Understanding Security Practices Deficiencies: A Contextual Analysis
Författare
Redaktör
- Steven Furnell
- Nathan Clarke
Summary, in English
security policy definition and implementation. We therefore suggest that three issues need to be further investigated in the field of information security risk management in order to bridge the gap between design and implementation of secure and usable systems. First, there is a need to broaden the horizon to consider information system as human activity system which is different from a data processing system. Second, the involvement of relevant stakeholders in context for risk analysis leads to better appreciation of security risks. Third, it is necessary to develop ad-hoc tools and techniques to facilitate discussions and dialogue between stakeholders in risk analysis context.
Avdelning/ar
Publiceringsår
2015
Språk
Engelska
Sidor
151-160
Publikation/Tidskrift/Serie
Human Aspects of Information Security and Assurance Conference Proceedings
Fulltext
- Available as PDF - 183 kB
- Download statistics
Dokumenttyp
Konferensbidrag
Förlag
Centre for Security, Communications and Network Research, Plymouth University, UK
Ämne
- Information Systems, Social aspects
- Information Systems
- Economics and Business
- Computer and Information Science
- Sociology
Nyckelord
- Security surveys
- Contextual analysis
- Security practices
- Risk analysis
- Information security
Conference name
Ninth International Symposium on Human Aspects of Information Security & Assurance, HAISA 2015
Conference date
2015-07-01 - 2015-07-03
Conference place
Mytilene, Greece
Status
Published
ISBN/ISSN/Övrigt
- ISBN: 978-1-84102-388-5