Agris on-line Papers in Economics and Informatics

Faculty of Economics and Management CULS Prague, Kamýcká 129, 165 00 Praha - Suchdol

The international peer-reviewed scientific journal, ISSN 1804-1930


Factors Affecting Information Security Focused on SME and Agricultural Enterprises

V. Bolek, A. Látečková, A. Romanová, F. Korček
DOI: 10.7160/aol.2016.080404
Agris on-line Papers in Economics and Informatics, no 4/2016, December


Bolek, V., Látečková, A., Romanová, A. and Korček, F. (2016) “Factors Affecting Information Security Focused on SME and Agricultural Enterprises", AGRIS on-line Papers in Economics and Informatics, Vol. 8, No. 4, pp. 37 - 50. ISSN 1804-1930.

Abstract
Progress in the field of information and communication technology is a source of advantage that improves quality of business services; increases productivity levels and brings competitive advantage to enterprises and organisations related to agricultural production. However, the use of information and communication technology (ICT) is connected with information security risks that threaten business continuity and information assets. The ICT in small and medium-sized enterprises (SME) and agricultural enterprises is the source of several advantages as well as the risks resulting from information security violation and security incidents. This paper aims at the current situation of information security in SME and agricultural enterprises. Furthermore, the paper provides results of a survey focusing on identification and evaluation of the effects of internal and external factors affecting existence of risks in information security in Slovak SME and agricultural enterprises. Until now, there had not been a similar survey carried out.


Keywords
Information security, security incident, risk, factors, SME, agricultural enterprises.

