Defining the Information Security Posture: An Empirical Examination of Structure, Integration, and Managerial Effectiveness

PDF Version Also Available for Download.

Description

The discipline of information security management is still in its infancy as evidenced by the lack of empirical scholarly work in this area. Most research within the information security domain focuses on specific technologies and algorithms and how it impacts the principles of confidentiality, integrity, and availability. But, an important area receiving little attention is the antecedents of effective information security management at the organizational level (Stanton, Guzman, Stam & Caldera, 2003). The little empirical research that has been conducted in this area has shown that information security management in many organizations is poor (Baskerville, 1993; Shimeall & McDermott, 1999). ... continued below

Creation Information

Young, Randall Frederick August 2008.

Context

This dissertation is part of the collection entitled: UNT Theses and Dissertations and was provided by UNT Libraries to Digital Library, a digital repository hosted by the UNT Libraries. It has been viewed 955 times , with 6 in the last month . More information about this dissertation can be viewed below.

Who

People and organizations associated with either the creation of this dissertation or its content.

Chair

Committee Members

Publisher

Rights Holder

For guidance see Citations, Rights, Re-Use.

  • Young, Randall Frederick

Provided By

UNT Libraries

With locations on the Denton campus of the University of North Texas and one in Dallas, UNT Libraries serves the school and the community by providing access to physical and online collections; The Portal to Texas History and UNT Digital Libraries; academic research, and much, much more.

Contact Us

What

Descriptive information to help identify this dissertation. Follow the links below to find similar items on the Digital Library.

Description

The discipline of information security management is still in its infancy as evidenced by the lack of empirical scholarly work in this area. Most research within the information security domain focuses on specific technologies and algorithms and how it impacts the principles of confidentiality, integrity, and availability. But, an important area receiving little attention is the antecedents of effective information security management at the organizational level (Stanton, Guzman, Stam & Caldera, 2003). The little empirical research that has been conducted in this area has shown that information security management in many organizations is poor (Baskerville, 1993; Shimeall & McDermott, 1999). Several researchers have identified the need for methods to measure the organization-wide information security posture of organizations (Eloff & Von Solms, 2000; James, 1996). This dissertation attempts to measure the organization-wide information security posture by examining benchmark variables that assess role, planning orientation, and performance structure within the organization. Through this conceptualization of an organization's information security posture, a means is presented to measure overall information security and how it impacts the effective utilization of information security strategies. The presence of the dependent variable, effectiveness, gives academics and practitioners a success measure which can guide more effective decision making in the information security domain. An additional aim of this dissertation is to empirically examine the influence of management practices and decisions on effective use of information security strategies within the organization. The issues of centralization versus decentralization of information security activities will be evaluated along with its impact on information security posture of organizations and the effectiveness of the organization's information security strategies. Data was collected from 119 IT and information security executives. Results show that how the organization structures information security activities is not correlated with more effective utilization of information security strategies. Meanwhile, the organization's information security posture is significantly correlated with more effective utilization of information security strategies. The implications of this research is discussed.

Language

Identifier

Unique identifying numbers for this dissertation in the Digital Library or other systems.

Collections

This dissertation is part of the following collection of related materials.

UNT Theses and Dissertations

Theses and dissertations represent a wealth of scholarly and artistic content created by masters and doctoral students in the degree-seeking process. Some ETDs in this collection are restricted to use by the UNT community.

What responsibilities do I have when using this dissertation?

When

Dates and time periods associated with this dissertation.

Creation Date

  • August 2008

Added to The UNT Digital Library

  • May 11, 2009, 8:08 p.m.

Description Last Updated

  • April 26, 2016, 5:01 p.m.

Usage Statistics

When was this dissertation last used?

Yesterday: 0
Past 30 days: 6
Total Uses: 955

Interact With This Dissertation

Here are some suggestions for what to do next.

Start Reading

PDF Version Also Available for Download.

Citations, Rights, Re-Use

Young, Randall Frederick. Defining the Information Security Posture: An Empirical Examination of Structure, Integration, and Managerial Effectiveness, dissertation, August 2008; Denton, Texas. (digital.library.unt.edu/ark:/67531/metadc9006/: accessed November 22, 2017), University of North Texas Libraries, Digital Library, digital.library.unt.edu; .