To read this content please select one of the options below:

Investigating the work practices of network security professionals

Muhammad Adnan (Interactive and Trustworthy Technologies Group, Glasgow Caledonian University, Glasgow, UK)
Mike Just (Interactive and Trustworthy Technologies Group, Glasgow Caledonian University, Glasgow, UK)
Lynne Baillie (Interactive and Trustworthy Technologies Group, Glasgow Caledonian University, Glasgow, UK)
Hilmi Gunes Kayacik (Interactive and Trustworthy Technologies Group, Glasgow Caledonian University, Glasgow, UK)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 13 July 2015

990

Abstract

Purpose

The purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.

Design/methodology/approach

The proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.

Findings

The empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.

Research limitations/implications

Further studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.

Practical implications

A robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.

Originality/value

This paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.

Keywords

Acknowledgements

The authors would like to thank the participants that responded to the survey. The research leading to these results has received funding from the People Programme (Marie Curie Actions) of the European Union’s 7th Framework Programme (FP7/2007-2013) under REA grant agreement PIIF-GA-2011-301536.

Citation

Adnan, M., Just, M., Baillie, L. and Kayacik, H.G. (2015), "Investigating the work practices of network security professionals", Information and Computer Security, Vol. 23 No. 3, pp. 347-367. https://doi.org/10.1108/ICS-07-2014-0049

Publisher

:

Emerald Group Publishing Limited

Copyright © 2015, Emerald Group Publishing Limited

Related articles