@article{AhlersHellmann2020, author = {Ahlers, Volker and Hellmann, Bastian}, title = {Usability Testing of Visual Policy Evaluation for Network Security Event Detection}, series = {Smart Data Analytics: Schriften des Forschungsclusters Smart Data Analytics 2020}, journal = {Smart Data Analytics: Schriften des Forschungsclusters Smart Data Analytics 2020}, doi = {10.25968/opus-1831}, url = {http://nbn-resolving.de/urn:nbn:de:bsz:960-opus4-18311}, pages = {94 -- 101}, year = {2020}, abstract = {The network security framework VisITMeta allows the visual evaluation and management of security event detection policies. By means of a "what-if" simulation the sensitivity of policies to specific events can be tested and adjusted. This paper presents the results of a user study for testing the usability of the approach by measuring the correct completion of given tasks as well as the user satisfaction by means of the system usability scale.}, subject = {Rechnernetz}, language = {en} } @article{Disterer2019, author = {Disterer, Georg}, title = {Systematizing IT Risks}, series = {Journal of Information Security}, journal = {Journal of Information Security}, number = {10}, issn = {2153-1242}, url = {http://nbn-resolving.de/urn:nbn:de:bsz:960-opus4-15547}, pages = {237 -- 249}, year = {2019}, abstract = {IT risks — risks associated with the operation or use of information technology — have taken on great importance in business, and IT risk management is accordingly important in the science and practice of information management. Therefore, it is necessary to systematize IT risks in order to plan, manage and control for different risk-specific measures. In order to choose and implement suitable measures for managing IT risks, effect-based and causebased procedures are necessary. These procedures are explained in detail for IT security risks because of their special importance.}, subject = {Computersicherheit}, language = {en} } @article{Niemann2018, author = {Niemann, Karl-Heinz}, title = {Organisation der ITSicherheit in der Produktion : in zehn Schritten zur sicheren Produktionsanlage}, series = {atp magazin}, volume = {2018}, journal = {atp magazin}, number = {60(11-12)}, issn = {2364-3137}, doi = {10.25968/opus-1293}, url = {http://nbn-resolving.de/urn:nbn:de:bsz:960-opus4-12931}, pages = {1 -- 10}, year = {2018}, abstract = {Der folgende Beitrag befasst sich mit der IT-Sicherheit von Produktionsanlagen aus Betreibersicht. Hierbei liegt der Fokus auf den organisatorischen Aspekten der IT-Sicherheit. In einer Bestandsaufnahme werden zun{\"a}chst die Probleme herausgearbeitet, die entstehen, sofern sich eine Organisation im Wesentlichen auf technische Aspekte der IT-Sicherheit konzentriert. Daraus wird die Notwendigkeit organisatorischer Maßnahmen abgeleitet. Eine Betrachtung von Normen und Standards, die sich mit den organisatorischen Aspekten der IT-Sicherheit in der Produktion befassen, liefert das Grundger{\"u}st f{\"u}r die Ableitung eines Maßnahmenplans. Der daraus resultierende 10-Punkte-Plan zur Umsetzung der IT-Sicherheit in der Produktion schließt den Beitrag ab.}, subject = {Computersicherheit}, language = {de} }