The House of Security: Stakeholder Perceptions of Security Assessment and Importance

10 Pages Posted: 11 Sep 2007  

Stuart Madnick

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Wee Horng Ang

Massachusetts Institute of Technology (MIT)

Yang Lee

Massachusetts Institute of Technology (MIT); Northeastern University - Management Information Systems Area

Dinsha Mistree

Princeton University - Department of Political Science

Michael Siegel

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Diane M. Strong

Worcester Polytechnic Institute (WPI)

Richard Y. Wang

Massachusetts Institute of Technology (MIT)

Date Written: July 2007

Abstract

In this paper we introduce a methodology for analyzing differences regarding security perceptions within and between stakeholders, and the elements which affect these perceptions. We have designed the "House of Security", a security assessment model that provides the basic framework for considering eight different constructs of security:

Vulnerability, Accessibility, Confidentiality, Technology Resources for Security, Financial Resources for Security, Business Strategy for Security, Security Policy and Procedures, and Security Culture.

We designed and performed a survey of about 1500 professionals in various industries, levels, and functions resulting in a gap analysis to uncover differences (1) between the different constructs and aspects of security, (2) between different enterprise stakeholder roles, and (3) between different organizations. This paper briefly describes the development of the security constructs and some of the preliminary findings.

Keywords: Security Assessment, Business Strategy for Security, Security Policy

Suggested Citation

Madnick, Stuart and Ang, Wee Horng and Lee, Yang and Mistree, Dinsha and Siegel, Michael and Strong, Diane M. and Wang, Richard Y., The House of Security: Stakeholder Perceptions of Security Assessment and Importance (July 2007). MIT Sloan Research Paper No. 4662-07. Available at SSRN: https://ssrn.com/abstract=1012426 or http://dx.doi.org/10.2139/ssrn.1012426

Stuart E. Madnick (Contact Author)

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

E53-321
Cambridge, MA 02142
United States
617-253-6671 (Phone)
617-253-3321 (Fax)

Wee Horng Ang

Massachusetts Institute of Technology (MIT) ( email )

77 Massachusetts Avenue
50 Memorial Drive
Cambridge, MA 02139-4307
United States

Yang Lee

Massachusetts Institute of Technology (MIT) ( email )

50 Memorial Drive
Cambridge, MA 02139-4307
United States

Northeastern University - Management Information Systems Area ( email )

Boston, MA 02115
United States

Dinsha Mistree

Princeton University - Department of Political Science ( email )

Corwin Hall
Princeton, NJ 08544-1012
United States

Michael Siegel

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

E53-323
Cambridge, MA 02142
United States
617-253-2937 (Phone)
617-258-7579 (Fax)

Diane M. Strong

Worcester Polytechnic Institute (WPI) ( email )

100 Institute Road
Worcester, MA 01609
United States

Richard Y. Wang

Massachusetts Institute of Technology (MIT) ( email )

E53-317
Cambridge, MA 02139
United States
617-253-0442 (Phone)
617-253-3321 (Fax)

Paper statistics

Downloads
132
Rank
177,729
Abstract Views
1,098