An effective approach for dealing with the pressure to compromise security during systems development

    Research output: Book chapter/Published conference paperConference paper

    Abstract

    This study looks into (1) the frequency with which Australian IT professionals compromise security to meet deadlines; (2) the causes of unprofessional behavior in the IT work place; (3) the best approach for tackling unprofessional behavior; and the effectiveness of this approach. These issues were addressed using a mixed research methodology that involved three data collection stages with the input of each stage being the output of the earlier stage. In the first stage, we conducted a survey of 2,315 Australian IT professionals which the Australian Computer Society helped promote. In the second stage, we interviewed 43 Australian IT professionals from six different Australian state capitals to understand the causes of unprofessional behavior in the IT work place and the best approach for tackling unprofessional behavior. Following the research participants’ suggestions, I implemented the approach suggested by the majority of participants. I then shared the links of the approach I implemented with the Australian IT professionals via the Australian Computer Society. In the final stage, I interviewed 28 IT professionals to receive their feedback with regards to the effectiveness of this approach in enhancing young IT professionals’ abilities to recognize unprofessional behavior. This paper presents the results from the three stages of this study.
    Original languageEnglish
    Title of host publicationSecurity and Privacy in Communication Networks
    Subtitle of host publicationSecureComm 2017 International Workshops Proceedings
    EditorsXiaodong Lin, Ali Ghorbani, Kui Ren, Sencun Zhu, Aiqing Zhang
    PublisherSpringer
    Pages32-46
    Number of pages15
    ISBN (Electronic)9783319788166
    ISBN (Print)9783319788159
    DOIs
    Publication statusPublished - 25 Apr 2018
    Event13th International Conference on Security and Privacy in Communication Networks: SecureComm 2017 - Crowne Plaza Niagara Falls – Fallsview, Niagara Falls, Canada
    Duration: 22 Oct 201725 Oct 2017
    http://securecomm.eai-conferences.org/ (Conference website)

    Publication series

    NameLecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
    PublisherSpringer
    Volume239
    ISSN (Electronic)1867-8211

    Conference

    Conference13th International Conference on Security and Privacy in Communication Networks
    CountryCanada
    CityNiagara Falls
    Period22/10/1725/10/17
    OtherSecureComm seeks high-quality research contributions in the form of well-developed papers. Topics of interest encompass research advances in ALL areas of secure communications and networking. Topics in other areas (e.g., formal methods, database security, secure software, theoretical cryptography) will be considered only if a clear connection to private or secure communication/networking is demonstrated.
    Internet address

    Fingerprint Dive into the research topics of 'An effective approach for dealing with the pressure to compromise security during systems development'. Together they form a unique fingerprint.

  • Cite this

    Al-Saggaf, Y. (2018). An effective approach for dealing with the pressure to compromise security during systems development. In X. Lin, A. Ghorbani, K. Ren, S. Zhu, & A. Zhang (Eds.), Security and Privacy in Communication Networks: SecureComm 2017 International Workshops Proceedings (pp. 32-46). (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering; Vol. 239). Springer. https://doi.org/10.1007%2F978-3-319-78816-6_3