The hyper-dynamic, global adoption of digital technologies due to the Covid-19 pandemic and the increasing digitalization of business models necessitate a dialogue on fundamental concepts that assist organizations in defining appropriate requirements for their information security measures. The definition of information security properties (ISPs) represents a widely used approach to describe the security needs of business assets in an understandable manner. However, academia and practice lack a consensus on underlying concepts and definitions. Here, we eliminate prevailing inconsistencies in definitions of ISPs by synthesizing the available literature. By extending the most common information security concept – i.e., the Confidentiality, Integrity & Availability (CIA) Triad – we disentangle the interrelations between various ISPs. Our results enhance the understanding of relevant ISPs and their interrelations, support organizations’ information security strategies, and deliver valuable impulses to stimulate further research concerning the influence of organizational characteristics on ISP prioritizations.
Bitzer, Michael; Brinz, Nicolas; and Ollig, Philipp, "DISENTANGLING THE CONCEPT OF INFORMATION SECURITY PROPERTIES - ENABLING EFFECTIVE INFORMATION SECURITY GOVERNANCE" (2021). ECIS 2021 Research Papers. 134.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.