Issue No.03 - May/June (2008 vol.12)
Kirstie Hawkey , University of British Columbia
Kasia Muldner , University of British Columbia
Konstantin Beznosov , University of British Columbia
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MIC.2008.61
IT security professionals' effectiveness in an organization is influenced not only by how usable their security management tools are but also by how well the organization's security management model (SMM) fits. Finding the right SMM is critical but can be challenging — trade-offs are inherent to each approach, but their implications aren't always clear. The authors present a case study of one academic institution that created a centralized security team but disbanded it in favor of a more distributed approach three years later. They contrast these experiences with expectations from industry standards.
Internet security, security management models, computer security professionals
Kirstie Hawkey, Kasia Muldner, Konstantin Beznosov, "Searching for the Right Fit: Balancing IT Security Management Model Trade-Offs", IEEE Internet Computing, vol.12, no. 3, pp. 22-30, May/June 2008, doi:10.1109/MIC.2008.61