0000000000041112

AUTHOR

Riku Nykänen

0000-0002-6782-2215

showing 4 related works from this author

A Knowledge Interface System for Information and Cyber Security Using Semantic Wiki

2018

Resilience against information and cyber security threats has become an essential ability for organizations to maintain business continuity. As bulletproof security is an unattainable goal, organizations need to concentrate to select optimal countermeasures against information and cyber security threats. Implementation of cyber risk management actions require special knowledge and resources, which especially small and medium-size enterprises often lack. Information and cyber security risk management establish knowledge intensive business processes, which can be assisted with a proper knowledge management system. This paper analyzes how Semantic MediaWiki could be used as a platform to assis…

information securityInterface (Java)Computer scienceBusiness processmedia_common.quotation_subjectriskienhallinta02 engineering and technologyComputer securitycomputer.software_genretietämyksenhallintaBusiness continuitydesign science research020204 information systems0502 economics and business0202 electrical engineering electronic engineering information engineeringtietoturvakyberturvallisuusRisk managementmedia_commonbusiness.industryService design05 social sciencesInformation securityResilience (organizational)CountermeasurePsychological resiliencebusinesscomputer050203 business & management
researchProduct

Supporting Cyber Resilience with Semantic Wiki

2016

Cyber resilient organizations, their functions and computing infrastructures, should be tolerant towards rapid and unexpected changes in the environment. Information security is an organization-wide common mission; whose success strongly depends on efficient knowledge sharing. For this purpose, semantic wikis have proved their strength as a flexible collaboration and knowledge sharing platforms. However, there has not been notable academic research on how semantic wikis could be used as information security management platform in organizations for improved cyber resilience. In this paper, we propose to use semantic wiki as an agile information security management platform. More precisely, t…

ta113021110 strategic defence & security studiesEngineeringKnowledge managementCloud computing securitybusiness.industryStandard of Good Practiceinformation security management0211 other engineering and technologies02 engineering and technologyInformation securitycyber resiliencesemantic wikiSecurity information and event managementrisk managementSecurity controlsResilience (organizational)World Wide WebITIL security managementInformation security management020204 information systems0202 electrical engineering electronic engineering information engineeringbusiness
researchProduct

Aligning Two Specifications for Controlling Information Security

2014

Assuring information security is a necessity in modern organizations. Many recommendations for information security management exist, which can be used to define a baseline of information security requirements. ISO/ IEC 27001 prescribes a process for an information security management system, and guidance to implement security controls is provided in ISO/IEC 27002. Finnish National Security Auditing Criteria (KATAKRI) has been developed by the national authorities in Finland as a tool to verify maturity of information security practices. KATAKRI defines both security control objectives and security controls to meet an objective. Here the authors compare and align these two specifications in…

Information Systems and ManagementComputer Networks and Communicationsinformation securitysecurity specification alignmentComputer securitycomputer.software_genreSecurity information and event managementInformation security auditKATAKRIsecurity managementSafety Risk Reliability and Qualitysecurity audit criteriaInformation security management systemta113Certified Information Security ManagerInformation securitySecurity controlsISO/IEC 27001ISO/IEC 27002ITIL security managementRisk analysis (engineering)Security servicesecurity cerificationHardware and ArchitectureBusinessSafety ResearchcomputerSoftwaresecurity controls
researchProduct

Tailorable Representation of Security Control Catalog on Semantic Wiki

2018

Selection of security controls to be implemented is an essential part of the information security management process in an organization. There exist a number of readily available information security management system standards, including control catalogs, that could be tailored by the organizations to meet their security objectives. Still, it has been noted that many organizations tend to lack even the implementation of the fundamental security controls. At the same time, semantic wikis have become popular collaboration and information sharing platforms that have proven their strength as an effective way to distribute domain-specific information within an organization. This paper evaluates…

World Wide WebInformation security managementKnowledge basebusiness.industryProcess (engineering)Computer scienceInformation sharingControl (management)Information securitybusinessSecurity controlsInformation security management system
researchProduct