Abhishek Narain Singh

Bio: Abhishek Narain Singh is an academic researcher from Indian Institute of Technology Delhi. The author has contributed to research in topics: Information security & Information security management. The author has an hindex of 5, co-authored 8 publications receiving 173 citations.

Identifying factors of “organizational information security management”

Abstract: Purpose – Despite many technically sophisticated solutions, managing information security has remained a persistent challenge for organizations. Emerging IT/ICT media have posed new security challenges to business information and information assets. It is felt that technical solutions alone are not sufficient to address the information security challenge. It has been argued that organizations also need to consider the management aspects of information security. Consequently, literature, especially in the last decade, has witnessed various scholarly works in this direction. Therefore, a synthesis exercise is required to bring clarity on categorizing the issues of organizational information security management (ISM) to take the research forward. The purpose of this paper is to identify management factors that address organizational information security challenges. Design/methodology/approach – Using a mix method approach, the paper adopts the qualitative (keyword analysis and experts’ opinion) and quantitat...

Information Security Management (ISM) Practices: Lessons from Select Cases from India and Germany

Abstract: The increasing dependence of businesses over information and the changing ways of information usage with modern IT/ICT tools and mediums, have created an unavoidable need of information security in organizations. Earlier, the technical measures were used to fulfill this need; however, it has been realized that technology alone is unable to address the challenges of information security management (ISM) in organizations. Management and behavioral aspects are pivotal to build an ISM system in organizations. This paper makes an attempt to understand and examine the current ISM practices of two large size, global IT and management services and consulting orga- nizations, one from India and another from Germany. In a case design, the study adopts qualitative research route and semi-structured interviews were conducted across hierarchy in both the organizations. Observations from interviews are portrayed using descriptive analysis meth- odology. Further, to draw learning from the cases, SAP- LAP method of inquiry was used to understand the present status of ISM practices in both the organizations. Finally, the paper discusses the implications of the findings and scope for the future research.

Robustness of the Digital Image Watermarking Techniques against Brightness and Rotation Attack

Abstract: The recent advent in the field of multimedia proposed a many facilities in transport, transmission and manipulation of data. Along with this advancement of facilities there are larger threats in authentication of data, its licensed use and protection against illegal use of data. A lot of digital image watermarking techniques have been designed and implemented to stop the illegal use of the digital multimedia images. This paper compares the robustness of three different watermarking schemes against brightness and rotation attacks. The robustness of the watermarked images has been verified on the parameters of PSNR (Peak Signal to Noise Ratio), RMSE (Root Mean Square Error) and MAE (Mean Absolute Error).

Information Security Management Practices: Case Studies from India:

Abstract: In recent years, information security has gained attention in organizations across diverse businesses and sectors. Primary reasons of this can be the new and innovative ways of information handling...

Big Data Analytics: A Review on Theoretical Contributions and Tools Used in Literature

Abstract: The importance of data science and big data analytics is growing very fast as organizations are gearing up to leverage their information assets to gain competitive advantage. The flexibility offered through big data analytics empowers functional as well as firm-level performance. In the first phase of the study, we attempt to analyze the research on big data published in high-quality business management journals. The analysis was visualized using tools for big data and text mining to understand the dominant themes and how they are connected. Subsequently, an industry-specific categorization of the studies was done to understand the key use cases. It was found that most of the existing research focuses majorly on consumer discretionary, followed by public administration. Methodologically, a major focus in such exploration is in social media analytics, text mining and machine learning applications for meeting objectives in marketing and supply chain management. However, it was found that not much focus was highlighted in these studies to demonstrate the tools used for the analysis. To address this gap, this study also discusses the evolution, types and usage of big data tools. The brief overview of big data technologies grouped by the services they enable and some of their applications are presented. The study categorizes these tools into big data analysis platforms, databases and data warehouses, programming languages, search tools, and data aggregation and transfer tools. Finally, based on the review, future directions for exploration in big data has been provided for academic and practice.

Total Interpretive Structural Modeling (TISM) of the Enablers of a Flexible Control System for Industry

Abstract: The incumbent trend in process industry is to deploy information and communication technology (ICT), enabled wired process control systems. Distributed control system, supervisory control and data acquisition systems with wireless open loop control systems are commonly used to facilitate the same. However, wireless closed loop control system is a flexible system, which is not yet been introduced in the process industry. The major theme of this research work is to model the enablers of implementing ICT enabled control system in the process industry based on their interrelationships, with the help of industrialists in an oil refinery in central Kerala. The relationships of enablers have been established effectively by interpretive structural modeling (ISM). However, the interpretation of links is comparatively weak in ISM. Qualitative criteria are often accompanied by obscurities and vagueness. To compensate for this, ISM is further modified by total ISM (TISM). TISM is a novel qualitative modeling technique that has been used by researchers in diverse fields of investigation. For this study, TISM is used to develop the performance model for the enablers of a flexible control system for industry. The structural model developed using this methodology helps to understand the interaction between the various elements of enablers. After the model is developed, it is further subjected to assessment by a different group of domain experts so as to enhance its validity.

Managing cyber and information risks in supply chains: insights from an exploratory analysis

Abstract: The purpose of this paper is to explore how companies approach the management of cyber and information risks in their supply chain, what initiatives they adopt to this aim, and to what extent along the supply chain. In fact, the increasing level of connectivity is transforming supply chains, and it creates new opportunities but also new risks in the cyber space. Hence, cyber supply chain risk management (CSCRM) is emerging as a new management construct. The ultimate aim is to help organizations in understanding and improving the CSCRM process and cyber resilience in their supply chains.,This research relied on a qualitative approach based on a comparative case study analysis involving five large multinational companies with headquarters, or branches, in the UK.,Results highlight the importance for CSCRM to shift the viewpoint from the traditional focus on companies’ internal information technology (IT) infrastructure, able to “firewall themselves” only, to the whole supply chain with a cross-functional approach; initiatives for CSCRM are mainly adopted to “respond” and “recover” without a well-rounded approach to supply chain resilience for a long-term capacity to adapt to changes according to an evolutionary approach. Initiatives are adopted at a firm/dyadic level, and a network perspective is missing.,This paper extends the current theory on cyber and information risks in supply chains, as a combination of supply chain risk management and resilience, and information risk management. It provides an analysis and classification of cyber and information risks, sources of risks and initiatives to managing them according to a supply chain perspective, along with an investigation of their adoption across the supply chain. It also studies how the concept of resilience has been deployed in the CSCRM process by companies. By laying the first empirical foundations of the subject, this study stimulates further research on the challenges and drivers of initiatives and coordination mechanisms for CSCRM at a supply chain network level.,Results invite companies to break the “silos” of their activities in CSCRM, embracing the whole supply chain network for better resilience. The adoption of IT security initiatives should be combined with organisational ones and extended beyond the dyad. Where applicable, initiatives should be bi-directional to involve supply chain partners, remove the typical isolation in the CSCRM process and leverage the value of information. Decisions on investments in CSCRM should involve also supply chain managers according to a holistic approach.,A supply chain perspective in the existing scientific contributions is missing in the management of cyber and information risk. This is one of the first empirical studies dealing with this interdisciplinary subject, focusing on risks that are now very high in the companies’ agenda, but still overlooked. It contributes to theory on information risk because it addresses cyber and information risks in massively connected supply chains through a holistic approach that includes technology, people and processes at an extended level that goes beyond the dyad.