English  |  正體中文  |  简体中文  |  Items with full text/Total items : 52589/87783 (60%)
Visitors : 9385082      Online Users : 42
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/87734

    Title: 以Q-方法論探討IT人員對資訊安全委外採用因素之分析
    Other Titles: A Q methodology study of IT staff's factors analysis of managed security services
    Authors: 朱金松;Chu, Chine-Sung
    Contributors: 淡江大學資訊管理學系碩士在職專班
    Keywords: SOC (Security Operation Center);Q Methodology;MSS (Managed Security Service);MSSP (Managed Security Service Provider);Q-方法論;Q-分類;Q classification
    Date: 2012
    Issue Date: 2013-04-13 11:37:12 (UTC+8)
    Abstract: 隨著全球安全事件的層出不窮與資訊化深度的與日俱增,企業在面臨多變詭譎的網路環境,除了希望能建立資訊系統的穩定度,以維持持續性商業化營運外;同時也希望能兼顧投資成本的效益,因此資訊安全委外服務的模式逐漸興起。一項新興資安服務產業-資安監控中心(SOC, Security Operation Center)應運而生。而提供資安監控委外服務廠商(MSSP, Managed Security Service Provider)的產業也因此產生。根據資策會MIC調查,全球2005年資安軟體市場產值是65億美元,至2009年全年資安軟體市場產值將達到100億美元。資安儼然成為目前所有產業刻不容緩的資訊投資。
    Under incessant global security events and increasing information depth, enterprises want information system stability to keep continuous commercial operation in changeable network environment. At the same time, they also focus on investment cost effects. This has led to booming outsourced information security services. A new information security service industry--, Security Operation Center (SOC) was born, followed by Managed Security Service Provider (MSSP). According to a survey by MIC, Institute for Information Industry, global market value in 2005 is USD6.5 billion, which jumped to over USD10 billion in 2009. Information security has become an urgent investment in all industries.
    Different from earlier studies on information security industry focusing on exploration of information security technologies or discussions and introduction to outsourcing of information security, this study aims at key purchase factors of outsourcing of information security through literature and industry practical experiences and use of Q methodology. Twenty-five statement sentences and four dimensions are developed to analyze result reports of 30 IT personnel in Q classification. The IT personnel are divided into three types, defined as professional technology, cost regulations and service level procedure.
    Most of professional technology IT personnel work at government institutes, having more experiences in outsourcing of information security and encountered more information security events. They tend to seek truth from facts. In cost regulation type, they focus on laws and regulations, emphasizing sharing of information security messages. They also pay attention to information security investments, cost control. These IT personnel are often in top management. Service level IT personnel are often employees such as project managers or information consultants at information service companies. They focus on service level requirements.
    The results of classification show differences of using outsourcing of information security in different industries, positions, and job descriptions. The findings of the study will serve as reference of companies or organizations that have already adopted or are going to adopt information security services.
    Appears in Collections:[資訊管理學系暨研究所] 學位論文

    Files in This Item:

    File SizeFormat

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback