Proceedings of the 3rd Symposium on Usable Privacy and Security 2007
DOI: 10.1145/1280680.1280693
|View full text |Cite
|
Sign up to set email alerts
|

Towards understanding IT security professionals and their tools

Abstract: We report preliminary results of our ongoing field study of IT professionals who are involved in security management. We interviewed a dozen practitioners from five organizations to understand their workplace and tools. We analyzed the interviews using a variation of Grounded Theory and predesigned themes. Our results suggest that the job of IT security management is distributed across multiple employees, often affiliated with different organizational units or groups within a unit and responsible for different… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

7
116
1
1

Year Published

2008
2008
2016
2016

Publication Types

Select...
4
3
1

Relationship

0
8

Authors

Journals

citations
Cited by 88 publications
(125 citation statements)
references
References 10 publications
7
116
1
1
Order By: Relevance
“…Topic groups were then used to construct theories. This approach is similar to other studies presented at CHI and SOUPS [8,14,19].…”
Section: Discussionsupporting
confidence: 82%
See 1 more Smart Citation
“…Topic groups were then used to construct theories. This approach is similar to other studies presented at CHI and SOUPS [8,14,19].…”
Section: Discussionsupporting
confidence: 82%
“…They found that administrators are very collaborative and work together combining their specialized knowledge to solve problems [3]. Much of the information administrators use is both specific to their organization and exists in many places, requiring administrators to combine the information using custom tools [3,8].…”
Section: Related Workmentioning
confidence: 99%
“…Flexibility is important because of the dynamic nature of the work system admins do and the systems they manage. For example, IT security administrators have identified the ability to change output styles or user-defined dashboards as important (Botta et al, 2007). The large number of tools used to gather small pieces of information suggests that integration could be useful to system admins; for example, system admins may consult system logs, notification systems, and knowledge repositories when completing a work task.…”
Section: Discussionmentioning
confidence: 99%
“…It primarily uses qualitative methods such as surveys and observations to understand how and why participants interact with computer systems. For example, Botta et al [3] conducted an ethnographic study of security professionals. Rode [20] used this approach to examine parental behaviour in protecting children's on-line safety.…”
Section: Related Workmentioning
confidence: 99%