Adoption of ISO 27001 in Cyprus enterprises: Current state and challenges

This chapter presents the findings of an investigation on current security practices in Cypriot organizations, including enterprises and public sector divisions. In order to gain knowledge on the deployed security technologies by organizations, a survey was conducted and concluded in late 2010. The survey primarily examined compliance of enterprise current security policies and procedures with ISO 27001 security guidelines. A research analysis has been performed and identified that security mechanisms and the management of information technology (IT) resources may be improved on a number of aspects. Based on the research findings, an assessment of the viability of ISO 27001 in Cyprus is given as well as recommendations on the further deployment of ISO 27001.

[1]  Kai Reimers,et al.  Should Buyers Try to Shape IT Markets Through Non-Market (Collective) Action? Antecedents of a Transaction Cost Theory of Network Effects , 2005, Int. J. IT Stand. Stand. Res..

[2]  Geerten van de Kaa,et al.  The Challenge of Establishing a Recognized Interdisciplinary Journal: A Citation Analysis of the International Journal of IT Standards and Standardization Research , 2013, Int. J. IT Stand. Stand. Res..

[3]  Gerald M. Hoffman Ethical Challenges for Information Systems Professionals , 2004 .

[4]  Anthony Wiles,et al.  In Pursuit of Interoperability , 2004, Int. J. IT Stand. Stand. Res..

[5]  Gunnar Ellingsen Tightrope Walking: Standardisation Meets Local Work-Practice in a Hospital , 2004, Int. J. IT Stand. Stand. Res..

[6]  June M. Fernie,et al.  COSTS, DRAWBACKS AND BENEFITS ‐ THE CUSTOMER′S VIEW OF BS 5750 , 1993 .

[7]  DongBack Seo Evolution and Standardization of Mobile Communications Technology , 2013 .

[8]  Geerten van de Kaa Responsible Innovation and Standardization: A New Research Approach? , 2013, Int. J. IT Stand. Stand. Res..

[9]  Charles Oppenheim,et al.  Social, Ethical and Policy Implications of Information Technology , 2004, J. Documentation.

[10]  Swapneshwar Goutam Analysis of Speedy Uptake of Electronic and Digital Signatures in Digital Economy with Special Reference to India , 2011 .

[11]  M. Cruz-cunha,et al.  Information Communication Technology Law, Protection and Access Rights: Global Approaches and Issues , 2010 .

[12]  DongBack Seo,et al.  Are Asian Countries Ready to Lead a Global ICT Standardization? , 2012, Int. J. IT Stand. Stand. Res..

[13]  Subhadip Sarkar,et al.  Designing Appropriate Frameworks, Models, Strategies and Solutions , 2010 .

[14]  M. Cole,et al.  Ensuring Users' Rights to Privacy, Confidence and Reputation in the Online Learning Environment: What Should Instructors Do to Protect Their Students’ Privacy? , 2010 .

[15]  Sorren Hanvey,et al.  On the Use of Formal Methods to Enforce Privacy-Aware Social Networking , 2013 .

[16]  Esharenana E. Adomi Frameworks for ICT Policy: Government, Social and Legal Issues , 2010 .

[17]  Katerina Gotzamani,et al.  ISO 9000 as an entry key to TQM: the case of Greek industry , 1996 .

[18]  D. Lipovatz,et al.  Implementation of ISO 9000 quality systems in Greek enterprises , 1999 .