The purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.
The proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.
The empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.
Further studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.
A robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.
This paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.
The authors would like to thank the participants that responded to the survey. The research leading to these results has received funding from the People Programme (Marie Curie Actions) of the European Union’s 7th Framework Programme (FP7/2007-2013) under REA grant agreement PIIF-GA-2011-301536.
Adnan, M., Just, M., Baillie, L. and Kayacik, H. (2015), "Investigating the work practices of network security professionals", Information and Computer Security, Vol. 23 No. 3, pp. 347-367. https://doi.org/10.1108/ICS-07-2014-0049Download as .RIS
Emerald Group Publishing Limited
Copyright © 2015, Emerald Group Publishing Limited