Effective IS Security: An Empirical Study
成果类型:
Article
署名作者:
Straub, Detmar W., Jr.
署名单位:
University of Minnesota System; University of Minnesota Twin Cities
刊物名称:
INFORMATION SYSTEMS RESEARCH
ISSN/ISSBN:
1047-7047
DOI:
10.1287/isre.1.3.255
发表日期:
1990
页码:
255-276
关键词:
ISSUES
摘要:
Information security has not been a high priority for most managers. Many permit their installations to be either lightly protected or wholly unprotected, apparently willing to risk major losses from computer abuse. This study, based on the criminological theory of general deterrence, investigates whether a management decision to invest in IS security results in more effective control of computer abuse. Data gathered through a survey of 1,211 randomly selected organizations indicates that security countermeasures that include deterrent administrative procedures and preventive security software will result in significantly lower computer abuse. Knowledge about these relationships is useful for making key decisions about the security function.
来源URL: