@article {1194, title = {Editorial: Innovation Strategy and Practice (November 2018)}, journal = {Technology Innovation Management Review}, volume = {8}, year = {2018}, month = {11/2018}, pages = {3-3}, publisher = {Talent First Network}, address = {Ottawa}, keywords = {best practice, collaboration, creativity, cybersecurity, framework, information security, innovation, innovation ecosystems, maturity model, method, model, practice, research, research institutions, strategy}, issn = {1927-0321}, doi = {http://doi.org/10.22215/timreview/1194}, url = {https://timreview.ca/article/1194}, author = {Chris McPhee} } @article {1198, title = {Information Security Best Practices: First Steps for Startups and SMEs}, journal = {Technology Innovation Management Review}, volume = {8}, year = {2018}, month = {11/2018}, pages = {32-42}, publisher = {Talent First Network}, address = {Ottawa}, abstract = {This article identifies important first steps toward understanding and implementing information security. From the broad selection of existing best practices, we introduce a lightweight yet comprehensive security framework with four useful first steps: identifying assets and risks; protecting accounts, systems, clouds, and data; implementing a continuity plan; and monitoring and reviewing. This article is intended primarily for startups and less mature companies, but it is likely to be of interest to any reader seeking an introduction to basic information security concepts and principles as well as their implementation.}, keywords = {best practices, cybersecurity, information security, risk management, SMEs, startups}, issn = {1927-0321}, doi = {http://doi.org/10.22215/timreview/1198}, url = {https://timreview.ca/article/1198}, author = {Urpo Kaila and Linus Nyman} } @article {785, title = {TIM Lecture Series {\textendash} The Business of Cybersecurity}, journal = {Technology Innovation Management Review}, volume = {4}, year = {2014}, month = {04/2014}, pages = {53-57}, publisher = {Talent First Network}, address = {Ottawa}, keywords = {analytics, banking, cybersecurity, hacking, incident response, information security, intelligence, targets, threats}, issn = {1927-0321}, doi = {http://doi.org/10.22215/timreview/785}, url = {http://timreview.ca/article/785}, author = {David Grau and Charles Kennedy} } @article {713, title = {An Enterprise Security Program and Architecture to Support Business Drivers}, journal = {Technology Innovation Management Review}, volume = {3}, year = {2013}, month = {08/2013}, pages = {25-33}, publisher = {Talent First Network}, address = {Ottawa}, abstract = {This article presents a business-focused approach to developing and delivering enterprise security architecture that is focused on enabling business objectives while providing a sensible and balanced approach to risk management. A balanced approach to enterprise security architecture can create the important linkages between the goals and objectives of a business, and it provides appropriate measures to protect the most critical assets within an organization while accepting risk where appropriate. Through a discussion of information assurance, this article makes a case for leveraging enterprise security architectures to meet an organizations{\textquoteright} need for information assurance. The approach is derived from the Sherwood Applied Business Security Architecture (SABSA) methodology, as put into practice by Seccuris Inc., an information assurance integrator. An understanding of Seccuris{\textquoteright} approach will illustrate the importance of aligning security activities with high-level business objectives while creating increased awareness of the duality of risk. This business-driven approach to enterprise security architecture can help organizations change the perception of IT security, positioning it as a tool to enable and assure business success, rather than be perceived as an obstacle to be avoided.}, keywords = {cybersecurity, cyberthreats, information assurance, information risk, information security, risk, security architecture}, issn = {1927-0321}, doi = {http://doi.org/10.22215/timreview/713}, url = {http://timreview.ca/article/713}, author = {Brian Ritchot} }