"The state of information security as a whole is a disaster, a train wreck". This view is given by Forte and Power (2007) describing the state of information security to...
Hennie A. Kruger, Tjaart Steyn, Lynette Drevin, Da...
Recent works on Internet risk management have proposed the idea of cyber-insurance to eliminate risks due to security threats, which cannot be tackled through traditional means suc...
Policy override is gaining traction in the research community to improve the efficiency and usability of authorization mechanisms. These mechanisms turn the conventional privilege...
— Corporate decision makers have normally been disconnected from the details of the security management infrastructures of their organizations. The management of security resourc...
Tyrone Grandison, Marcel Bilger, L. O'Connor, M. G...
The paper makes two main contributions: (1) It presents experiences from using the CORAS language for security threat modelling to specify legal risk scenarios. These experiences a...
Fredrik Vraalsen, Mass Soldal Lund, Tobias Mahler,...