Searching for the Right Fit: A Case Study of IT Security Management Model...
The usability of security systems within an organization is impacted not only by tool interfaces but also by the security management model (SMM) of the IT security team. Finding the right SMM is...
View ArticleHuman, Organizational, and Technological Factors of IT Security
This paper describes the HOT Admin research project, which is investigating the human, organizational, and technological factors of IT security from the perspective of security practitioners. We use...
View ArticleSearching for the Right Fit: Considerations when Balancing IT Security...
The effectiveness of IT security professionals in an organization is influenced not only by the usability of security management tools, but also by the fit of an organization's security management...
View ArticleSecurity Practitioners in Context: Their Activities and Interactions
This study develops the context of interactions of IT security practitioners. Preliminary qualitative analysis of 22 interviews (to date) and participatory observation has identified eight different...
View ArticleSecurity Practitioners in Context: Their Activities and Collaborative...
This study develops the context of interactions of IT security practitioners. Preliminary qualitative analysis of 22 interviews (to date) and participatory observation has identified eight different...
View ArticleHuman, Organizational and Technological Challenges of Implementing IT...
Our qualitative research provides a comprehensive list of challenges to the practice of IT security within organizations, including the interplay between human, organizational, and technical factors....
View ArticleThe Challenges of Using an Intrusion Detection System: Is It Worth the Effort?
An intrusion detection system (IDS) can be a key component of security incident response within organizations. Traditionally, intrusion detection research has focused on improving the accuracy of IDSs,...
View ArticleResponding to security incidents: are security tools everything you need?
Presentation given at FIRST'08 conference.
View ArticleSearching for the Right Fit: Balancing IT Security Management Model Trade-Offs
IT security professionals’ effectiveness in an organization is influenced not only by how usable their security management tools are but also by how well the organization’s security management model...
View ArticleA Two-factor Authentication Mechanism Using Mobile Phones
Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size. Relying on the personalized and trusted nature of such devices, security features...
View ArticleGuidelines for Designing IT Security Management Tools
An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for...
View ArticleAuxiliary Material for the Study of Security Practitioners in Context: Their...
This technical report contains additional material for the study, which investigated the context of interactions of IT security practitioners.
View ArticleTowards Improving Mental Models of Personal Firewall Users
Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. However, our study of this interface revealed that concealing the impact of...
View Article
More Pages to Explore .....