The Community for Technology Leaders
RSS Icon
Issue No.03 - May/June (2008 vol.12)
pp: 22-30
Kirstie Hawkey , University of British Columbia
Kasia Muldner , University of British Columbia
Konstantin Beznosov , University of British Columbia
IT security professionals' effectiveness in an organization is influenced not only by how usable their security management tools are but also by how well the organization's security management model (SMM) fits. Finding the right SMM is critical but can be challenging — trade-offs are inherent to each approach, but their implications aren't always clear. The authors present a case study of one academic institution that created a centralized security team but disbanded it in favor of a more distributed approach three years later. They contrast these experiences with expectations from industry standards.
Internet security, security management models, computer security professionals
Kirstie Hawkey, Kasia Muldner, Konstantin Beznosov, "Searching for the Right Fit: Balancing IT Security Management Model Trade-Offs", IEEE Internet Computing, vol.12, no. 3, pp. 22-30, May/June 2008, doi:10.1109/MIC.2008.61
1. D.A. Siegel, B. Reid, and S.M. Dray, "IT Security: Protecting Organizations in Spite of Themselves," Interactions, May/June 2006, pp. 20–27.
2. A. Brown and G.G. Grant, "Framing the Frameworks: A Review of IT Governance Research," Comm. of the Assoc. for Information Systems, vol. 15, 2005, pp. 696–712.
3. Information Technology Security Techniques —Code of Practice for Information Security Management, International Standards Organization, 2005; catalogue_detail.htm?csnumber=50297.
4. G. Killcrece et al., Organizational Models for Computer Security Incident Response Teams (CSIRTS), tech. report CMU/SEI-2003-HB-001 ADA421684, Software Eng. Institute, Carnegie Mellon Univ., 2003; 03hb001.html.
5. D. Botta et al., "Toward Understanding IT Security Professionals and Their Tools," Proc. Symp. Universal Privacy and Security, ACM Int'l Conf. Proc. Series, vol. 229, 2007, pp. 100–111.
6. K. Hawkey, K. Muldner, and K. Beznosov, Searching for the Right Fit: A Case Study of IT Security Management Model Trade-Offs, tech. report LERSSE-TR-2007-03, Laboratory for Education and Research in Secure Systems Eng., Univ. of British Columbia, 2007; .
7. D.M. Wegner, "Transactive Memory: A Contemporary Analysis of the Group Mind," Theories of Group Behavior, B. Mullen and G.R. Goethals, eds., Springer-Verlag, 1986, pp. 185–208.
8. D. Lewis, "IT Governance: Stop the Pendulum!" Computer World,12 Jan. 2004; story0,10801,88888,00.html.
41 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool