THREATS TO INFORMATION-SYSTEMS - TODAYS REALITY, YESTERDAYS UNDERSTANDING

Article

LOCH, KD; CARR, HH; WARKENTIN, ME

Auburn University System; Auburn University; Bryant University

MIS QUARTERLY

0276-7783

10.2307/249574

1992

173-186

Information systems security remains high on the list of key issues facing information systems executives. Traditional concerns range from forced entry into computer and storage rooms to destruction by fire, earthquake, flood, and hurricane. Recent attention focuses on protecting information systems and data from accidental or intentional unauthorized access, disclosure, modification, or destruction. The consequences of these events can range from degraded or disrupted service to customers to corporate failure. This article reports on a study investigating MIS executives' concern about a variety of threats. A relatively new threat, computer viruses, was found to be a particular concern. The results highlight a gap between the use of modem technology and the understanding of the security implications inherent in its use. Many of responding information systems managers have migrated their organizations into the highly interconnected environment of modem technology but continue to view threats from a perspective of a pre-connectivity era. They expose their firms to unfamiliar risks of which they are unaware, refuse to acknowledge, or are often poorly equipped to manage.