A situation awareness model for information security risk management

• We identify from literature 3 deficiencies in information security risk assessment.
• We develop a security situational awareness (SA) model from Endsley's SA theory.
• We refine our model though an in depth case study of the US intelligence enterprise.
• We show how SA can be developed using an intelligence-driven approach.

Information security risk management (ISRM) is the primary means by which organizations preserve the confidentiality, integrity and availability of information resources. A review of ISRM literature identified deficiencies in the practice of information security risk assessment that inevitably lead to poor decision-making and inadequate or inappropriate security strategies. In this conceptual paper, we propose a situation aware ISRM (SA-ISRM) process model to complement the information security risk management process. Our argument is that the model addresses the aforementioned deficiencies through an enterprise-wide collection, analysis and reporting of risk-related information. The SA-ISRM model is adapted from Endsley's situation awareness model and has been refined using our findings from a case study of the US national security intelligence enterprise.

Figure optionsDownload as PowerPoint slide