Summary: | This thesis investigates four different aspects of information security management: challenges
faced by security practitioners, interactive collaborations among security practitioners and other
stakeholders, diagnostic work performed by security practitioners during the response to incidents,
and factors that impact the adoption of an intrusion detection system in one organization. Our
approach is based on qualitative analyzes of empirical data from semi-structured interviews and
participatory observation. For each theme under study, the contributions of the qualitative analysis
are twofold. First, we provide a richer understanding of the main factors that affect the security
within organizations. Second, equipped with this richer understanding, we provide recommendations
on how to improve security tools, along with opportunities for future research.
Our findings contribute to the understanding of the human, organizational, and technological
factors that affect security in organizations and the effectiveness of security tools. Our work also
highlights the need for continued refinement of how factors interplay by obtaining more rich data
(e.g., contextual inquiry), and the need to generalize and validate these findings through other
sources of information to study how these factors interplay (e.g., surveys).
|