References

  1. Ahmad, A., Maynard, S. B. and Shanks, G. (2015) “A case analysis of information systems and security incident responses”, International Journal of Information Management, Vol. 35, No. 6, pp. 717 – 723. ISSN 0268-4012. DOI
  2. Albrechtsen, E. and Hovden, J. (2010) “Improving information security awareness and behaviour through dialogue, participation and collective reflection. An intervention study”, Computers & Security, Vol. 29, No. 4, pp. 432 – 445. ISSN 0167-4048. DOI 10.1016/j.cose.2009.12.005. DOI 10.1016/j.ijinfomgt.2015.08.001.
  3. Balashova, N. N., Šilerová and E., Melikhov, V. A. (2015) “Developing the metodology to form integrated reporting of agroholdings in the Russian Federation”, AGRIS on-line Papers in Economics and Informatics, Vol. 7, No. 4, pp. 19 - 29. ISSN 1804-1930. DOI
  4. Bishop, M. (2000) “Education in information security”, Concurrency, IEEE, Vol. 8, No. 4, pp. 4 -8. ISSN 1092-3063. DOI 10.1109/4434.895087.
  5. Butoracová Šindlerová, I. and Butorac, D. (2008) “Aplikácia krízového manažmentu na malom a strednom podniku zaostávajúceho regiónu s primárnym zameraní na význam ľudských zdrojov v organizácii”, Collection of papers of scientific papers of department of economy and economics ANNO (in Slovak), University Prešov, Prešov. ISBN 978-80-8068-798-4. DOI
  6. Ernst & Young. (2015) “Global Information Security Surey 2015”, Ernst & Young, [Online]. Available: http://www.ey.com/Publication/vwLUAssets/ey-global-information-security-survey- 2015/$FILE/ey-global-information-security-survey-2015.pdf [Accessed: 10 Jan. 2016]. DOI
  7. Eurostat (2011) “ICT security in enterprises 2011”. [Online]. Available: http://ec.europa.eu/eurostat/ statistics-explained/index.php/ICT_security_in_enterprises [Accessed: 20 Dec. 2015]. DOI
  8. CFO (2013) “Ako hackeri klamú vašich zamestnancov" (in Slovak), CFO. [Online]. Available: http://www.cfo.sk/articles/ako-hackeriklamu-vasich-zamestnancov [Accessed: 20. Dec. 2015]. DOI
  9. Hamášová, K. and Gerhátová, G. (2012) “Návrh systému vzdelávania v oblasti informačnej bezpečnosti v podniku agrosektora” , Collection of network and information technology 2012 (in Slovak). [Online], Slovak University of Agricultural in Nitra. Available: http://spu.fem.uniag. sk/konferencie_a_seminare/sit/2012/zbornik/hamasova_gerhatova.pdf [Accessed: 20. Dec. 2015]. DOI
  10. Hamranová, A. (2013) “Aspekty implementácie Business Intelligence v slovenských podnikoch”, Ekonóm, ISBN 978-80-225-3603-5. DOI
  11. Hansman, S. and Hunt, R. (2005) “A taxonomy of networks and computer attacks”, Computers & Security, Vol. 24, No. 1, p. 31–43. ISSN 0167-4048. DOI 10.1016/j.cose.2004.06.011.
  12. Hochmann, J., Stanek, M., Vazan, I. (2011) “Prieskum stavu informačnej bezpečnosti vo verejnej správe v Slovenskej republike 2011”, Ministry of Finances of the Slovak Republic. [Online]. Available: http://www.informatizacia.sk/ext_dok-prieskum_ib_2013_-sk-en-/16943c [Accessed: 15 Dec. 2015]. DOI
  13. Havlíček, Z., Lohr, V., and Benda, P. (2009) “ICT and agritourism in Czech Republic”, APSTRACT: Applied Studies in Agribusiness and Commerce, Vol. 3, [Online]. Available: http://ageconsearch. umn.edu/bitstream/53541/2/10_ICT_Apstract.pdf [Accessed: 12 Jan. 2016]. DOI
  14. ISACA (2015) “Cybersecurity Fundamentals Study Guide”, ISACA, ISBN 978-1-60420-593-0. DOI
  15. ISO (2014) “ISO Survey”, International Organization for Standardization. [Online]. Available: http://www.iso.org/iso/home/standards/certification/isosurvey.htm? certificate= ISO/IEC% 2027001&countrycode =AF#standardpick [Accessed: 8 Jan. 2016]. DOI
  16. ISO/IEC 27000:2014. Information technology – Security techniques – Information security management systems – Overview and vocabulary DOI
  17. ISO/IEC 27005:2011. Information technology – Security techniques – Information security risk management. DOI
  18. Kaluža, F. (2011) “Outsourcing z pohľadu riadenia informačnej bezpečnosti”, International magazine for security engineering, Vol. 6, pp. 1-2. ISSN 1336-9717. DOI
  19. Kračmár, J. (2012) “Riadenie operačných rizík v krízovom riadení podniku”, Krízový manažment podniku. ISBN 978-80-225-3520-5. DOI
  20. Makatúra, I. (2014) “Čo je to bezpečnostný počítačový incident?”, ITNews, [Online]. Available: http://www.itnews.sk/2014-11-24/c166583-co-je-to-bezpecnostny-pocitacovy-incident [Accessed: 21 Dec. 2015]. DOI
  21. Maumbe, B. M. and Okello, J. (2010) “Uses of Information and Communication Technology (ICT) in Agriculture and Rural Development in Sub-Saharan Africa: Experiences from South Africa and Kenya”, International Journal of ICT Research and Development in Africa (IJICTRDA), Vol. 1, No. 1, pp. 1-22. DOI 10.4018/jictrda.2010010101.
  22. Ng, Z. X., Ahmad, A. and Maynard, S. B. (2014) “Information security management: Factors that influence security investments in SMES”, Proceedings of the 11th Australian Information Security Management Conference, [Online], Available: http://ro.ecu.edu.au/cgi/viewcontent. cgi?article=1156&context=ism [Accessed: 9 Jan. 2016]. DOI
  23. NIST (2012) “Computer Security Incident Handling Guide”, National Institute of Standards and Technology, U.S. Department of Commerce, Aug. 2012, [Online], Available: http://nvlpubs. nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf [Accessed: 9 Jan. 2016]. DOI
  24. Qiang, C. Z., Kuek, S. C., Dymond, A., Esselaar, S. and Unit, I. S. (2011) “Mobile applications for agriculture and rural development”, World Bank, Washington, DC. DOI
  25. Pačaiová, H. and Markulík, Š. (2011) “Bezpečnosť technických systémov ako súčasť v zabezpečovaní kvality”, Kvalita, Vol. 11, No. 11. ISSN 1335-9213 DOI
  26. Pour, J. and Voříšek, J. (2007) “Výsledky průzkumu řízení informatických služeb v ČR”, Systémová integrace, [Online]. Available: http://www.cssi.cz/cssi/vysledky-pruzkumu-rizeni-informatickych- sluzeb-v-cr [Accessed: 20. Dec. 2015]. DOI
  27. Singh, A. N., Picot, A., Kranz, J., Gupta, M.P . and Ojha, A. (2013) “Information security management (ISM) practices: lessons from select cases from India and Germany”, Global Journal of Flexible Systems Management, Vol. 14, No. 4, pp. 225–239. ISSN 0972-2696. DOI 10.1007/s40171-013-0047-4.
  28. Siponen, M., Mahmood, M. A. and Pahnila, S. (2014) “Employees’ adherence to information security policies: an exploratory field study”, Information and Management, Vol. 51, No. 2, pp. 217 – 224. ISSN 0378-7206. DOI
  29. Soomro, Z. A., Shah, M. H. and Ahmed, J. (2016) “Information security management needs more holistic approach: A literature review”, International Journal of Information Management, Vol. 36, No. 2, pp. 215 – 225. ISSN 0268-4012. DOI 10.1016/j.ijinfomgt.2015.11.009.
  30. Stočes, P., Vaněk, J., Masner, J., and Jarolímek, J. (2015) “Mobile application development options for news and information portals”, Future Communication, Information and Computer Science proceedings, CRC Press, Leiden, pp. 111-114. ISBN 978-1-138-02653-7. DOI
  31. Tichý, M. (2006) “Ovládaní rizika”, Analýza a management, pp. 396. ISBN 80-7179-415-5. [32] Tvrdíková, M. (2011) “Aplikace moderních informačních technologií v řízení firmy”, Grada Publishing, pp. 172. ISBN 978-80-247-2728-8. DOI
  32. Tvrdíková, M. (2011) “Aplikace moderních informačních technologií v řízení firmy”, Grada Publishing, pp. 172. ISBN 978-80-247-2728-8. DOI
  33. Vaněk, J., Jarolímek, J., and Vogeltanzová, T. (2011) “Information and Communication Technologies for Regional Development in the Czech Republic-Broadband Connectivity in Rural Areas”, Agris on-line Papers in Economics and Informatics, Vol. 3, No. 3, pp. 66-76. ISSN 1804-1930. DOI
  34. Von Solms, B. and von Solms, R. (2005) “From information security to...business security?”, Computers & Security, Vol. 24, No. 4, pp. 271 – 273. ISSN 0167-4048. DOI 10.1016/j.cose.2005.04.004.
  35. Zelená, H. (2005) “Inovácia a zvýšenie efektivity vzdelávania prostredníctvom IKT”, Preparation of teachers and actual changes in basic education. [Online]. Available: http://www.pf.jcu.cz/ structure/departments/kpe/upload/files/konf05-sbornik-22-zelena_h.pdf [Accessed: 28. Dec. 2015]. DOI

ISSN 1804-1930
© Agris on-line Papers in Economics and Informatics, 2009 - 2017
Faculty of Economics and Management CULS Prague, Kamycka 129, 165 00 Praha 6 - Suchdol