An effective approach for dealing with the pressure to compromise security during systems development

Yeslam Al-Saggaf

doi:10.1007%2F978-3-319-78816-6_3

An effective approach for dealing with the pressure to compromise security during systems development

Research output: Book chapter/Published conference paper › Conference paper › peer-review

Abstract

This study looks into (1) the frequency with which Australian IT professionals compromise security to meet deadlines; (2) the causes of unprofessional behavior in the IT work place; (3) the best approach for tackling unprofessional behavior; and the effectiveness of this approach. These issues were addressed using a mixed research methodology that involved three data collection stages with the input of each stage being the output of the earlier stage. In the first stage, we conducted a survey of 2,315 Australian IT professionals which the Australian Computer Society helped promote. In the second stage, we interviewed 43 Australian IT professionals from six different Australian state capitals to understand the causes of unprofessional behavior in the IT work place and the best approach for tackling unprofessional behavior. Following the research participants’ suggestions, I implemented the approach suggested by the majority of participants. I then shared the links of the approach I implemented with the Australian IT professionals via the Australian Computer Society. In the final stage, I interviewed 28 IT professionals to receive their feedback with regards to the effectiveness of this approach in enhancing young IT professionals’ abilities to recognize unprofessional behavior. This paper presents the results from the three stages of this study.

Original language	English
Title of host publication	Security and Privacy in Communication Networks
Subtitle of host publication	SecureComm 2017 International Workshops Proceedings
Editors	Xiaodong Lin, Ali Ghorbani, Kui Ren, Sencun Zhu, Aiqing Zhang
Publisher	Springer
Pages	32-46
Number of pages	15
ISBN (Electronic)	9783319788166
ISBN (Print)	9783319788159
DOIs	https://doi.org/10.1007%2F978-3-319-78816-6_3
Publication status	Published - 25 Apr 2018
Event	13th International Conference on Security and Privacy in Communication Networks: SecureComm 2017 - Crowne Plaza Niagara Falls – Fallsview, Niagara Falls, Canada Duration: 22 Oct 2017 → 25 Oct 2017 http://securecomm.eai-conferences.org/ (Conference website)

Publication series

Name	Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
Publisher	Springer
Volume	239
ISSN (Electronic)	1867-8211

Conference

Conference	13th International Conference on Security and Privacy in Communication Networks
Country/Territory	Canada
City	Niagara Falls
Period	22/10/17 → 25/10/17
Other	SecureComm seeks high-quality research contributions in the form of well-developed papers. Topics of interest encompass research advances in ALL areas of secure communications and networking. Topics in other areas (e.g., formal methods, database security, secure software, theoretical cryptography) will be considered only if a clear connection to private or secure communication/networking is demonstrated.
Internet address	http://securecomm.eai-conferences.org/ (Conference website)

Access to Document

10.1007%2F978-3-319-78816-6_3

Cite this

Al-Saggaf, Y. (2018). An effective approach for dealing with the pressure to compromise security during systems development. In X. Lin, A. Ghorbani, K. Ren, S. Zhu, & A. Zhang (Eds.), Security and Privacy in Communication Networks: SecureComm 2017 International Workshops Proceedings (pp. 32-46). (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering; Vol. 239). Springer. https://doi.org/10.1007%2F978-3-319-78816-6_3

Al-Saggaf, Yeslam. / An effective approach for dealing with the pressure to compromise security during systems development. Security and Privacy in Communication Networks: SecureComm 2017 International Workshops Proceedings. editor / Xiaodong Lin ; Ali Ghorbani ; Kui Ren ; Sencun Zhu ; Aiqing Zhang. Springer, 2018. pp. 32-46 (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering).

@inproceedings{27b1858b88d447fab62041c4d590e681,

title = "An effective approach for dealing with the pressure to compromise security during systems development",

abstract = "This study looks into (1) the frequency with which Australian IT professionals compromise security to meet deadlines; (2) the causes of unprofessional behavior in the IT work place; (3) the best approach for tackling unprofessional behavior; and the effectiveness of this approach. These issues were addressed using a mixed research methodology that involved three data collection stages with the input of each stage being the output of the earlier stage. In the first stage, we conducted a survey of 2,315 Australian IT professionals which the Australian Computer Society helped promote. In the second stage, we interviewed 43 Australian IT professionals from six different Australian state capitals to understand the causes of unprofessional behavior in the IT work place and the best approach for tackling unprofessional behavior. Following the research participants{\textquoteright} suggestions, I implemented the approach suggested by the majority of participants. I then shared the links of the approach I implemented with the Australian IT professionals via the Australian Computer Society. In the final stage, I interviewed 28 IT professionals to receive their feedback with regards to the effectiveness of this approach in enhancing young IT professionals{\textquoteright} abilities to recognize unprofessional behavior. This paper presents the results from the three stages of this study.",

keywords = "Compromising security, Australian organizations, Systems development, IT professionals, Professional ethics",

