报告题目 | Information Security Management Standards: Problems and Solutions | ||
报告人(单位) | Mikko Siponen教授(芬兰于韦斯屈莱大学) | ||
点评人(单位) | 浦正宁副教授(东南大学) | 点评人(单位) | 邵秀燕博士(东南大学) |
时间地点 | 2021年11月6日(周六)下午15:00 腾讯会议ID:184 794 740 | ||
报告人简介 | |||
Siponen教授是于韦斯屈莱大学教授、芬兰科学院院士、墨尔本大学名誉教授。他的研究方向为信息安全、网络犯罪、IT使用、软件开发、以及关于信息系统理论的哲学思考。他发表了80多篇期刊文章,多篇研究成果发表在MIS Quarterly, Information Systems Research, Journal of the Association for Information Systems, Journal of Management Information Systems, European Journal of Information Systems, Information & Management等国际顶级信息系统期刊。他目前是JAIS副主编,MISQ客座副主编。 Mikko Siponen is a full professor of Information Systems (IS). His degrees include Doctor of Social Sciences, majoring in Applied Philosophy; M.Sc. in Software Engineering; Lic.Phil. in information systems; and Ph.D. in Information Systems. Siponen has undertaken several managerial positions, including Vice Dean for Research (University of Jyvaskyla), Head of Department (University of Jyvaskyla), Vice Head of Research (University of Oulu), and Director of an IS security Research Centre (University of Oulu). He has published more than 80 journal articles. His current H index is 49, and he has cited more than 13 200 times. Despite there being several prominent Finnish IS scholars (in Finland and outside of Finland), Professor Siponen is the only Information Systems professor who has been invited to be a member of The Finnish Academy of Science and Letters. He is an Honorary Professor in the University of Melbourne.
| |||
报告内容摘要 | |||
Information security management standards are generally widely valued In the practice. In this talk, Professor Siponen talks about fundamental weakness of information security management standards. In the talk, Professor Siponen explains the history and intellectual foundations of information security management standards, and how they are different from checklists and maturity models. Professor Siponen discusses several problems of information security management standards. For example, information security management standards claim to be based on best practice. However, this is hardly the case. Finally, Professor Siponen outlines his own suggestion as to how information security management standards should be improved, in order that they would be genuinely evidence-based.
| |||
