000000140 001__ 140
000000140 005__ 20130522141950.0
000000140 037__ $$aLERSSE-PRESENTATION-2008-065
000000140 041__ $$aeng
000000140 100__ $$aKasia Muldner
000000140 245__ $$aHuman, Organizational and Technological Factors of IT Security
000000140 260__ $$c2008-02-01
000000140 520__ $$aGiven that Information Technology (IT) has become pervasive in today’s organizations, properly securing systems is critical. However, many challenges remain with respect to implementing sound technologies and security processes. In the past decade, the research focus has shifted, from only considering pure technological factors, to also include organizational and human factors, as these latter two factors play a key role in influencing security practices and outcomes. The corresponding research area, namely HCISec, explores how to design “usable security” solutions for all users. To date, however, little work has targeted the population that is at the crossroads of the above mentioned human/organizational/technological factors, namely security professionals, who are responsible for protecting their organizations from IT-related threats. Currently, these individuals lack sufficient support, as is evident by the rising number and cost of incidents. As a first step in gaining insight on how to provide this support, we are conducting a field study that involves gathering data from security administrators working in a variety of organizations. Here, we will present findings from our study, which are based on inductive qualitative analysis, and include descriptive models of the unique needs of this highly specialized population, the challenges it faces, and the sub-optimal situations that lead to security incidents. Based on our findings, we propose some guidelines for designing effective “usable security” solutions.
000000140 6531_ $$aHOT Admin
000000140 6531_ $$aIT Security
000000140 6531_ $$aHuman factors
000000140 6531_ $$aOrganizational factors
000000140 6531_ $$aTechnological factors
000000140 6531_ $$aQualitative research
000000140 8560_ $$fkmuldner@ece.ubc.ca
000000140 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/140/files/140.pdf$$yTransfer from CDS 0.99.7
000000140 909C4 $$pKasia Muldner, " Human, Organizational and Technological Factors of IT Security", Invited Talk at Acadia University, Wofville, N.S., Canada, 25 January, 2007.
000000140 980__ $$aPRESENTATION