Organizational Impacts of Cyber Security Provisions: A Sociotechnical Framework

Anthony Cresswell, Shahidul Hassan
2007 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07)  
In this paper, we outline a conceptual framework for linking cyber security provisions to business processes. The framework is presented for use in analyzing the cost and performance impacts of cyber security implementation on business processes in government agencies and other organizations. We argue that such an analysis should be based on a sociotechnical approach to understanding information security in the organizational context. The results of such analysis can be useful in government cyber security planning and investment decisions.
doi:10.1109/hicss.2007.418 dblp:conf/hicss/CresswellH07 fatcat:elg5x2h3qvg6rpstmtij76g5lq