Autonomic Framework for IT Security Governance

Abstract

With the recent service enhancements over the Internet, organisations are confronted with a growing magnitude of security intrusions and attacks. Current intrusion detection strategies have not been effective in the long term, as new and obfuscated security attacks keep emerging evading the surveillance mechanisms. With information technology (IT) playing a pivotal role in today's organizational operations and value creation, security regulatory bodies have identified this situation not solely as a technology issue, rather due to the weakness of an organisation's risk management practices and IT governance. Hence, recent attention has embarked on formulating proactive IT security governance for organisational sustenance. This paper proposes an autonomic framework for IT security governance that postulates a self-learning adaptive mechanism for an effective intrusion detection and risk management. Such a framework would facilitate autonomic ways of integrating existing context-dependent knowledge with new observed behaviour patterns gathered from network as well as host for detecting unknown security attacks effectively using mobile agents. In addition, this paper provides a roadmap for autonomic IT security governance by applying the proposed framework The roadmap employs a continuous improvement feedback loop. for achieving the targeted quality of service (QoS) in an organisation.