How can companies effectively detect and quickly recognize and report the security incidents?-A case study from banking industry

• Main Authors: Yeh, Kuang-Shun, 葉光舜
• Other Authors: Lee, Jiunn-Min
• Format: Others
• Language: zh-TW
• Published: 2019
• Online Access: http://ndltd.ncl.edu.tw/handle/y5tv55

碩士 === 輔仁大學 === 資訊管理學系碩士在職專班 === 107 === For the various practical behaviors of corporate transactions, most of the behaviors are completed through the strict protocol on Websites. Such fast and rigorous corporate behavior also gives illegal access to fraudulent funds, funds for terrorist attacks, patents of other organizations, etc. to carry out various types of theft through the holes of information security system or related administrators within the enterprise. Serious theft or destructive incidents may result in the theft of cash from ATMs in the banking industry; even more serious, secrets of the country are stolen as well as the lives and property of people are destroyed. This study first analyzes whether there are risks in the daily operation of the company: that is, 1. Import the log collection system, and establish rules by collecting and retrieving logs and machine data; 2. Judging abnormal account behavior, monitoring and monitoring services through data-oriented analysis, operational threat information and detection of network attacks and internal threats to facilitate the determination of whether it is a hacker or daily normal maintenance; 3. Labor cost-effectiveness of record collection system. Then, empirical data of the case study is imported into the above steps, and analysis results show that tracking and reliability of the operational server and terminal host information security have positive and significant effects. Finally, implications and guideline principles of managerial analysis can be used as an important reference for enterprises to import information security logs in the future.