THE RELATIONSHIP BETWEEN INFORMATION SYSTEMS RESOURCES AND INFORMATION SECURITY

Information is an asset crucial for the survival of any organizations. Because of its importance, information needs to be safeguarded and protected, normally termed as information security. The ISO 27001:2005 defines information security as “the preservation of confidentiality, integrity and availability of information”. Hence, information security is designed to protect the valuable data of the organization and it is importance in safe-guarding all organization's data from unauthorized access or modification to ensure its availability, confidentiality, and integrity. Realizing the importance of information security, researchers have studied and proposed various models for an effective implementation of information security. To further adds to this body of literature, this paper reports the findings of a study examining information systems resources and its effect on information security. Using the survey research method with questionnaire as the instrument for data collection, a total of 72 companies located in Klang Valley and Cyberjaya, Malayaia were engaged in the study. The findings suggest that, several dimensions of information systems resources are significant predictor of information security. The findings should be useful to both researchers and practitioners. As for the researchers, the model used can be further tested in other settings, while for the practitioners, it provides a useful guideline for improving their information systems infrastructure so as to protect and safeguard their organizational information.

[1]  Sean B. Maynard,et al.  Teaching information security management: reflections and experiences , 2014, Inf. Manag. Comput. Secur..

[2]  M. Al-Awadi SUCCESS FACTORS IN INFORMATION SECURITY IMPLEMENTATION IN ORGANIZATIONS , 2008 .

[3]  Dale Goodhue,et al.  Develop Long-Term Competitiveness through IT Assets , 1996 .

[4]  Salahuddin Alfawaz Information security management : a case study of an information security culture , 2011 .

[6]  Diane M. Strong,et al.  Process-Embedded Data Integrity , 2004, J. Database Manag..

[7]  Y. S. Feruza,et al.  IT Security Review: Privacy, Protection, Access Control, Assurance and System Security , 2007 .

[8]  Adéle da Veiga,et al.  Comparing the information security culture of employees who had read the information security policy and those who had not: Illustrated through an empirical study , 2016, Inf. Comput. Secur..

[9]  Thiagarajan Ravichandran,et al.  Effect of Information Systems Resources and Capabilities on Firm Performance: A Resource-Based Perspective , 2005, J. Manag. Inf. Syst..

[11]  Terry Anthony Byrd,et al.  The Impact of IT Personnel Skills on IS Infrastructure and Competitive IS , 2004, Inf. Resour. Manag. J..

[12]  M. Eric Johnson,et al.  Embedding Information Security into the Organization , 2007, IEEE Security & Privacy.

[13]  Shuchih Ernest Chang,et al.  Organizational factors to the effectiveness of implementing information security management , 2006, Ind. Manag. Data Syst..

[14]  Terry Anthony Byrd,et al.  Measuring the Flexibility of Information Technology Infrastructure: Exploratory Analysis of a Construct , 2000, J. Manag. Inf. Syst..

[15]  Kuo-Chung Chang,et al.  Information systems resources and information security , 2011, Inf. Syst. Frontiers.

[16]  John C. Henderson,et al.  Strategic Alignment: Leveraging Information Technology for Transforming Organizations , 1993, IBM Syst. J..

[17]  H. Joseph Wen,et al.  Building E-Enterprise Security: A Business View , 2003, Inf. Secur. J. A Glob. Perspect..

[18]  Haralambos Mouratidis,et al.  An information security risk-driven investment model for analysing human factors , 2016, Inf. Comput. Secur..

[19]  William L. Fuerst,et al.  Information technology and sustained competitive advantage: a resource-based analysis , 1995 .