Information Security Management Practices: Case Studies from India:

In recent years, information security has gained attention in organizations across diverse businesses and sectors. Primary reasons of this can be the new and innovative ways of information handling (during generation, processing, storage and distribution), and dependence of business processes on new and emerging IT/ICT mediums in organizations to carry out daily business activities. This has made organizations agile in terms of functioning and, at the same time, has posed new challenges. In this direction, the present study aims to explore and examine information security management (ISM) practices of two IT development and services organizations in India. In case study design, the study adopts qualitative research route to understand the current ISM practices of the case organizations. The observations derived from semi-structured interviews are presented using descriptive analysis methodology. Further, SAP-LAP (Situation, Actor, Process—Learning, Action, Performance) method of inquiry is used to analyse...