Ontology Of Information Security In Enterprises. Stephen

1483 WordsApr 24, 20176 Pages
Ontology of Information Security in Enterprises Stephen Schiavone1, Lalit Garg2 and Kelly Summers3 1University of Liverpool, Fountain Hills, Arizona, USA 2University of Liverpool, University of Malta, Malta 3Medicis Pharmaceutical Corp, Scottsdale, Arizona, USA steve.schiavone@my.ohecampus.com lalit.garg@my.ohecampus.com krsummers@sbcglobal.net Abstract: Today’s global free-market enterprise is reliant on the interconnectedness of social, economic and political ecosystems. Enterprises no longer maintain a simple unary relationship between its customers and consumers. Enterprises have become an integral part of a complex relationship within the new socio- and techno- economic paradigm. The cornerstone of this new model is the Internet…show more content…
Validation of the ‘Enterprise Ontology’ and ‘Information Security Capability-Driven Framework’ is obtained from the creation of a business strategy to ‘business capability value map’ and quantification of key business and security metrics. A set of ontology-based competency questions allows the business to understand and make informed and prudent decisions regarding how and where security should be applied to ensure a favourable outcome for the enterprise. Analysis of the results of this study demonstrates the usefulness of the model in guiding the organization to assess current security risks and make informed and business-directed security decisions. The result is a deployment strategy that balances the scarce resources of the enterprise whilst maintaining strategic alignment. Further opportunities exist to improve the creation and quality of enterprise ontology including development of a more rigorous and systematic approach to modelling the enterprise’s current state and future state scenarios using the business capability framework. Semantically driven conceptual models of the enterprise may also be expressed within key security technologies and systems that support the organization by forming a collection of ontology-aware technologies that respond and react collectively to attacks in a fail-secure

More about Ontology Of Information Security In Enterprises. Stephen

Open Document