000000176 001__ 176
000000176 005__ 20130522141940.0
000000176 037__ $$aLERSSE-RefJnlPaper-2009-009
000000176 041__ $$aeng
000000176 100__ $$aRodrigo Werlinger
000000176 100__ $$aKirstie Hawkey
000000176 100__ $$aKonstantin Beznosov
000000176 245__ $$aAn integrated view of human, organizational, and technological challenges of IT security  management
000000176 260__ $$c2009-03-25
000000176 520__ $$aAbstract  Purpose – The purpose of this study is to determine the main challenges that IT security  practitioners face in their organizations, including the interplay among human, organizational, and  technological factors.  Design/methodology/approach – The data set consisted of 36 semi-structured interviews with IT  security practitioners from 17 organizations (academic, government, and private). The interviews were  analyzed using qualitative description with constant comparison and inductive analysis of the data to  identify the challenges that security practitioners face.  Findings – A total of 18 challenges that can affect IT security management within organizations are  indentified and described. This analysis is grounded in related work to build an integrated framework  of security challenges. The framework illustrates the interplay among human, organizational, and  technological factors.  Practical implications – The framework can help organizations identify potential challenges when  implementing security standards, and determine if they are using their security resources effectively to  address the challenges. It also provides a way to understand the interplay of the different factors, for  example, how the culture of the organization and decentralization of IT security trigger security issues  that make security management more difficult. Several opportunities for researchers and developers to  improve the technology and processes used to support adoption of security policies and standards  within organizations are provided.  Originality/value – A comprehensive list of human, organizational, and technological challenges  that security experts have to face within their organizations is presented. In addition, these challenges  within a framework that illustrates the interplay between factors and the consequences of this  interplay for organizations are integrated. 
000000176 6531_ $$aHOT admin
000000176 6531_ $$achallenge
000000176 6531_ $$asecurity management
000000176 8560_ $$fqiangw@ece.ubc.ca
000000176 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/176/files/176.pdf$$yTransfer from CDS 0.99.7
000000176 909C4 $$pRodrigo Werlinger, Kirstie Hawkey and Konstantin Beznosov, "An integrated view of human, organizational, and technological challenges of IT security management", Information Management & Computer Security, vol. 17, n. 1, 2009, pp.4-19.
000000176 980__ $$aRefJnlPaper