The House of Security: Stakeholder Perceptions of Security Assessment and Importance
Author(s)
Ang, Wee Horng; Deng, Vicki; Lee, Yang; Madnick, Stuart; Mistree, Dinsha; Siegel, Michael; Strong, Diane; ... Show more Show less
Download4662-07.pdf (176.0Kb)
Metadata
Show full item recordAbstract
In this paper we introduce a methodology for analyzing differences regarding security
perceptions within and between stakeholders, and the elements which affect these
perceptions. We have designed the “House of Security”, a security assessment model that
provides the basic framework for considering eight different constructs of security:
Vulnerability, Accessibility, Confidentiality, Technology Resources for Security,
Financial Resources for Security, Business Strategy for Security, Security Policy and
Procedures, and Security Culture.
We designed and performed a survey of about 1500 professionals in various industries,
levels, and functions resulting in a gap analysis to uncover differences (1) between the
different constructs and aspects of security, (2) between different enterprise stakeholder
roles, and (3) between different organizations. This paper briefly describes the
development of the security constructs and some of the preliminary findings.
Date issued
2007-11-30Series/Report no.
MIT Sloan School of Management Working Paper4662-07
Keywords
Security