IDEAS home Printed from https://ideas.repec.org/a/eee/ininma/v43y2018icp165-172.html
   My bibliography  Save this article

Understanding key skills for information security managers

Author

Listed:
  • Haqaf, Husam
  • Koyuncu, Murat

Abstract

Information security management is a necessity for all institutions and enterprises that regard company information as valuable assets. Developing, auditing and managing information security depends upon professional expertise in order to achieve the desired information security governance. This research seeks the key skills required for the position of information security management as well as the methods to develop these skills through professional training programs. The study adopts the Delphi method which requires building a list of items through a literature survey and involves experts with certain expertise to modify the list until a consensus on less than 20% of the items is reached. Through completing three rounds of the Delphi technique - data collection, relevance voting and ranking - sixteen skills are shortlisted as the key skills. In the final list, the majority belong to core information security skills, and the top two skills belong to project/process management skills and risk management skills, indicating the importance of these skills for the information security manager role. In addition, a series of related professional training programs and certifications are surveyed, the outcome of which highlights a number of most comprehensive and appropriate programs to develop these determined skills.

Suggested Citation

  • Haqaf, Husam & Koyuncu, Murat, 2018. "Understanding key skills for information security managers," International Journal of Information Management, Elsevier, vol. 43(C), pages 165-172.
    • Handle: RePEc:eee:ininma:v:43:y:2018:i:c:p:165-172
    DOI: 10.1016/j.ijinfomgt.2018.07.013
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0268401218302251
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijinfomgt.2018.07.013?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Bojanc, Rok & Jerman-Blažič, Borka, 2008. "An economic modelling approach to information security risk management," International Journal of Information Management, Elsevier, vol. 28(5), pages 413-422.
    2. Wawak, Slawomir, 2010. "The Importance of Information Security Management in Crisis Prevention in the Company," MPRA Paper 47959, University Library of Munich, Germany.
    3. Gardiyawasam Pussewalage, Harsha S. & Oleshchuk, Vladimir A., 2016. "Privacy preserving mechanisms for enforcing security and privacy requirements in E-health solutions," International Journal of Information Management, Elsevier, vol. 36(6), pages 1161-1173.
    4. Ozkan, Sevgi & Karabacak, Bilge, 2010. "Collaborative risk method for information security management practices: A case context within Turkey," International Journal of Information Management, Elsevier, vol. 30(6), pages 567-572.
    5. Soomro, Zahoor Ahmed & Shah, Mahmood Hussain & Ahmed, Javed, 2016. "Information security management needs more holistic approach: A literature review," International Journal of Information Management, Elsevier, vol. 36(2), pages 215-225.
    6. Silva, Maisa Mendonça & de Gusmão, Ana Paula Henriques & Poleto, Thiago & Silva, Lúcio Camara e & Costa, Ana Paula Cabral Seixas, 2014. "A multidimensional approach to information security risk management using FMEA and fuzzy theory," International Journal of Information Management, Elsevier, vol. 34(6), pages 733-740.
    7. Norman Dalkey & Olaf Helmer, 1963. "An Experimental Application of the DELPHI Method to the Use of Experts," Management Science, INFORMS, vol. 9(3), pages 458-467, April.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Saif Hussein Abdallah Alghazo & Norshima Humaidi & Shereen Noranee, 2023. "Assessing Information Security Competencies of Firm Leaders towards Improving Procedural Information Security Countermeasure: Awareness and Cybersecurity Protective Behavior," Information Management and Business Review, AMH International, vol. 15(1), pages 1-13.
    2. Fotis Kitsios & Elpiniki Chatzidimitriou & Maria Kamariotou, 2023. "The ISO/IEC 27001 Information Security Management Standard: How to Extract Value from Data in the IT Sector," Sustainability, MDPI, vol. 15(7), pages 1-17, March.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Baillette, Paméla & Barlette, Yves & Leclercq-Vandelannoitte, Aurélie, 2018. "Bring your own device in organizations: Extending the reversed IT adoption logic to security paradoxes for CEOs and end users," International Journal of Information Management, Elsevier, vol. 43(C), pages 76-84.
    2. Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
    3. Henriques de Gusmão, Ana Paula & Mendonça Silva, Maisa & Poleto, Thiago & Camara e Silva, Lúcio & Cabral Seixas Costa, Ana Paula, 2018. "Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory," International Journal of Information Management, Elsevier, vol. 43(C), pages 248-260.
