Effective IS Security: An Empirical Study

被引：396

作者：

Straub, Detmar W., Jr. ^{[1
]}

机构：

[1] Univ Minnesota, Curtis L Carlson Sch Management, Minneapolis, MN 55455 USA

来源：

INFORMATION SYSTEMS RESEARCH | 1990年 / 1卷 / 03期

关键词：

Computer security; Information security; General Deterrence Theory; Computer crime; Computer ethics; Protection of the information resource;

D O I：

10.1287/isre.1.3.255

中图分类号：

G25 [图书馆学、图书馆事业]; G35 [情报学、情报工作];

学科分类号：

1205 ; 120501 ;

摘要：

Information security has not been a high priority for most managers. Many permit their installations to be either lightly protected or wholly unprotected, apparently willing to risk major losses from computer abuse. This study, based on the criminological theory of general deterrence, investigates whether a management decision to invest in IS security results in more effective control of computer abuse. Data gathered through a survey of 1,211 randomly selected organizations indicates that security countermeasures that include deterrent administrative procedures and preventive security software will result in significantly lower computer abuse. Knowledge about these relationships is useful for making key decisions about the security function.

引用

页码：255 / 276

页数：22

共 61 条

[1]

*ABA, 1984, REP COMP CRIM

[2]

AICPA, 1984, REP STUD EDP REL FRA

[3]

Allen M. J., 1979, INTRO MEASUREMENT TH

[4]

[Anonymous], 1994, SURV RES METHODS-GER

[5]

BAGOZZI RP, 1980, CAUSAL METHODS MARKE

[6] SMIS Members: A Membership Analysis [J].

Ball, Leslie ;

Harris, Richard .

MIS QUARTERLY, 1982, 6 (01) :19-38

[7] STRUCTURAL EQUATION MODELS [J].

BIELBY, WT ;

HAUSER, RM .

ANNUAL REVIEW OF SOCIOLOGY, 1977, 3 :137-161

[8]

Blalock H. M. J., 1969, THEORY CONSTRUCTION

[9]

BloomBecker Jay, 1986, COMPUTER CRIME COMPU

[10]

Blumstein A., 1978, DETERRENCE INCAPACIT

← 1 2 3 4 5 6 7 →