Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Stress Amongst Novice Information Security Risk Management Practitioners
Jönköping University, School of Engineering, JTH, Computer Science and Informatics. Jönköping University.ORCID iD: 0000-0002-1436-2980
Luleå tekniska universitet, Digitala tjänster och system.ORCID iD: 0000-0003-1692-5721
2019 (English)In: International Journal on Cyber Situational Awareness, ISSN 2057-2182, Vol. 4, no 1, p. 128-154Article in journal (Refereed) Published
Abstract [en]

Today, information is a key asset for many organisations. Reducing risks of information compromise is increasingly prioritised. However, there is an incomplete understanding of how organisations with limited security knowledge and experience manage information security risks in practice. Previous studies have suggested that security-novice employees faced with burdensome, complex, and ambiguous security requirements can experience security-related stress (SRS), and ultimately influence their security decisions. In this study, we further this research stream by suggesting that SRS can similarly be found with security-novice managers responsible for developing and practising information security risk management (ISRM). Two organisations were targeted in the study using a case study approach, to obtain data about their practices, using SRS as an analytical lens. The study found various examples where SRS influenced security-novice managers’ decisions, and identifies several stressors and stress inhibitors in the ISRM process and supporting ISRM tools, and discusses the implications for practitioners.

Place, publisher, year, edition, pages
Centre for Multidisciplinary Research, Innovation and Collaboration (C-MRiC) , 2019. Vol. 4, no 1, p. 128-154
Keywords [en]
Security-novice, information security, information security risk management, stress, tools, compliance, management
National Category
Information Systems, Social aspects
Research subject
Information systems
Identifiers
URN: urn:nbn:se:hj:diva-47035DOI: 10.22619/IJCSAOAI: oai:DiVA.org:hj-47035DiVA, id: diva2:1376448
Note

Validerad;2019;Nivå 1;2019-12-09 (johcin)

Available from: 2019-12-09 Created: 2019-12-09 Last updated: 2019-12-09

Open Access in DiVA

fulltext(437 kB)58 downloads
File information
File name FULLTEXT01.pdfFile size 437 kBChecksum SHA-512
849c8eb76f23dd17592aa0c5a226d07f6cc84e05c27be3128f118df00b1dfa902cfb6c55ef71b26604dc069880d0979608e0e2a3f75756522ffbfd5ca088a3ae
Type fulltextMimetype application/pdf

Other links

Publisher's full text

Authority records BETA

Bergström, Erik

Search in DiVA

By author/editor
Bergström, ErikLundgren, Martin
By organisation
JTH, Computer Science and Informatics
Information Systems, Social aspects

Search outside of DiVA

GoogleGoogle Scholar
Total: 58 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 245 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf