An analysis of information security in selected Australian organisations
Masters Thesis
Title | An analysis of information security in selected Australian organisations |
---|---|
Type | Masters Thesis |
Authors | |
Author | Darragh, Warren J. |
Supervisor | Fitzgerald, Edmond |
Institution of Origin | University of Southern Queensland |
Qualification Name | Master of Information Technology (Research) |
Number of Pages | 235 |
Year | 2009 |
Abstract | Previous, mainly quantitative, research has indicated that information security threats and incidents are having a significant impact on the conduct of electronic business - and office automation in general - both nationally and internationally. However, as revealed by this study's extensive review of the relevant literature, our understanding of the information security situation in Australian organisations has been quite limited. There has been very little detailed research into security threats and incidents and, equally importantly, the strategies the Australian IT industry is using to deal with them. In addressing that deficiency, this study used a qualitative, case-based research methodology involving a variety of Australian organisations. The case based approach, using in-depth interviews, facilitated a thorough examination of the information security risks (threats and incidents) and enabled assessment and analysis of management actions (countermeasures) to mitigate the identified risks. The major findings with regard to this study's research issues are: The case-study organisations are generally highly reliant on IT for the conduct of their business and therefore would be heavily impacted if it was unavailable Whilst Australian organisations were generally well prepared and versed on security issues, the findings indicate the need for the application of best practice across the industry as a whole. A degree of cynicism regarding the nature of the hacking threat was evident – with many participants believing that the threat is overstated. Indeed this study uncovered little direct evidence of the organisations involved being subjected to actual hacker attacks. The framework developed for this study and its findings are readily adaptable for use by industry. By following the process specified in the framework, organisations will be better able to identify both likely and unlikely threats and incidents and deploy appropriate countermeasures. |
Keywords | information security; organisations; Australia |
ANZSRC Field of Research 2020 | 460499. Cybersecurity and privacy not elsewhere classified |
Byline Affiliations | Faculty of Business |
https://research.usq.edu.au/item/9z6qw/an-analysis-of-information-security-in-selected-australian-organisations
Download files
2308
total views913
total downloads2
views this month1
downloads this month