author = "Yeslam Al-Saggaf",

year = "2018",

month = apr,

day = "25",

doi = "10.1007%2F978-3-319-78816-6_3",

language = "English",

isbn = "9783319788159",

series = "Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",

publisher = "Springer",

pages = "32--46",

editor = "Xiaodong Lin and Ali Ghorbani and Kui Ren and Sencun Zhu and Aiqing Zhang",

booktitle = "Security and Privacy in Communication Networks",

address = "United States",

note = "13th International Conference on Security and Privacy in Communication Networks : SecureComm 2017 ; Conference date: 22-10-2017 Through 25-10-2017",

url = "http://securecomm.eai-conferences.org/",

}

Al-Saggaf, Y 2018, An effective approach for dealing with the pressure to compromise security during systems development. in X Lin, A Ghorbani, K Ren, S Zhu & A Zhang (eds), Security and Privacy in Communication Networks: SecureComm 2017 International Workshops Proceedings. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 239, Springer, pp. 32-46, 13th International Conference on Security and Privacy in Communication Networks, Niagara Falls, Ontario, Canada, 22/10/17. https://doi.org/10.1007%2F978-3-319-78816-6_3

An effective approach for dealing with the pressure to compromise security during systems development. / Al-Saggaf, Yeslam.

Security and Privacy in Communication Networks: SecureComm 2017 International Workshops Proceedings. ed. / Xiaodong Lin; Ali Ghorbani; Kui Ren; Sencun Zhu; Aiqing Zhang. Springer, 2018. p. 32-46 (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering; Vol. 239).

Research output: Book chapter/Published conference paper › Conference paper › peer-review

TY - GEN

T1 - An effective approach for dealing with the pressure to compromise security during systems development

AU - Al-Saggaf, Yeslam

PY - 2018/4/25

Y1 - 2018/4/25

N2 - This study looks into (1) the frequency with which Australian IT professionals compromise security to meet deadlines; (2) the causes of unprofessional behavior in the IT work place; (3) the best approach for tackling unprofessional behavior; and the effectiveness of this approach. These issues were addressed using a mixed research methodology that involved three data collection stages with the input of each stage being the output of the earlier stage. In the first stage, we conducted a survey of 2,315 Australian IT professionals which the Australian Computer Society helped promote. In the second stage, we interviewed 43 Australian IT professionals from six different Australian state capitals to understand the causes of unprofessional behavior in the IT work place and the best approach for tackling unprofessional behavior. Following the research participants’ suggestions, I implemented the approach suggested by the majority of participants. I then shared the links of the approach I implemented with the Australian IT professionals via the Australian Computer Society. In the final stage, I interviewed 28 IT professionals to receive their feedback with regards to the effectiveness of this approach in enhancing young IT professionals’ abilities to recognize unprofessional behavior. This paper presents the results from the three stages of this study.

AB - This study looks into (1) the frequency with which Australian IT professionals compromise security to meet deadlines; (2) the causes of unprofessional behavior in the IT work place; (3) the best approach for tackling unprofessional behavior; and the effectiveness of this approach. These issues were addressed using a mixed research methodology that involved three data collection stages with the input of each stage being the output of the earlier stage. In the first stage, we conducted a survey of 2,315 Australian IT professionals which the Australian Computer Society helped promote. In the second stage, we interviewed 43 Australian IT professionals from six different Australian state capitals to understand the causes of unprofessional behavior in the IT work place and the best approach for tackling unprofessional behavior. Following the research participants’ suggestions, I implemented the approach suggested by the majority of participants. I then shared the links of the approach I implemented with the Australian IT professionals via the Australian Computer Society. In the final stage, I interviewed 28 IT professionals to receive their feedback with regards to the effectiveness of this approach in enhancing young IT professionals’ abilities to recognize unprofessional behavior. This paper presents the results from the three stages of this study.

KW - Compromising security

KW - Australian organizations

KW - Systems development

KW - IT professionals

KW - Professional ethics

UR - http://securecomm.eai-conferences.org/accepted-papers/#

UR - https://web.archive.org/web/20170920202108/http://securecomm.org:80/atcs-2017/

UR - http://securecomm.org/wp-content/uploads/sites/14/2017/08/ATCS-2017-Program-.pdf

U2 - 10.1007%2F978-3-319-78816-6_3

DO - 10.1007%2F978-3-319-78816-6_3

M3 - Conference paper

SN - 9783319788159

T3 - Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

SP - 32

EP - 46

BT - Security and Privacy in Communication Networks

A2 - Lin, Xiaodong

A2 - Ghorbani, Ali

A2 - Ren, Kui

A2 - Zhu, Sencun

A2 - Zhang, Aiqing

PB - Springer

T2 - 13th International Conference on Security and Privacy in Communication Networks

Y2 - 22 October 2017 through 25 October 2017

ER -

Al-Saggaf Y. An effective approach for dealing with the pressure to compromise security during systems development. In Lin X, Ghorbani A, Ren K, Zhu S, Zhang A, editors, Security and Privacy in Communication Networks: SecureComm 2017 International Workshops Proceedings. Springer. 2018. p. 32-46. (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering). https://doi.org/10.1007%2F978-3-319-78816-6_3

An effective approach for dealing with the pressure to compromise security during systems development

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this