Developing contextual understanding of information security risks

Moufida Sadok; Vasilios Katos; Peter Bednar

Developing contextual understanding of information security risks

Moufida Sadok, Vasilios Katos, Peter Bednar

Democritus University of Thrace

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

86 Downloads (Pure)

Abstract

Given the uncertainty and complexity of security risk analyses, there is a great need of tools for contextual inquiry supporting assessment of risk with multi-value scales according to different stakeholders' point of view. Such tools can be used at individual level to help develop the understanding of a problem space. At the collective level, they can be used as a mean of communication to support the discussion, comparison and exploration of different understandings. The exploration of multiple perspectives of contextual understanding avoids entrapment in various types of reductionism and eliminates tendencies towards a deterministic reasoning and the pursuit of one optimum solution. A critical challenge is first developing a large spectrum of alternatives and then managing how the differences and similarities between alternatives will be handled to efficiently support decisions in information systems security (ISS). To address the aforementioned challenges, this paper seeks to explore the potential relevance of cognitive maps use in an ISS context to support the exploration of individual understanding leading to richer elaboration of problem spaces.

Original language	English
Title of host publication	Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance
Subtitle of host publication	HAISA 2014
Editors	Nathan L. Clarke, Steven M. Furnell
Publisher	University of Plymouth
Pages	1-10
Number of pages	10
ISBN (Print)	978-1-84102-375-5
Publication status	Published - 8 Jul 2014
Event	8th International Symposium on Human Aspects of Information Security & Assurance: HAISA 2014 - University of Plymouth, Plymouth, United Kingdom Duration: 8 Jul 2014 → 9 Jul 2014 https://www.researchgate.net/publication/263939773_Developing_Contextual_Understanding_of_Information_Security_Risks

Conference

Conference	8th International Symposium on Human Aspects of Information Security & Assurance
Abbreviated title	HAISA 2014
Country/Territory	United Kingdom
City	Plymouth
Period	8/07/14 → 9/07/14
Internet address	https://www.researchgate.net/publication/263939773_Developing_Contextual_Understanding_of_Information_Security_Risks

Access to Document

Developing contextual understanding of information security risksFinal published version, 824 KB

https://www.cscan.org/default.asp?page=openaccess&eid=15&id=248

Cite this

@inproceedings{a3ba8e983fc249c3825b6b17177deb12,

title = "Developing contextual understanding of information security risks",

abstract = "Given the uncertainty and complexity of security risk analyses, there is a great need of tools for contextual inquiry supporting assessment of risk with multi-value scales according to different stakeholders' point of view. Such tools can be used at individual level to help develop the understanding of a problem space. At the collective level, they can be used as a mean of communication to support the discussion, comparison and exploration of different understandings. The exploration of multiple perspectives of contextual understanding avoids entrapment in various types of reductionism and eliminates tendencies towards a deterministic reasoning and the pursuit of one optimum solution. A critical challenge is first developing a large spectrum of alternatives and then managing how the differences and similarities between alternatives will be handled to efficiently support decisions in information systems security (ISS). To address the aforementioned challenges, this paper seeks to explore the potential relevance of cognitive maps use in an ISS context to support the exploration of individual understanding leading to richer elaboration of problem spaces.",

author = "Moufida Sadok and Vasilios Katos and Peter Bednar",

year = "2014",

month = jul,

day = "8",

language = "English",

isbn = "978-1-84102-375-5",

pages = "1--10",

editor = "Clarke, {Nathan L.} and Furnell, {Steven M.}",

booktitle = "Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance",

publisher = "University of Plymouth",

note = "8th International Symposium on Human Aspects of Information Security & Assurance : HAISA 2014, HAISA 2014 ; Conference date: 08-07-2014 Through 09-07-2014",

url = "https://www.researchgate.net/publication/263939773_Developing_Contextual_Understanding_of_Information_Security_Risks",

}

Sadok, M, Katos, V & Bednar, P 2014, Developing contextual understanding of information security risks. in NL Clarke & SM Furnell (eds), Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance: HAISA 2014. University of Plymouth, pp. 1-10, 8th International Symposium on Human Aspects of Information Security & Assurance, Plymouth, United Kingdom, 8/07/14. <https://www.cscan.org/default.asp?page=openaccess&eid=15&id=248>

Developing contextual understanding of information security risks. / Sadok, Moufida; Katos, Vasilios; Bednar, Peter.
Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance: HAISA 2014. ed. / Nathan L. Clarke; Steven M. Furnell. University of Plymouth, 2014. p. 1-10.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Developing contextual understanding of information security risks

AU - Sadok, Moufida

AU - Katos, Vasilios

AU - Bednar, Peter

PY - 2014/7/8

Y1 - 2014/7/8

N2 - Given the uncertainty and complexity of security risk analyses, there is a great need of tools for contextual inquiry supporting assessment of risk with multi-value scales according to different stakeholders' point of view. Such tools can be used at individual level to help develop the understanding of a problem space. At the collective level, they can be used as a mean of communication to support the discussion, comparison and exploration of different understandings. The exploration of multiple perspectives of contextual understanding avoids entrapment in various types of reductionism and eliminates tendencies towards a deterministic reasoning and the pursuit of one optimum solution. A critical challenge is first developing a large spectrum of alternatives and then managing how the differences and similarities between alternatives will be handled to efficiently support decisions in information systems security (ISS). To address the aforementioned challenges, this paper seeks to explore the potential relevance of cognitive maps use in an ISS context to support the exploration of individual understanding leading to richer elaboration of problem spaces.

AB - Given the uncertainty and complexity of security risk analyses, there is a great need of tools for contextual inquiry supporting assessment of risk with multi-value scales according to different stakeholders' point of view. Such tools can be used at individual level to help develop the understanding of a problem space. At the collective level, they can be used as a mean of communication to support the discussion, comparison and exploration of different understandings. The exploration of multiple perspectives of contextual understanding avoids entrapment in various types of reductionism and eliminates tendencies towards a deterministic reasoning and the pursuit of one optimum solution. A critical challenge is first developing a large spectrum of alternatives and then managing how the differences and similarities between alternatives will be handled to efficiently support decisions in information systems security (ISS). To address the aforementioned challenges, this paper seeks to explore the potential relevance of cognitive maps use in an ISS context to support the exploration of individual understanding leading to richer elaboration of problem spaces.

UR - http://www.haisa.org/

M3 - Conference contribution

SN - 978-1-84102-375-5

SP - 1

EP - 10

BT - Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance

A2 - Clarke, Nathan L.

A2 - Furnell, Steven M.

PB - University of Plymouth

T2 - 8th International Symposium on Human Aspects of Information Security & Assurance

Y2 - 8 July 2014 through 9 July 2014

ER -

Developing contextual understanding of information security risks

Abstract

Conference

Access to Document

Fingerprint

Cite this