An analysis of United Kingdom schools’ information security policies: a socio-technical approach

Research output: Chapter in Book/Report/Conference proceedingConference contribution

64 Downloads (Pure)

Abstract

UK schools collect and store large amounts of data on their students, parents, and staff. This makes them attractive targets for both external and internal attackers. To respond to and manage security risks, many schools have developed and implemented Information Security policies. This paper explores and analyses the content of 100 UK schools’ security policies with an aim to examine the extent to which these policies address security risks faced by schools. Such exploration has the potential to assess the effectiveness and the relevance of security policies. The key findings show that many security policies are primarily centered on traditional technology-focused solutions and not on threats targeting the human elements in their organisations. In addition, it could be argued that between poor readability scores and large word counts, these policies are not very accessible to staff. This paper proposes that a socio-technical approach to information security would potentially result in better understanding of the role and application of security policies in schools and, therefore, improved information security.
Original languageEnglish
Title of host publicationOrganizing in a Digitized World
Subtitle of host publicationIndividual, Managerial and Societal Issues
EditorsStefano Za, Augusta Consorti, Francesco Virili
PublisherSpringer
Pages176-189
Number of pages14
ISBN (Electronic)9783030868581
ISBN (Print)9783030868574
DOIs
Publication statusPublished - 9 Dec 2021
EventThe XVII Annual Conference of the Italian Section of AIS - University of Chieti-Pescara, Pescara, Italy
Duration: 16 Oct 202017 Oct 2020
http://www.itais.org/conference/2020/

Publication series

NameLecture Notes in Information Systems and Organisation
PublisherSpringer
Volume50
ISSN (Print)2195-4968
ISSN (Electronic)2195-4976

Conference

ConferenceThe XVII Annual Conference of the Italian Section of AIS
Country/TerritoryItaly
CityPescara
Period16/10/2017/10/20
Internet address

Keywords

  • cyber security
  • UK schools
  • information security policies
  • socio-technical approach

Fingerprint

Dive into the research topics of 'An analysis of United Kingdom schools’ information security policies: a socio-technical approach'. Together they form a unique fingerprint.

Cite this