Cybersecurity and information security – what goes where?

Basie von Solms, Rossouw von Solms

Research output: Contribution to journalArticlepeer-review

89 Citations (Scopus)

Abstract

Purpose: The purpose of this paper is to define cybersecurity and cybersecurity governance in simplified terms – to explain to the boards of directors and executive management their responsibilities and accountabilities in this regard. Design/methodology/approach: The primary research methodology utilized in this paper is desk research. A literature study is followed by some discussion in terms of the contribution made. Findings: Clearly define the relationship between cybersecurity and information security, especially from a governance perspective. Research limitations/implications: The paper is based predominantly on an ISO standard. Originality/value: The simplification of terminology to be used in the governance of cybersecurity, together with assistance to the guiding of boards of directors regarding their duties and responsibilities as far as cybersecurity is concerned.

Original languageEnglish
Pages (from-to)2-9
Number of pages8
JournalInformation and Computer Security
Volume26
Issue number1
DOIs
Publication statusPublished - 2018

Keywords

  • Boards of directors
  • Cyber security governance
  • Cybersecurity
  • Information security
  • Information security governance
  • ISO 27032

ASJC Scopus subject areas

  • Management Information Systems
  • Software
  • Information Systems
  • Computer Networks and Communications
  • Information Systems and Management
  • Management of Technology and Innovation

Fingerprint

Dive into the research topics of 'Cybersecurity and information security – what goes where?'. Together they form a unique fingerprint.

Cite this