    4. Kaw, Javaid A. & Loan, Nazir A. & Parah, Shabir A. & Muhammad, K. & Sheikh, Javaid A. & Bhat, G.M., 2019. "A reversible and secure patient information hiding system for IoT driven e-health," International Journal of Information Management, Elsevier, vol. 45(C), pages 262-275.
    5. Silva, Maisa Mendonça & de Gusmão, Ana Paula Henriques & Poleto, Thiago & Silva, Lúcio Camara e & Costa, Ana Paula Cabral Seixas, 2014. "A multidimensional approach to information security risk management using FMEA and fuzzy theory," International Journal of Information Management, Elsevier, vol. 34(6), pages 733-740.
    6. de Gusmão, Ana Paula Henriques & e Silva, Lúcio Camara & Silva, Maisa Mendonça & Poleto, Thiago & Costa, Ana Paula Cabral Seixas, 2016. "Information security risk analysis model using fuzzy decision theory," International Journal of Information Management, Elsevier, vol. 36(1), pages 25-34.
    7. Prommer, Lisa & Tiberius, Victor & Kraus, Sascha, 2020. "Exploring the future of startup leadership development," Journal of Business Venturing Insights, Elsevier, vol. 14(C).
    8. Bokrantz, Jon & Skoogh, Anders & Berlin, Cecilia & Stahre, Johan, 2017. "Maintenance in digitalised manufacturing: Delphi-based scenarios for 2030," International Journal of Production Economics, Elsevier, vol. 191(C), pages 154-169.
    9. Seung-Jin Han & Won-Jae Lee & So-Hee Kim & Sang-Hoon Yoon & Hyunwoong Pyun, 2022. "Assessing Expected Long-term Benefits for the Olympic Games: Delphi-AHP Approach from Korean Olympic Experts," SAGE Open, , vol. 12(4), pages 21582440221, December.
    10. Prianto Budi Saptono & Gustofan Mahmud & Intan Pratiwi & Dwi Purwanto & Ismail Khozen & Muhamad Akbar Aditama & Siti Khodijah & Maria Eurelia Wayan & Rina Yuliastuty Asmara & Ferry Jie, 2023. "Development of Climate-Related Disclosure Indicators for Application in Indonesia: A Delphi Method Study," Sustainability, MDPI, vol. 15(14), pages 1-25, July.
    11. Zhang, Hong & Gu, Chao-lin & Gu, Lu-wen & Zhang, Yan, 2011. "The evaluation of tourism destination competitiveness by TOPSIS & information entropy – A case in the Yangtze River Delta of China," Tourism Management, Elsevier, vol. 32(2), pages 443-451.
    12. Volkan Hasan Kaya & Doris Elster, 2019. "A Critical Consideration of Environmental Literacy: Concepts, Contexts, and Competencies," Sustainability, MDPI, vol. 11(6), pages 1-20, March.
    13. Petreski Marjan & Petreski Blagica & Tumanoska Despina & Narazani Edlira & Kazazi Fatush & Ognjanov Galjina & Jankovic Irena & Mustafa Arben & Kochovska Tereza, 2017. "The Size and Effects of Emigration and Remittances in the Western Balkans. A Forecasting Based on a Delphi Process," Südosteuropa. Journal of Politics and Society, De Gruyter, vol. 65(4), pages 679-695, December.
    14. Xinxin Liu & Xiaosheng Wang & Haiying Guo & Xiaojie An, 2021. "Benefit Allocation in Shared Water-Saving Management Contract Projects Based on Modified Expected Shapley Value," Water Resources Management: An International Journal, Published for the European Water Resources Association (EWRA), Springer;European Water Resources Association (EWRA), vol. 35(1), pages 39-62, January.
    15. Aparicio, Gloria & Basco, Rodrigo & Iturralde, Txomin & Maseda, Amaia, 2017. "An exploratory study of firm goals in the context of family firms: An institutional logics perspective," Journal of Family Business Strategy, Elsevier, vol. 8(3), pages 157-169.
    16. Nibedita Mukherjee & Jean Huge & Farid Dahdouh-Guebas & Nico Koedam, 2014. "Ecosystem service valuations of mangrove ecosystems to inform decision making and future valuation exercises," ULB Institutional Repository 2013/217963, ULB -- Universite Libre de Bruxelles.
    17. Di Zio, Simone & Bolzan, Mario & Marozzi, Marco, 2021. "Classification of Delphi outputs through robust ranking and fuzzy clustering for Delphi-based scenarios," Technological Forecasting and Social Change, Elsevier, vol. 173(C).
    18. Sheida Abdoli & Farah Habib & Mohammad Babazadeh, 2018. "Making spatial development scenario for south of Bushehr province, Iran, based on strategic foresight," Environment, Development and Sustainability: A Multidisciplinary Approach to the Theory and Practice of Sustainable Development, Springer, vol. 20(3), pages 1293-1309, June.
    19. Shannon Li & Anne Honey & Francesca Coniglio & Peter Schaecken, 2022. "Mental Health Peer Worker Perspectives on Resources Developed from Lived Experience Research Findings: A Delphi Study," IJERPH, MDPI, vol. 19(7), pages 1-15, March.
    20. Alyami, Saleh. H. & Rezgui, Yacine & Kwan, Alan, 2013. "Developing sustainable building assessment scheme for Saudi Arabia: Delphi consultation approach," Renewable and Sustainable Energy Reviews, Elsevier, vol. 27(C), pages 43-54.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ininma:v:43:y:2018:i:c:p:165-172. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-information-management .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.