Abstract

The University of Southern California's Institute for Critical Information Infrastructure Protection (ICIIP) developed a conceptual framework for enterprise security. ICIIP (which shouldn't be confused with the Institute for Information Infrastructure Protection, or I3P) sought to close the gap between the current corporate cybersecurity risk profile and what's needed to protect the US's critical infrastructure information. The ICIIP framework analyzes organizational systems (not computer systems, but rather coordinated organizational bodies), incorporates multiple disciplines, and makes recommendations about those systems' structure and relationships

Date

2006

Authors

Laree Kiely, Terry V Benzel

Journal

IEEE security & privacy

Volume

4

Issue

6

Pages

74-77

Publisher

IEEE