Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Stress Amongst Novice Information Security Risk Management Practitioners
Jönköping University. (Computer Science and Informatics)ORCID iD: 0000-0002-1436-2980
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Digital Services and Systems. (Information Systems)ORCID iD: 0000-0003-1692-5721
2019 (English)In: International Journal on Cyber Situational Awareness, ISSN 2057-2182, Vol. 4, no 1, p. 128-154Article in journal (Refereed) Published
Abstract [en]

Today, information is a key asset for many organisations. Reducing risks of information compromise is increasingly prioritised. However, there is an incomplete understanding of how organisations with limited security knowledge and experience manage information security risks in practice. Previous studies have suggested that security-novice employees faced with burdensome, complex, and ambiguous security requirements can experience security-related stress (SRS), and ultimately influence their security decisions. In this study, we further this research stream by suggesting that SRS can similarly be found with security-novice managers responsible for developing and practising information security risk management (ISRM). Two organisations were targeted in the study using a case study approach, to obtain data about their practices, using SRS as an analytical lens. The study found various examples where SRS influenced security-novice managers’ decisions, and identifies several stressors and stress inhibitors in the ISRM process and supporting ISRM tools, and discusses the implications for practitioners.

Place, publisher, year, edition, pages
Centre for Multidisciplinary Research, Innovation and Collaboration (C-MRiC) , 2019. Vol. 4, no 1, p. 128-154
Keywords [en]
Security-novice, information security, information security risk management, stress, tools, compliance, management
National Category
Information Systems, Social aspects
Research subject
Information systems
Identifiers
URN: urn:nbn:se:ltu:diva-77107DOI: 10.22619/IJCSAOAI: oai:DiVA.org:ltu-77107DiVA, id: diva2:1376214
Note

Validerad;2019;Nivå 1;2019-12-09 (johcin)

Available from: 2019-12-09 Created: 2019-12-09 Last updated: 2019-12-09Bibliographically approved

Open Access in DiVA

fulltext(437 kB)21 downloads
File information
File name FULLTEXT01.pdfFile size 437 kBChecksum SHA-512
849c8eb76f23dd17592aa0c5a226d07f6cc84e05c27be3128f118df00b1dfa902cfb6c55ef71b26604dc069880d0979608e0e2a3f75756522ffbfd5ca088a3ae
Type fulltextMimetype application/pdf

Other links

Publisher's full text

Search in DiVA

By author/editor
Bergström, ErikLundgren, Martin
By organisation
Digital Services and Systems
Information Systems, Social aspects

Search outside of DiVA

GoogleGoogle Scholar
Total: 21 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 24 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf