Identifying Information Security Risks in a Social Network Using Self-organising Maps - Information Security Education Access content directly
Conference Papers Year : 2019

Identifying Information Security Risks in a Social Network Using Self-organising Maps

Rudi Serfontein
  • Function : Author
  • PersonId : 1047161
Hennie Kruger
  • Function : Author
  • PersonId : 1001052
Lynette Drevin
  • Function : Author
  • PersonId : 983859

Abstract

Managing information security risks in an organisation is one of the most important tasks an organisation has. Unfortunately, due to the complexity of most organisational systems, identifying information security risks can be difficult. One way to identify possible risks in an organisation is to make use of Social Network Analysis (SNA). While they can be used to identify risks, the metrics calculated using SNA are often numerous and daunting to managers unfamiliar with SNA. Furthermore, as the data in this form tend to be uncomfortable to process, educating managers about risks in their organisation can be quite difficult. Also, as these metrics often require quantitative processing in order to be useful, SNA on its own is not always an attractive method to use to identify risks in an organisation. In this paper the use of self-organising maps to identify possible information security risks in an organisation is investigated. Risk data were obtained from an organisation that deals in risk management, which were used to build a social network. A number of metrics associated with risk were calculated from the network, and these metrics were used to cluster the various entities using a self-organising map. Certain entities that pose a possible information security risk were identified. The results suggest that it may be viable to use self-organising maps, in concord with SNA, to more easily identify risks in an organisation using visual methods.
Fichier principal
Vignette du fichier
485999_1_En_9_Chapter.pdf (963.1 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02365733 , version 1 (15-11-2019)

Licence

Attribution

Identifiers

Cite

Rudi Serfontein, Hennie Kruger, Lynette Drevin. Identifying Information Security Risks in a Social Network Using Self-organising Maps. 12th IFIP World Conference on Information Security Education (WISE), Jun 2019, Lisbon, Portugal. pp.114-126, ⟨10.1007/978-3-030-23451-5_9⟩. ⟨hal-02365733⟩
70 View
33 Download

Altmetric

Share

Gmail Facebook X LinkedIn More