Development of computer-based information systems: A communication framework
ACM SIGMIS Database
Inside a software design team: knowledge acquisition, sharing, and integration
Communications of the ACM
Of maps and scripts—the status of formal constructs in cooperative work
GROUP '97 Proceedings of the international ACM SIGGROUP conference on Supporting group work: the integration challenge
Contextual design: defining customer-centered systems
Contextual design: defining customer-centered systems
Cognitive Work Analysis: Towards Safe, Productive, and Healthy Computer-Based Work
Cognitive Work Analysis: Towards Safe, Productive, and Healthy Computer-Based Work
Designing for loose coupling in mobile groups
GROUP '03 Proceedings of the 2003 international ACM SIGGROUP conference on Supporting group work
Why there aren't more information security research studies
Information and Management
Knowledge management technology
IBM Systems Journal
Evaluating computer-supported cooperative work: models and frameworks
CSCW '04 Proceedings of the 2004 ACM conference on Computer supported cooperative work
I know my network: collaboration and expertise in intrusion detection
CSCW '04 Proceedings of the 2004 ACM conference on Computer supported cooperative work
Field studies of computer system administrators: analysis of system management tools and practices
CSCW '04 Proceedings of the 2004 ACM conference on Computer supported cooperative work
ICEC '04 Proceedings of the 6th international conference on Electronic commerce
Johnny 2: a user test of key continuity management with S/MIME and Outlook Express
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
A Mathematical Theory of Communication
A Mathematical Theory of Communication
Awareness and teamwork in computer-supported collaborations
Interacting with Computers
Design guidelines for system administration tools developed through ethnographic field studies
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A knowledge architecture for IT security
Communications of the ACM - Creating a science of games
Towards understanding IT security professionals and their tools
Proceedings of the 3rd symposium on Usable privacy and security
Human, organizational, and technological factors of IT security
CHI '08 Extended Abstracts on Human Factors in Computing Systems
Security practitioners in context: their activities and interactions
CHI '08 Extended Abstracts on Human Factors in Computing Systems
Searching for the Right Fit: Balancing IT Security Management Model Trade-Offs
IEEE Internet Computing
The challenges of using an intrusion detection system: is it worth the effort?
Proceedings of the 4th symposium on Usable privacy and security
International Journal of Human-Computer Studies
An integrative study of information systems security effectiveness
International Journal of Information Management: The Journal for Information Professionals
A case study of enterprise identity management system adoption in an insurance organization
Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Heuristics for evaluating IT security management tools
Proceedings of the Seventh Symposium on Usable Privacy and Security
GROUP workshop proposal: collaboration in managing computer systems
Proceedings of the 17th ACM international conference on Supporting group work
Hi-index | 0.00 |
This study investigates the context of interactions of information technology (IT) security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for security-tool usability scenarios. We propose a model of the factors contributing to the complexity of interactions between security practitioners and other stakeholders, and discuss how this complexity is a potential source of security issues that increase the risk level within organizations. Our analysis also reveals that the tools used by our participants to perform their security tasks provide insufficient support for the complex, collaborative interactions that their duties involve. We offer several recommendations for addressing this complexity and improving IT security tools.