Speaker: Dr. Konstantin Beznosov, Professor of Electrical and Computer Engineering and Director of the Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after a security breach. In order for technological solutions to provide effective support to IT security practitioners, tool developers need to understand better not only the technical, but also the human and organizational dimensions of IT security. To date, there is little empirical evidence about how human, organizational, and technological factors impact the processes of managing IT security. Moreover, little is known about the responsibilities and roles of security practitioners or the effectiveness of their tools and security management practices. The Human, Organization, and Technology Centred Improvement of IT Security Administration (
HOT Admin) research project is working to fill this gap.
We use qualitative methods to study experiences of IT security practitioners along several themes including: unique characteristics of IT security vs. general IT, the challenges the security professionals face within the organization, their activities and interactions, what makes them to err, and the impact of the organizational security management models that structure their work. We present preliminary results for each theme, as well as the implications of these results on tool development and research.
If you are planning to attend this seminar, please contact a SHARCNET staff member at your local institution as AG rooms will only be opened for these seminars where someone has indicated they plan to attend.
