Design of a case-based reasoner for information security in military organizations

Information security is concerned with the protection of information, which can be stored, processed or transmitted within critical information systems of the organizations, against loss of confidentiality, integrity or availability. Protection measures to prevent these problems result through the implementation of controls at several dimensions: technical, administrative or physical. A vital objective for military organizations is to ensure superiority in contexts of information warfare and competitive intelligence. Therefore, the problem of information security in military organizations has been a topic of intensive work at both national and transnational levels, and extensive conceptual and standardization work is being produced. A current effort is therefore to develop automated decision support systems to assist military decision makers, at different levels in the command chain, to provide suitable control measures that can effectively deal with potential attacks and, at the same time, prevent, detect and contain vulnerabilities targeted at their information systems. The concept and processes of the Case-Based Reasoning (CBR) methodology outstandingly resembles classical military processes and doctrine, in particular the analysis of “lessons learned” and definition of “modes of action”. Therefore, the present paper addresses the modeling and design of a CBR system with two key objectives: to support an effective response in context of information security for military organizations; to allow for scenario planning and analysis for training and auditing processes.

OPM3® Portugal project: information systems and technologies organizations: outcome analysis

Increasing the maturity in Project Management (PM) has become a goal for many organizations, leading them to adopt maturity models to assess the current state of its PM practices and compare them with the best practices in the industry where the organization is inserted. One of the main PM maturity models is the Organizational Project Management Maturity Model (OPM3®), developed by the Project Management Institute. This paper presents the Information Systems and Technologies organizations outcome analysis, of the assesses made by the OPM3® Portugal Project, identifying the PM processes that are “best” implemented in this particular industry and those in which it is urgent to improve. Additionally, a comparison between the different organizations’ size analyzed is presented.