Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trust, Privacy and Security in Digital Business

TrustBus 2007: Trust, Privacy and Security in Digital Business pp 228–236Cite as

Using the Lens of Circuits of Power in Information Systems Security Management

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4657))

Abstract

This paper uses the perspective of power in the study of IS security management. We explore the role of power in the implementation of an information systems security policy, using the Circuits of Power as a Framework for the analysis. A case study research was conducted in a public sector organization that introduced a security policy in order to comply with the law. The authors interviewed members of the organization to explore the different aspects of power relations which were intertwined with the implementation of the policy and used the Circuits of Power to analyze the data gathered. The conclusions derived from the analysis illustrate the role of power in the policy implementation process and indicate that a power perspective provides useful insight in the study of factors affecting the implementation of security policies.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Avgerou, C.: Information systems: what sort of science is it? Omega 28, 567–579 (2000)

    Article  Google Scholar 

  2. Markus, L.: Power, Politics, and MIS Implementation. Communications of the ACM 26(6), 430–444 (1983)

    Article  Google Scholar 

  3. Silva, L., Backhouse, J.: The Circuits-of-Power Framework for Studying Power in Institutionalization of Information Systems. Journal of the Association for Information Systems 4(6), 294–336 (2003)

    Google Scholar 

  4. Doolin, B.: Power and resistance in the implementation of a medical management information system. Info Systems J. 14, 343–362 (2004)

    Article  Google Scholar 

  5. Karyda, M., Kiountouzis, E., Kokolakis, S.: Information systems security policies: a contextual perspective. Computers and Security 24(3), 246–260 (2005)

    Article  Google Scholar 

  6. Hone, K., Eloff, J.: What makes an effective security policy? Network and Security 6, 14–16 (2002)

    Article  Google Scholar 

  7. Goodwin, B.: Companies are at risk from staff ignorance. Computer Weekly, 00104787, 1/27/2004 (2004)

    Google Scholar 

  8. Hirschheim, R., Newman, M.: Symbolism and Information Systems Development: Myth, Metaphor and Magic. Information Systems Research 2(1), 29–62 (1991)

    Article  Google Scholar 

  9. Zuboff, S.: In the age of the smart machine. Basic Books, New York (1988)

    Google Scholar 

  10. Sewell, G., Wilkinson, B.: Someone to watch over me: surveillance, discipline and just-in-time labour process. Sociology 26, 271–289 (1992)

    Article  Google Scholar 

  11. Markus, L., Bjorn-Andersen, N.: Power over users: Its exercise by system professionals. Communications of the ACM 30(6), 498–504 (1987)

    Article  Google Scholar 

  12. Jasperson, J., Carte, T., Saunders, C., Butler, B., Croes, H., Zheng, W.: Review: Power and Information Technology Research. MIS Quarterly 26(4), 397–459 (2002)

    Article  Google Scholar 

  13. Dhillon, G., Backhouse, J.: Current directions in IS security research: towards socio-organisational perspectives. Information Systems Journal (11), 127–153 (2001)

    Article  Google Scholar 

  14. Karyda, M., Kokolakis, S., Kiountouzis, E.: Redefining Information Systems Security: Viable Information Systems. In: The Proceedings of the 16th IFIP International Conference on Information Security (SEC 2001), Paris, France, June 2001, pp. 453–467. Kluwer Academic Publishers, Dordrecht (2001)

    Google Scholar 

  15. Lipson, H., Fisher, D.: Survivability – a new technical and business perspective on security. In: The proceedings of the New Security Paradigm Workshop, June 1999, Canada (1999)

    Google Scholar 

  16. Dhillon, G., Backhouse, J.: Information System Security Management in the new Millennium. Communications of the ACM 43(7), 125–128 (2000)

    Article  Google Scholar 

  17. Introna, L., Pouloudi, A.: Privacy in the Information Age: Stakeholders, Interests and Values. Journal of Business Ethics 22, 27–38 (1999)

    Article  Google Scholar 

  18. Wood, C.: An unappreciated reason why security policies fail. Computer Fraud and Security 10, 13–14 (2000)

    Article  Google Scholar 

  19. Wood, C.: Information systems security: Management success factors. Computer and Security 6, 314–320 (1987)

    Article  Google Scholar 

  20. Clegg, S.R.: Frameworks of power. Sage Publications, London (1989)

    Google Scholar 

  21. Callon, M.: Some elements of sociology of translation: Domestication of the scallops and the fishermen of St Brieuc Bay. In: Law, J. (ed.) Power, Action and Belief, pp. 196–233. Routledge and Kegan Paul, London (1986)

    Google Scholar 

  22. Latour, B.: Science in Action. Harvard University Press, Cambridge, MA (1987)

    Google Scholar 

  23. Foucault, M.: Power/Knowledge: Selected interviews and other writings 1972-77. Harvester Press, Brighton, UK (1980)

    Google Scholar 

  24. Lukes, S.: Power: A radical view. The Macmillan Press Ltd, London (1974)

    Google Scholar 

  25. Giddens, A.: The constitution of society. Polity press, Cambridge, UK (1984)

    Google Scholar 

  26. Backhouse, J., Hsu, C., Silva, L.: Circuits of Power in Creating de jure Standards: Shaping an International Information Systems Security Standard. MIS Quarterly 30, 413–438 (2006)

    Google Scholar 

  27. Latour, B.: Reassembling the Social: An Introduction to Actor-Network-Theory. Oxford University Press, Oxford (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of the Aegean, Department of Information and Communication Systems Engineering, Karlovassi, Samos, GR 83200, Greece

    Christos Fragos & Maria Karyda

  2. Athens University of Economics and Business, Department of Informatics, Patission 76, Athens, GR 10434, Greece

    Evangelos Kiountouzis

Authors
  1. Christos Fragos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maria Karyda
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Evangelos Kiountouzis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Costas Lambrinoudakis Günther Pernul A Min Tjoa

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fragos, C., Karyda, M., Kiountouzis, E. (2007). Using the Lens of Circuits of Power in Information Systems Security Management. In: Lambrinoudakis, C., Pernul, G., Tjoa, A.M. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2007. Lecture Notes in Computer Science, vol 4657. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74409-2_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74409-2_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74408-5

  • Online ISBN: 978-3-540-74409-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation