The information security digital divide between information security managers and users

被引:74
|
作者
Albrechtsen, Eirik [1 ,2 ]
Hovden, Jan
机构
[1] Norwegian Univ Sci & Technol, Dept Ind Econ & Technol Management, SINTEF Teknol & Samfunn, N-7491 Trondheim, Norway
[2] SINTEF Technol & Soc, Dept Safety Res, N-7465 Trondheim, Norway
来源
COMPUTERS & SECURITY | 2009年 / 28卷 / 06期
关键词
Information security; Digital divide; Information security managers; Users; Qualitative research; Risk perception; RISK PERCEPTION;
D O I
10.1016/j.cose.2009.01.003
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Empirical findings from surveys and in-depth interviews with information security managers and users indicate that a digital divide exists between these groups in terms of their views on and experience of information security practices. Information security professionals mainly regard users as an information security threat, whereas users believe themselves that they are an untapped resource for security work. The limited interaction between users and information security managers results in a lack of understanding for the other's point of view. These divergent views on and interpretations of information security mean that managers tend to base their practical method on unrealistic assumptions, resulting in management approaches that are poorly aligned with the dynamics of the users' working day. (C 2009 Elsevier Ltd. All rights reserved.
引用
收藏
页码:476 / 490
页数:15
相关论文
共 50 条
  • [21] Self-efficacy in information security: its influence on end users' information security practice behavior
    Rhee, Hyeun-Suk
    Kim, Cheongtag
    Ryu, Young U.
    [J]. COMPUTERS & SECURITY, 2009, 28 (08) : 816 - 826
  • [22] Decision-Making by Effective Information Security Managers
    Pettigrew, James
    Ryan, Julie
    Salous, Kyle
    Mazzuchi, Thomas
    [J]. PROCEEDINGS OF THE 5TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2010, : 465 - 472
  • [23] A Review on Information, Information Security and Security Processes
    Canbek, Gurol
    Sagiroglu, Seref
    [J]. JOURNAL OF POLYTECHNIC-POLITEKNIK DERGISI, 2006, 9 (03): : 165 - 174
  • [24] A Collaborative Ontology Development Tool for Information Security Managers
    Mace, John C.
    Parkin, Simon
    van Moorsel, Aad
    [J]. ACM SYMPOSIUM ON COMPUTER HUMAN INTERACTION FOR MANAGEMENT OF INFORMATION TECHNOLOGY (CHIMIT 2010), 2010,
  • [25] Information and Information Security
    Henno, Jaak
    [J]. INFORMATION MODELLING AND KNOWLEDGE BASES XXVII, 2016, 280 : 103 - 120
  • [26] THE RELATIONSHIP BETWEEN INFORMATION SYSTEMS RESOURCES AND INFORMATION SECURITY
    Anwar, Norizan
    Masrek, Mohamad Noorman
    Zaini, Muhamad Khairulnizam
    Harun, Qamarul Nazrin
    [J]. 4TH INTERNATIONAL CONFERENCE ON EDUCATION AND SOCIAL SCIENCES (INTCESS 2017), 2017, : 884 - 894
  • [27] Nurse Information Security Policy Compliance, Information Competence, and Information Security Attitudes Predict Information Security Behavior
    Kang, Purum
    Kang, Jiwon
    Monsen, Karen A.
    [J]. CIN-COMPUTERS INFORMATICS NURSING, 2023, 41 (08) : 595 - 602
  • [28] A Conceptual Analysis of Information Security Education, Information Security Training and Information Security Awareness Definitions
    Amankwa, Eric
    Loock, Marianne
    Kritzinger, Elmarie
    [J]. 2014 9TH INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS (ICITST), 2014, : 248 - 252
  • [29] The relationship between digital information security of the supply chain and enterprise development
    Li, Zhezhou
    Kong, Xiangrong
    Jiang, Xiaozhen
    [J]. INTERNATIONAL JOURNAL OF INFORMATION AND COMPUTER SECURITY, 2024, 24 (1-2)
  • [30] Information Security:A review of information security issues and techniques
    Alkhudhayr, Fatimah
    Alfarraj, Shouq
    Aljameeli, Buthina
    Elkhdiri, Salim
    [J]. 2019 2ND INTERNATIONAL CONFERENCE ON COMPUTER APPLICATIONS & INFORMATION SECURITY (ICCAIS), 2019,
12345