Andre Gagne ; Kasia Muldner ; Konstantin Beznosov

07 March 2007

Abstract: We report factors differentiating security and other IT responsibilities. Our findings are based on a qualitative analysis of data from 27 interviews across 11 distinct organizations. The results show that compared to general IT, security professionals have to manage a higher level of complexity, stemming from factors such as the need to balance usability and security, negative stakeholder perception, and external threats. We synthesize the differences into an overall model and discuss how the model can guide the development of support for professionals with security responsibilities.

Keyword(s): HOT Admin ; Security

Published in: Andre Gagne, Kasia Muldner, and Konstantin Beznosov. Identifying Differences between Security and other IT Professionals: a Qualitative Analysis. In proceedings of Human Aspects of Information Security and Assurance (HAISA), Plymouth, England, July 2008, pp 69-80.: