2009
DOI: 10.1016/j.ijhcs.2009.03.002
|View full text |Cite
|
Sign up to set email alerts
|

Security practitioners in context: Their activities and interactions with other stakeholders within organizations

Abstract: This study investigates the context of interactions of IT security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for usability scenarios of security tools. We propose a model of the factors contributing to the complexity of interactions between security practition… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

2
54
0

Year Published

2013
2013
2023
2023

Publication Types

Select...
4
4
1

Relationship

1
8

Authors

Journals

citations
Cited by 58 publications
(56 citation statements)
references
References 43 publications
2
54
0
Order By: Relevance
“…Their plans and policies decrease the risk of information security incidents in companies [14]. Increasing information security awareness and knowledge [15], encouraging employees to collaborate in information security [16], providing and complying with organisational information security policies and procedures [17], surveillance and control of employees access [18], increasing productivity in the information security response team [19], and inculcating commitment in employees to protect information assets are examples of management roles in the domain of information security. Information security management is incomplete without considering the important role of management.…”
Section: Managerial Aspectsmentioning
confidence: 99%
“…Their plans and policies decrease the risk of information security incidents in companies [14]. Increasing information security awareness and knowledge [15], encouraging employees to collaborate in information security [16], providing and complying with organisational information security policies and procedures [17], surveillance and control of employees access [18], increasing productivity in the information security response team [19], and inculcating commitment in employees to protect information assets are examples of management roles in the domain of information security. Information security management is incomplete without considering the important role of management.…”
Section: Managerial Aspectsmentioning
confidence: 99%
“…Previous studies have shown that weak collaboration causes vulnerabilities to information in distributed, interdependent, and collaborative environments (Werlinger, Hawkey et al, 2009). To perform a security task, employees should corporate, coordinate and collaborate with others.…”
Section: Information Security Collaborationmentioning
confidence: 99%
“…Another important factor for improving collaboration is the degree of shared context between actors when they collaborate to perform a given task. Werlinger et al [22] presented an approach to investigate in detail the interactions that security practitioners have with other stakeholders within the context of the security activities. They show that the tools used by security practitioners to perform their security tasks provide insufficient support for the complex collaborative interactions that they need to perform.…”
Section: Related Workmentioning
confidence: 99%