, to examine their effectiveness and aftermath impacts.
This study finds that the corporate security management is under the umbrella of enterprise risk management. It mainly deals with the area of pure risks. The risk management theories provided fundamentals and core structure for the corporate security management. The corporate security management is an applied science. The successful application requires multi-discipline efforts which employee various domains of knowledge to interact and/or counteract of the changing business environment. In addition to appreciation of the core theories of risk and security management, it is essential to attention to details.
A sound corporate security begins with a clearly stated “Corporate Security Policy”, where the mission, objectives, as well as the structures and means are clear defined. The Writer believes that the objective of corporate security management is to “To protect corporate assets, both tangible and intangible ones, and to minimize the potential harms and losses, in order to maximize the investment retunes and business opportunities as well as the continuity of the business.” This study finds that the Corporate Security Management Framework best structured by the Physical & Environmental Security, Personnel Security, Information Security, Emergency Response Planning, Security Audit & Investigation, as well as Security Awareness Promotion and Education. In order to best achieve these, the practioners should equally apply measures on People, Process and Technology. / Keywords: Risk Management, Business Management, Security Management, Crisis Management, Corporate Security.
|
Page generated in 0.0571 seconds