UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Information security as organizational power: A framework for re-thinking security policies

Inglesant, P; Sasse, MA; (2011) Information security as organizational power: A framework for re-thinking security policies. In: 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST). (pp. 9 - 16). IEEE Green open access

[thumbnail of STASTsanitised.pdf] PDF
STASTsanitised.pdf
Available under License : See the attached licence file.

Download (326kB)

Abstract

Successful enforcement of information security requires an understanding of a complex interplay of social and technological forces. Drawing on socio-technical literature to develop an analytical framework, we examine the relationship between security policies and power in organizations. We use our framework to study three examples of security policy from a large empirical study n an international company. Each example highlights a different aspect of our framework. Our results, from in-depth interviews with 55 staff members at all levels, show that there is often non-compliance in the detail of organizational information security policies; this is not willful but is in response to shortcomings in the policy and to meet business needs. We conclude by linking our findings to recent research on the institutional economics of information security. We suggest ways in which our framework can be used by organizational decision-makers to review and re-think existing security policies.

Type: Proceedings paper
Title: Information security as organizational power: A framework for re-thinking security policies
Event: 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST)
ISBN-13: 978-1-4577-1181-7
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/STAST.2011.6059250
Publisher version: http://dx.doi.org/10.1109/STAST.2011.6059250
Language: English
UCL classification: UCL
UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/1328206
Downloads since deposit
388Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item