Developing contextual understanding of information security risks

Moufida Sadok, Vasilios Katos, Peter Bednar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

38 Downloads (Pure)

Abstract

Given the uncertainty and complexity of security risk analyses, there is a great need of tools for contextual inquiry supporting assessment of risk with multi-value scales according to different stakeholders' point of view. Such tools can be used at individual level to help develop the understanding of a problem space. At the collective level, they can be used as a mean of communication to support the discussion, comparison and exploration of different understandings. The exploration of multiple perspectives of contextual understanding avoids entrapment in various types of reductionism and eliminates tendencies towards a deterministic reasoning and the pursuit of one optimum solution. A critical challenge is first developing a large spectrum of alternatives and then managing how the differences and similarities between alternatives will be handled to efficiently support decisions in information systems security (ISS). To address the aforementioned challenges, this paper seeks to explore the potential relevance of cognitive maps use in an ISS context to support the exploration of individual understanding leading to richer elaboration of problem spaces.
Original languageEnglish
Title of host publicationProceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance
Subtitle of host publicationHAISA 2014
EditorsNathan L. Clarke, Steven M. Furnell
PublisherUniversity of Plymouth
Pages1-10
Number of pages10
ISBN (Print)978-1-84102-375-5
Publication statusPublished - 8 Jul 2014
Event8th International Symposium on Human Aspects of Information Security & Assurance: HAISA 2014 - University of Plymouth, Plymouth, United Kingdom
Duration: 8 Jul 20149 Jul 2014
https://www.researchgate.net/publication/263939773_Developing_Contextual_Understanding_of_Information_Security_Risks

Conference

Conference8th International Symposium on Human Aspects of Information Security & Assurance
Abbreviated titleHAISA 2014
Country/TerritoryUnited Kingdom
CityPlymouth
Period8/07/149/07/14
Internet address

Fingerprint

Dive into the research topics of 'Developing contextual understanding of information security risks'. Together they form a unique fingerprint.

Cite this