Blar i NTNU Open på forfatter "Wangen, Gaute"

Viser treff 1-20 av 25

    • A Comparison between Business Process Management and Information Security Management 

      Wangen, Gaute; Snekkenes, Einar (Chapter, 2014)
      Information Security Standards such as NIST SP 800-39 and ISO/IEC 27005:2011 are turning their scope towards business process security. And rightly so, as introducing an information security control into a business-processing ...

    • A framework for estimating information security risk assessment method completeness: Core Unified Risk Framework 

      Wangen, Gaute; Hallstensen, Christoffer V; Snekkenes, Einar Arthur (Journal article; Peer reviewed, 2017)
      In general, an information security risk assessment (ISRA) method produces risk estimates, where risk is the product of the probability of occurrence of an event and the associated consequences for the given organization. ...

    • A Taxonomy of Challenges in Information Security Risk Management 

      Wangen, Gaute; Snekkenes, Einar (Chapter, 2013)
      Risk Management is viewed by many as the cornerstone of information security and is used to determine what to protect and how. How to approach risk management for information security is an ongoing debate as there are ...

    • An Empirical Study of Root-Cause Analysis in Information Security Management 

      Wangen, Gaute; Hellesen, Niclas; Torres, Henrik; Brækken, Erlend (Chapter, 2017)
      This paper studies the application of Root-cause analysis (RCA) methodology to a complex socio-technical information security (InfoSec) management problem. InfoSec risk assessment (ISRA) is the common approach for dealing ...

    • An initial insight into Information Security Risk Assessment practices 

      Wangen, Gaute (Chapter, 2016)
      Much of the debate surrounding risk management in information security (InfoSec) has been at the academic level, where the question of how practitioners view predominant issues is an essential element often left unexplored. ...

    • An Initial Insight Into InfoSec Risk Management Practices 

      Wangen, Gaute (Journal article; Peer reviewed, 2015)
      Much of the debate surrounding risk management in information security (InfoSec) has been at the academic level, and how practitioners view predominant issues is an important element often left unexplored. Thus, this article ...

    • Brettspillbasert opplæring i informasjonssikkerhet 

      Magnus, Daniel Christian Haraldsen; Flobak, Bendik Berntsen; Al-Shammari, Abu Baker Mohammed Abdullah; Moren, Inger (Bachelor thesis, 2019)
      Opplæring av ansatte innen informasjonssikkerhet er viktig for organisasjoner. Dette blir tradisjonelt gjort gjennom E-læring og kurs. Oppgaven vår gikk ut på å lage et fysisk brettspill som skal brukes til opplæring i ...

    • Conflicting Incentives Risk Analysis: A Case Study of the Normative Peer Review Process 

      Wangen, Gaute (Journal article; Peer reviewed, 2015)
      This paper presents an approach to conduct risk assessments of complex incentive systems, using a case study of the normative Peer Review Process (PRP). This research centers on appliances and adaptations of the Conflicting ...

    • Cyber security risk assessment of a DDoS attack 

      Wangen, Gaute; Shalaginov, Andrii; Hallstensen, Christoffer V (Journal article; Peer reviewed, 2016)
      This paper proposes a risk assessment process based on distinct classes and estimators, which we apply to a case study of a common communications security risk; a distributed denial of service attack (DDoS) attack. The ...

    • Empirical Case Studies of the Root Cause Analysis Method in Information Security 

      Hellesen, Niclas; Torres, Henrik; Wangen, Gaute (Journal article; Peer reviewed, 2018)
      Root cause analysis is a methodology that comes from the quality assurance and improvement fields. Root-cause analysis is a seven-step methodology that proposes multiple tools per step, which are designed to identify and ...

    • High level information security risk in higher education 

      Ulven, Joachim (Master thesis, 2020)
      Identifisere verdier, trusler og sårbarheter er avgjørende når du vurderer risikoer i organisasjoner. Flere av de mest kjente informasjonssikkerhetsrisiko rammeverkene som ISO/IEC 27005, NIST SP 800-39 og OCTAVE bruker ...

    • How cyber security incidents can affect Norwegian food production 

      Kjønås, Karianne (Master thesis, 2023)
      Cybersikkerhet i landbruket blir mer og mer viktig fra et samfunnsikkerhetsperspektiv fordi matforsyningen kan være et mål for nasjonale trusler. Bruken av teknologi i landbruket har økt med årene, som fører til en økning ...

    • Information Security Risk Assessment: A Method Comparison 

      Wangen, Gaute (Journal article; Peer reviewed, 2017)
      Numerous methods for information security risk assessment (ISRA) are available, yet there is little guidance on how to choose one. Through a comprehensive risk identification, estimation, and evaluation framework, the ...

    • Mørketallsundersøkelsen ved NTNU 2018 

      Wangen, Gaute; Brodin, Even Østby; Skari, Bent Håkon; Berglind, Christopher (Research report, 2019)
      Formålet med denne rapporten er å undersøke sikkerhetssituasjonen på NTNU og avdekke urapporterte hendelser for å få et bedre beslutningsgrunnlag innenfor cybersikkerhet. Rapporten er utarbeidet av IT avdelingen ved Seksjon ...

    • Quantitative Risk, Statistical Methods and the Four Quadrants for Information Security 

      Wangen, Gaute; Shalaginov, Andrii (Chapter, 2016)
      Achieving the quantitative risk assessment has long been an elusive problem in information security, where the subjective and qualitative assessments dominate. This paper discusses the appropriateness of statistical and ...

    • Risk perception of Norwegians in the online debate space 

      Dybvik, Eivind (Master thesis, 2022)
      Risiko er et tema som er viktig å ha mye kunnskap om for å kunne navigere oss rundt de stedene der det er en del risiko tilstede. I nettdebatten er det mange av den norske befolkning tilstede hver dag, her er det derfor ...

    • Risk Perceptions on Social Media Use in Norway 

      Nyblom, Philip Johannes Brugmans; Wangen, Gaute; Gkioulos, Vasileios (Peer reviewed; Journal article, 2020)
      Social media are getting more and more ingrained into everybody’s lives. With people’s more substantial presence on social media, threat actors exploit the platforms and the information that people share there to deploy ...

    • Risk Perceptions when participating in public debates on digital platforms 

      KHAN, SALMAN (Master thesis, 2021)
      Sosiale medier er en kilde som sprer mange forskjellige følelser og elementer som kan føre til positive eller negative påvirkninger på samfunnet. En studie av elementer som falske nyheter og feilinformasjon utmerker seg ...

    • The Root Causes of Compromised Accounts at the University 

      Nyblom, Philip Johannes Brugmans; Wangen, Gaute; Kianpour, Mazaher; Østby, Grethe (Chapter, 2020)
      Compromised usernames and passwords are a continuous problem that several organizations struggle with even though this is a known problem with known solutions. Passwords remain a problem for the modern University as it ...

    • Security awareness and risk perception regarding data privacy of the digital natives 

      Lillehovde, Jonas. (Master thesis, 2020)
      For å tolke om selskaper med forskjellige forretningsmodeller håndterer personvern i tilstrekkelig grad, var det gunstig å gjennomføre en studie mot brukernes perspektiv og indikatorene som kan påvirke atferden til brukere ...