A Community Knowledge Base for IT Security

TitleA Community Knowledge Base for IT Security
Publication TypeJournal Article
Year of Publication2011
AuthorsFenz, S, Parkin, S, Van Moorsel, A
JournalIT Professional
Date Published2011
Publication Languageeng
ISBN Number1520-9202
Keywordsbusiness , COMMUNITIES , Community , Corporate , Data , employee , ethical , Financial , Formal , formalized , information , IT , knowledge , legal , management , ORGANIZATION , personnel , productivity , security
AbstractDoes every organization need to reinvent the wheel when it comes to IT security? Not if the IT community can develop a formal knowledge base for sharing and applying IT security management knowledge. Corporate IT security managers have a difficult time staying on top of the endless tide of new technologies and security threats sweeping into their organizations and information systems. The effectiveness of security controls must be balanced with a variety of operational issues, including the impact on employee productivity, legal and ethical stipulations, and business and financial concerns. IT security managers in different organizations face many of the same threats and establish similar solutions, and they're often gathering and applying the same knowledge. However, they're doing so largely on their own, which is clearly inefficient. We propose a formalized community project for sharing and applying IT security management knowledge. Here, we present our community knowledge-base prototype, designed to benefit IT security managers in a variety of organizations.