Investigating the work practices of network security professionals

Muhammad Adnan, Mike Just, Lynne Baillie, Hilmi Gunes Kayacik

Research output: Contribution to journalArticle

Abstract

Purpose
The purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.

Design/methodology/approach
The proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.

Findings
The empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.

Research limitations/implications
Further studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.

Practical implications
A robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.

Originality/value
This paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.
Original languageEnglish
Pages (from-to)347-367
Number of pages21
JournalInformation and Computer Security
Volume23
Issue number3
DOIs
Publication statusPublished - 2015

Fingerprint

Network security

Cite this

@article{904ac696ce694410880f24c33c82bc56,
title = "Investigating the work practices of network security professionals",
abstract = "PurposeThe purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.Design/methodology/approachThe proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.FindingsThe empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.Research limitations/implicationsFurther studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.Practical implicationsA robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.Originality/valueThis paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.",
author = "Muhammad Adnan and Mike Just and Lynne Baillie and Kayacik, {Hilmi Gunes}",
year = "2015",
doi = "10.1108/ICS-07-2014-0049",
language = "English",
volume = "23",
pages = "347--367",
journal = "Information and Computer Security",
issn = "2056-4961",
publisher = "Emerald Publishing Limited",
number = "3",

}

Investigating the work practices of network security professionals. / Adnan, Muhammad; Just, Mike; Baillie, Lynne; Kayacik, Hilmi Gunes.

In: Information and Computer Security, Vol. 23, No. 3, 2015, p. 347-367.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Investigating the work practices of network security professionals

AU - Adnan, Muhammad

AU - Just, Mike

AU - Baillie, Lynne

AU - Kayacik, Hilmi Gunes

PY - 2015

Y1 - 2015

N2 - PurposeThe purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.Design/methodology/approachThe proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.FindingsThe empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.Research limitations/implicationsFurther studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.Practical implicationsA robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.Originality/valueThis paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.

AB - PurposeThe purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.Design/methodology/approachThe proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.FindingsThe empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.Research limitations/implicationsFurther studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.Practical implicationsA robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.Originality/valueThis paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.

U2 - 10.1108/ICS-07-2014-0049

DO - 10.1108/ICS-07-2014-0049

M3 - Article

VL - 23

SP - 347

EP - 367

JO - Information and Computer Security

JF - Information and Computer Security

SN - 2056-4961

IS - 3

ER -