Security practitioners in context: Their activities and interactions with other stakeholders within organizations. Werlinger, R., Hawkey, K., Botta, D., & Beznosov, K. International Journal of Human-Computer Studies, 67(7):584–606, Academic Press, Mar, 2009. ![Security practitioners in context: Their activities and interactions with other stakeholders within organizations [link]](https://bibbase.org/img/filetypes/link.svg "link")
Paper doi abstract bibtex This study investigates the context of interactions of information technology (IT) security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for security-tool usability scenarios. We propose a model of the factors contributing to the complexity of interactions between security practitioners and other stakeholders, and discuss how this complexity is a potential source of security issues that increase the risk level within organizations. Our analysis also reveals that the tools used by our participants to perform their security tasks provide insufficient support for the complex, collaborative interactions that their duties involve. We offer several recommendations for addressing this complexity and improving IT security tools.
@Article{werlinger2009security,
author = {Werlinger, Rodrigo and Hawkey, Kirstie and Botta, David and Beznosov, Konstantin},
journal = {International Journal of Human-Computer Studies},
title = {{S}ecurity practitioners in context: {T}heir activities and interactions with other stakeholders within organizations},
year = {2009},
month = {Mar},
number = {7},
pages = {584--606},
volume = {67},
abstract = {This study investigates the context of interactions of information technology (IT) security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for security-tool usability scenarios. We propose a model of the factors contributing to the complexity of interactions between security practitioners and other stakeholders, and discuss how this complexity is a potential source of security issues that increase the risk level within organizations. Our analysis also reveals that the tools used by our participants to perform their security tasks provide insufficient support for the complex, collaborative interactions that their duties involve. We offer several recommendations for addressing this complexity and improving IT security tools.},
doi = {10.1016/j.ijhcs.2009.03.002},
publisher = {Academic Press},
url = {https://doi.org/10.1016/j.ijhcs.2009.03.002},
}
Downloads: 0
{"_id":"4Dmekp7xxp78XpBae","bibbaseid":"werlinger-hawkey-botta-beznosov-securitypractitionersincontexttheiractivitiesandinteractionswithotherstakeholderswithinorganizations-2009","author_short":["Werlinger, R.","Hawkey, K.","Botta, D.","Beznosov, K."],"bibdata":{"bibtype":"article","type":"article","author":[{"propositions":[],"lastnames":["Werlinger"],"firstnames":["Rodrigo"],"suffixes":[]},{"propositions":[],"lastnames":["Hawkey"],"firstnames":["Kirstie"],"suffixes":[]},{"propositions":[],"lastnames":["Botta"],"firstnames":["David"],"suffixes":[]},{"propositions":[],"lastnames":["Beznosov"],"firstnames":["Konstantin"],"suffixes":[]}],"journal":"International Journal of Human-Computer Studies","title":"Security practitioners in context: Their activities and interactions with other stakeholders within organizations","year":"2009","month":"Mar","number":"7","pages":"584–606","volume":"67","abstract":"This study investigates the context of interactions of information technology (IT) security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for security-tool usability scenarios. We propose a model of the factors contributing to the complexity of interactions between security practitioners and other stakeholders, and discuss how this complexity is a potential source of security issues that increase the risk level within organizations. Our analysis also reveals that the tools used by our participants to perform their security tasks provide insufficient support for the complex, collaborative interactions that their duties involve. We offer several recommendations for addressing this complexity and improving IT security tools.","doi":"10.1016/j.ijhcs.2009.03.002","publisher":"Academic Press","url":"https://doi.org/10.1016/j.ijhcs.2009.03.002","bibtex":"@Article{werlinger2009security,\n author = {Werlinger, Rodrigo and Hawkey, Kirstie and Botta, David and Beznosov, Konstantin},\n journal = {International Journal of Human-Computer Studies},\n title = {{S}ecurity practitioners in context: {T}heir activities and interactions with other stakeholders within organizations},\n year = {2009},\n month = {Mar},\n number = {7},\n pages = {584--606},\n volume = {67},\n abstract = {This study investigates the context of interactions of information technology (IT) security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for security-tool usability scenarios. We propose a model of the factors contributing to the complexity of interactions between security practitioners and other stakeholders, and discuss how this complexity is a potential source of security issues that increase the risk level within organizations. Our analysis also reveals that the tools used by our participants to perform their security tasks provide insufficient support for the complex, collaborative interactions that their duties involve. We offer several recommendations for addressing this complexity and improving IT security tools.},\n doi = {10.1016/j.ijhcs.2009.03.002},\n publisher = {Academic Press},\n url = {https://doi.org/10.1016/j.ijhcs.2009.03.002},\n}\n\n","author_short":["Werlinger, R.","Hawkey, K.","Botta, D.","Beznosov, K."],"key":"werlinger2009security","id":"werlinger2009security","bibbaseid":"werlinger-hawkey-botta-beznosov-securitypractitionersincontexttheiractivitiesandinteractionswithotherstakeholderswithinorganizations-2009","role":"author","urls":{"Paper":"https://doi.org/10.1016/j.ijhcs.2009.03.002"},"metadata":{"authorlinks":{}}},"bibtype":"article","biburl":"https://bibbase.org/f/i3hTAQ2wxvvLpcpZu/lersse_publications.bib","dataSources":["gdEygGa34uWkjynDQ","ikcgcNLWkPYd7asYj","WjyYKjDEeDNZ5D7kg","YAZ3EPKt9iuMHML8Y","Z66AwpjqbyDaCRuAz","vzLiYoozjbMtpq3bv","yyg88BndAbrgER4pG","qxYmJrWKptQFZpZn2","uXASf7FkwMkTdi7XQ","L3Q9QEq5gEyYsbhX8","PCm8nFZLWR38NRiRu","jagWcnNcoBLvejBcm","8cHa97bWQybuQhHDo","Kx35bmNmuB9SWebed","M5QirAZCjcxYLMFLM","BpNnApTKxApG4JxkD","BuaeMqxTDRXAZtmNe","r8QoBNxamnpCZ3Dwb","gKAKkjtPkN44YFKMk","nDjRsp2dBrEbdKR78","Raz2SaaZA89irapRN","ZnaQsM7NDPZR4BFeb"],"keywords":[],"search_terms":["security","practitioners","context","activities","interactions","stakeholders","within","organizations","werlinger","hawkey","botta","beznosov"],"title":"Security practitioners in context: Their activities and interactions with other stakeholders within organizations","year":2009}