House of Security: Locale, Roles and Resources for Ensuring Information Security

MIT Sloan Research Paper No. 4623-06

CISL Working Paper No. 2006-08

7 Pages Posted: 28 Aug 2006

See all articles by Wee Horng Ang

Wee Horng Ang

Massachusetts Institute of Technology (MIT)

Yang Lee

Massachusetts Institute of Technology (MIT); Northeastern University - Management Information Systems Area

Stuart Madnick

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Dinsha Mistree

Princeton University - Department of Political Science

Michael Siegel

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Diane M. Strong

Worcester Polytechnic Institute (WPI)

Richard Y. Wang

Massachusetts Institute of Technology (MIT)

Chrisy Yao

Suffolk University

Date Written: August 2006

Abstract

In this paper we redefine information security by extending its definition in three salient avenues: locale (beyond the boundary of an enterprise to include partner organizations), role (beyond the information custodians' view to include information consumers' and managers' views), and resource (beyond technical dimensions to include managerial dimensions). Based on our definition, we develop a model of information security, which we call the House of Security. This model has eight constructs, Vulnerability, Accessibility, Confidentiality, IT Resources for Security, Financial Resources for Security, Business Strategy for Security, Security Policy and Procedures, and Security Culture. We have developed a questionnaire to measure the assessment and importance of information security along these eight aspects. The questionnaire covers multiple locales and questionnaire respondents cover multiple roles. Data collection is currently in process. Results from our analysis of the collected data will be ready for presentation at the conference.

Keywords: Information security, Security vulnerabilities, Information confidentiality, Security policy, Security procedures, Security culture

Suggested Citation

Ang, Wee Horng and Lee, Yang and Madnick, Stuart E. and Mistree, Dinsha and Siegel, Michael and Strong, Diane M. and Wang, Richard Y. and Yao, Chrisy, House of Security: Locale, Roles and Resources for Ensuring Information Security (August 2006). MIT Sloan Research Paper No. 4623-06; CISL Working Paper No. 2006-08. Available at SSRN: https://ssrn.com/abstract=926627 or http://dx.doi.org/10.2139/ssrn.926627

Wee Horng Ang

Massachusetts Institute of Technology (MIT) ( email )

77 Massachusetts Avenue
50 Memorial Drive
Cambridge, MA 02139-4307
United States

Yang Lee

Massachusetts Institute of Technology (MIT) ( email )

50 Memorial Drive
Cambridge, MA 02139-4307
United States

Northeastern University - Management Information Systems Area ( email )

Boston, MA 02115
United States

Stuart E. Madnick (Contact Author)

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

E53-321
Cambridge, MA 02142
United States
617-253-6671 (Phone)
617-253-3321 (Fax)

Dinsha Mistree

Princeton University - Department of Political Science ( email )

Corwin Hall
Princeton, NJ 08544-1012
United States

Michael Siegel

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

E53-323
Cambridge, MA 02142
United States
617-253-2937 (Phone)
617-258-7579 (Fax)

Diane M. Strong

Worcester Polytechnic Institute (WPI) ( email )

100 Institute Road
Worcester, MA 01609
United States

Richard Y. Wang

Massachusetts Institute of Technology (MIT) ( email )

E53-317
Cambridge, MA 02139
United States
617-253-0442 (Phone)
617-253-3321 (Fax)

Chrisy Yao

Suffolk University ( email )

Boston, MA 02108

Register to save articles to
your library

Register

Paper statistics

Downloads
171
Abstract Views
1,257
rank
174,031
PlumX Metrics