Browsing NTNU Open by Author "Wangen, Gaute"
Now showing items 1-20 of 26
-
A Comparison between Business Process Management and Information Security Management
Wangen, Gaute; Snekkenes, Einar (Chapter, 2014)Information Security Standards such as NIST SP 800-39 and ISO/IEC 27005:2011 are turning their scope towards business process security. And rightly so, as introducing an information security control into a business-processing ... -
A framework for estimating information security risk assessment method completeness: Core Unified Risk Framework
Wangen, Gaute; Hallstensen, Christoffer V; Snekkenes, Einar Arthur (Journal article; Peer reviewed, 2017)In general, an information security risk assessment (ISRA) method produces risk estimates, where risk is the product of the probability of occurrence of an event and the associated consequences for the given organization. ... -
A study of NIS2.0 readiness in Norwegian Private SMEs: The Management Perspective
Ramberg, Simen (Master thesis, 2024)Denne studien utforsker cybersikkerhetslandskapet blant norske SMBer (Små og mellomstore bedrifter) i privat sektor, spesielt med fokus på deres beredskap for NIS 2.0-direktivet. NIS 2 utvider det opprinnelige NIS 1-direktivet, ... -
A Taxonomy of Challenges in Information Security Risk Management
Wangen, Gaute; Snekkenes, Einar (Chapter, 2013)Risk Management is viewed by many as the cornerstone of information security and is used to determine what to protect and how. How to approach risk management for information security is an ongoing debate as there are ... -
An Empirical Study of Root-Cause Analysis in Information Security Management
Wangen, Gaute; Hellesen, Niclas; Torres, Henrik; Brækken, Erlend (Chapter, 2017)This paper studies the application of Root-cause analysis (RCA) methodology to a complex socio-technical information security (InfoSec) management problem. InfoSec risk assessment (ISRA) is the common approach for dealing ... -
An initial insight into Information Security Risk Assessment practices
Wangen, Gaute (Chapter, 2016)Much of the debate surrounding risk management in information security (InfoSec) has been at the academic level, where the question of how practitioners view predominant issues is an essential element often left unexplored. ... -
An Initial Insight Into InfoSec Risk Management Practices
Wangen, Gaute (Journal article; Peer reviewed, 2015)Much of the debate surrounding risk management in information security (InfoSec) has been at the academic level, and how practitioners view predominant issues is an important element often left unexplored. Thus, this article ... -
Brettspillbasert opplæring i informasjonssikkerhet
Magnus, Daniel Christian Haraldsen; Flobak, Bendik Berntsen; Al-Shammari, Abu Baker Mohammed Abdullah; Moren, Inger (Bachelor thesis, 2019)Opplæring av ansatte innen informasjonssikkerhet er viktig for organisasjoner. Dette blir tradisjonelt gjort gjennom E-læring og kurs. Oppgaven vår gikk ut på å lage et fysisk brettspill som skal brukes til opplæring i ... -
Conflicting Incentives Risk Analysis: A Case Study of the Normative Peer Review Process
Wangen, Gaute (Journal article; Peer reviewed, 2015)This paper presents an approach to conduct risk assessments of complex incentive systems, using a case study of the normative Peer Review Process (PRP). This research centers on appliances and adaptations of the Conflicting ... -
Cyber security risk assessment of a DDoS attack
Wangen, Gaute; Shalaginov, Andrii; Hallstensen, Christoffer V (Journal article; Peer reviewed, 2016)This paper proposes a risk assessment process based on distinct classes and estimators, which we apply to a case study of a common communications security risk; a distributed denial of service attack (DDoS) attack. The ... -
Empirical Case Studies of the Root Cause Analysis Method in Information Security
Hellesen, Niclas; Torres, Henrik; Wangen, Gaute (Journal article; Peer reviewed, 2018)Root cause analysis is a methodology that comes from the quality assurance and improvement fields. Root-cause analysis is a seven-step methodology that proposes multiple tools per step, which are designed to identify and ... -
High level information security risk in higher education
Ulven, Joachim (Master thesis, 2020)Identifisere verdier, trusler og sårbarheter er avgjørende når du vurderer risikoer i organisasjoner. Flere av de mest kjente informasjonssikkerhetsrisiko rammeverkene som ISO/IEC 27005, NIST SP 800-39 og OCTAVE bruker ... -
How cyber security incidents can affect Norwegian food production
Kjønås, Karianne (Master thesis, 2023)Cybersikkerhet i landbruket blir mer og mer viktig fra et samfunnsikkerhetsperspektiv fordi matforsyningen kan være et mål for nasjonale trusler. Bruken av teknologi i landbruket har økt med årene, som fører til en økning ... -
Information Security Risk Assessment: A Method Comparison
Wangen, Gaute (Journal article; Peer reviewed, 2017)Numerous methods for information security risk assessment (ISRA) are available, yet there is little guidance on how to choose one. Through a comprehensive risk identification, estimation, and evaluation framework, the ... -
Mørketallsundersøkelsen ved NTNU 2018
Wangen, Gaute; Brodin, Even Østby; Skari, Bent Håkon; Berglind, Christopher (Research report, 2019)Formålet med denne rapporten er å undersøke sikkerhetssituasjonen på NTNU og avdekke urapporterte hendelser for å få et bedre beslutningsgrunnlag innenfor cybersikkerhet. Rapporten er utarbeidet av IT avdelingen ved Seksjon ... -
Quantitative Risk, Statistical Methods and the Four Quadrants for Information Security
Wangen, Gaute; Shalaginov, Andrii (Chapter, 2016)Achieving the quantitative risk assessment has long been an elusive problem in information security, where the subjective and qualitative assessments dominate. This paper discusses the appropriateness of statistical and ... -
Risk perception of Norwegians in the online debate space
Dybvik, Eivind (Master thesis, 2022)Risiko er et tema som er viktig å ha mye kunnskap om for å kunne navigere oss rundt de stedene der det er en del risiko tilstede. I nettdebatten er det mange av den norske befolkning tilstede hver dag, her er det derfor ... -
Risk Perceptions on Social Media Use in Norway
Nyblom, Philip Johannes Brugmans; Wangen, Gaute; Gkioulos, Vasileios (Peer reviewed; Journal article, 2020)Social media are getting more and more ingrained into everybody’s lives. With people’s more substantial presence on social media, threat actors exploit the platforms and the information that people share there to deploy ... -
Risk Perceptions when participating in public debates on digital platforms
KHAN, SALMAN (Master thesis, 2021)Sosiale medier er en kilde som sprer mange forskjellige følelser og elementer som kan føre til positive eller negative påvirkninger på samfunnet. En studie av elementer som falske nyheter og feilinformasjon utmerker seg ... -
The Root Causes of Compromised Accounts at the University
Nyblom, Philip Johannes Brugmans; Wangen, Gaute; Kianpour, Mazaher; Østby, Grethe (Chapter, 2020)Compromised usernames and passwords are a continuous problem that several organizations struggle with even though this is a known problem with known solutions. Passwords remain a problem for the modern University as it ...