Investigating the work practices of network security professionals
Abstract
Purpose
The purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.
Design/methodology/approach
The proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.
Findings
The empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.
Research limitations/implications
Further studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.
Practical implications
A robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.
Originality/value
This paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.
Keywords
Acknowledgements
The authors would like to thank the participants that responded to the survey. The research leading to these results has received funding from the People Programme (Marie Curie Actions) of the European Union’s 7th Framework Programme (FP7/2007-2013) under REA grant agreement PIIF-GA-2011-301536.
Citation
Adnan, M., Just, M., Baillie, L. and Kayacik, H.G. (2015), "Investigating the work practices of network security professionals", Information and Computer Security, Vol. 23 No. 3, pp. 347-367. https://doi.org/10.1108/ICS-07-2014-0049
Publisher
:Emerald Group Publishing Limited
Copyright © 2015, Emerald Group Publishing Limited