Information Security Research within the Information Systems Discipline: Analyzing, Categorizing, and Classifying the Historical Underpinnings and Theoretical Assumptions

Academics examine and improve organizational systems, but oftentimes lag in techniques and theories because time is necessary to thoroughly study solutions. This research explores Information Security (InfoSec) concepts and theories within the Information Systems (IS) discipline to determine historical approaches, theoretical assumptions, and suggest where to strengthen InfoSec research areas. In our paper, we present our basic methodology; illustrate our approach by applying it to one of the "Basket of Eight" Association for Information Systems journals, the European Journal of Information Systems; and report our initial results. In subsequent research we will then use our proposed methodology for the remaining seven journals and beyond. By analyzing how researchers have historically examined information security, we can focus future InfoSec studies in necessary critical directions and maintain a closer pace with new techniques and theories to secure organizational information systems.