Browsing by Author "Ganthan Narayana Samy"
Now showing 1 - 6 of 6
Results Per Page
Sort Options
- Some of the metrics are blocked by yourconsent settings
Publication Information Security Compliance Framework For Data Center In Utility Company(Kolej Universiti Islam Antarabangsa Selangor (KUIS), 2020) ;Yuvaraaj Velayutham ;Ganthan Narayana Samy ;Nurazean Maarop ;Noor Hafizah Hassan ;Wan Haslina Hassan ;Sivakumar PerthebanSundresan PerumalThe utility organization has already implemented some of security framework and compliance in their data center to secure the data centers of valuable information. However, the implementation of security framework and compliance, still has several issues relates to some restricted areas. There is no effective security framework and compliance, being implemented in their data center such as access control management system at the entrance of the building zone. Therefore, the objective of this research is to develop information security compliance framework in data center in utility company. This research applied qualitative method namely semi-structured interviews for data collection. The contribution of this research will help professionals and security management organizations to understand the best ways they can be used to improve physical security within the context of information security compliance frameworks that play an important role. - Some of the metrics are blocked by yourconsent settings
Publication Information Security Policy Compliance Behavior Models, Theories, And Influencing Factors: A Systematic Literature Review(IOP Publishing Ltd, 2022) ;Puspadevi Kuppusamy ;Ganthan Narayana Samy ;Nurazean Maarop ;Pritheega Magalingam ;Norshaliza Kamaruddin ;Bharanidharan ShanmugamSundresan PerumalThe paper aims to identify behavioural theories that influence information security policies compliance behaviour. A systematic review of empirical studies from eleven online databases (ACM digital library, Emerald Insight, IEEE Xplore digital library, Springer link, Science direct, Scopus, Web of Science, Oxford academic journals, SAGE journals, Taylor & Francis and Wiley online library) are conducted. This review identified 29 studies met its criterion for inclusion. The investigated theories were extracted and analysed. Total of 19 theories have been identified and studied concerning to security policy compliance behaviour. The result indicated that the most established theories in information security compliance behaviour studies are the Theory of Planned Behavior and Protection Motivation theory. Meanwhile, General Deterrence Theory, Neutralization theory, Social Bond Theory / Social Control Theory are used moderately in this research area. Less explored theories are namely Self Determination Theory, Knowledge, Attitude, and Behavior, Social Cognitive Theory, Involvement Theory, Health belief model, Theory of Interpersonal Behavior, Extended Parallel Processing Model, Organisational Control Theory, Psychological Reactance Theory, Norm Activation Theory, Organizational Behaviour Theory, Cognitive Evaluation Theory and Extended Job Demands-Resources. The results from this review may guide the development and evaluation of theories promoting information security compliance behaviours. This will further contribute in the development of an integrated theory of information security compliance behaviour. - Some of the metrics are blocked by yourconsent settings
Publication Multidimensional Insider Threat Detection Model For Organization(Little Lion Scientific, 2021) ;Ganthan Narayana Samy ;Nurazean Maarop ;Bharanidharan Shanmugam ;Mugilraj Radhakrishnan ;Sundresan PerumalFiza Abdul RahimInsider threat is a most worrying threat that haunts many organizations today that cause enormous financial losses and damages. As a frontline, Information Technology (IT) organizations has to implement necessary countermeasures to protect critical infrastructure. Although, many approaches proposed before to detect and mitigate insider threat, significant rise of cases in past few years and unavailability of a widely accepted solution paves way to conduct more researches. Moreover, the pandemic situation has brought in a new challenge for IT organizations to review the existing safeguards. This paper aims to contribute an interdisciplinary approach at proposing a multidimensional model that scrutinize factors from multiple dimensions such as psychological, behavioral, technological, organizational and environmental dimension that triggers insider threat. The constructed model coordinates organizations to counter insider threat by addressing issues in more effective and efficient way by applying the multidimensional approach for mitigation. - Some of the metrics are blocked by yourconsent settings
Publication Proposed Data Quality Evaluation Method For A Transportation Agency(Universiti Teknologi Malaysia Press, 2017) ;Fatimah Mohamad Yunus ;Pritheega Magalingam ;Nurazean Maarop ;Ganthan Narayana Samy ;Doris Hooi-Ten Wong ;Bharanidharan ShanmugamSundresan PerumalThe data quality evaluation is essential towards designing a data assessment method for any company because data is an important asset. Therefore, the purpose of this study is to develop the data quality evaluation method for a transportation agency in Malaysia in order to quantify the quality of data in the SIKAP licensing system. This can benefit the transportation agency to improve the quality of data for the use of reporting, forecasting business operations and data integration with other agency's systems. The relevant data evaluation dimensions have been identified from literature study and relative data evaluation framework which are necessarily required by the transportation agency to maintain high data quality in the SIKAP system. The process design for the proposed method involves data dimension identification, capturing the relevant database structure, subjective evaluation with a questionnaire and objective evaluation with data profiling. From the design process, the result shows that data evaluation method for a transportation agency must have a minimum of six data quality dimensions. SIKAP, the legacy system is in the process to revamp into a new system. Thus, this research contributes to enhance the current system's data quality during revamping process and data migration into the new system. - Some of the metrics are blocked by yourconsent settings
Publication Security Risk Assessment Framework For Cloud Computing Environments(John Wiley & Sons, Ltd., 2014) ;Sameer Hasan Albakri ;Bharanidharan Shanmugam ;Ganthan Narayana Samy ;Norbik Bashah IdrisAzuan AhmadCloud computing has become today's most common technology buzzword. Despite the promises of cloud computing to decrease computing implementation costs and deliver computing as a service, which allows clients to pay only for what they need and use, cloud computing also raises many security concerns. Most popular risk assessment standards, such as ISO27005, NIST SP800-30, and AS/NZS 4360, assume that an organization's assets are fully managed by the organization itself and that all security management processes are imposed by the organization. These assumptions, however, do not apply to cloud computing environments. Hence, this paper proposes a security risk assessment framework that can enable cloud service providers to assess security risks in the cloud computing environment and allow cloud clients to contribute in risk assessment. The proposed framework provides a more realistic and accurate risk assessment outcome by considering the cloud clients' evaluation of security risk factors and avoiding the complexity that can result from the involvement of clients in whole risk assessment process. - Some of the metrics are blocked by yourconsent settings
Publication Traditional Security Risk Assessment Methods In Cloud Computing Environment: Usability Analysis(Penerbit UTM Press, 2015) ;Sameer Hasan Albakri ;Bharanidharan Shanmugam ;Ganthan Narayana Samy ;Norbik Bashah IdrisAzuan AhmedThe term "Cloud Computing" has become very common in our daily life. Cloud computing has emerged with promises to decrease the cost of computing implementation and deliver the computing as service, where the clients pay only for what he needed and used. However, due to the new structure of the cloud computing model, several security concerns have been raised and many other security threats have been needed to be reevaluated according to the cloud structure. Besides, the traditional security risk assessment methods become unfit for cloud computing model due to its new distinguished characteristics. In this paper, we analysis the traditional information security risk assessment methods' ability to assess the security risks in cloud computing environments.