Skip to main content

Research Repository

Advanced Search

Folk risk analysis: factors influencing security analysts' interpretation of risk.

M'manga, Andrew; Faily, Shamal; McAlaney, John; Williams, Christopher

Authors

Andrew M'manga

John McAlaney

Christopher Williams



Abstract

There are several standard approaches to risk analysis recommended for use in information security, however, the actual application of risk analysis by security analysts follows an opaque mix of standard risk analysis procedures and adaptations based on an analyst's understanding of risk. We refer to these approaches as Folk Risk Analysis. To understand folk risk analysis, we present the results of a study where Distributed Cognition and Grounded Theory were used to elicit factors influencing risk interpretation by security analysts, and the constrained conditions to risk decision-making they encounter.

Citation

M'MANGA, A., FAILY, S., MCALANEY, J. and WILLIAMS, C. 2017. Folk risk analysis: factors influencing security analysts' interpretation of risk. Presented at the 3rd Workshop on security information workers (WSIW 2017), part of the 13th Symposium on usable privacy and security (SOUPS 2017), co-located with the 2017 USENIX annual technical conference (USENIX ATC 2017), 12-14 July 2017, Santa Clara, USA. Hosted on the USENIX website [online]. Available from: https://www.usenix.org/conference/soups2017/workshop-program/wsiw2017/mmanga

Presentation Conference Type Conference Paper (unpublished)
Conference Name 3rd Workshop on security information workers (WSIW 2017), part of the 13th Symposium on usable privacy and security (SOUPS 2017), co-located with the 2017 USENIX annual technical conference (USENIX ATC 2017)
Conference Location Santa Clara, USA
Start Date Jul 12, 2017
End Date Jul 14, 2017
Deposit Date Oct 5, 2021
Publicly Available Date Dec 7, 2021
Keywords Systems security; Security risk analysis; Decision-making; Software engineering
Public URL https://rgu-repository.worktribe.com/output/1437909
Publisher URL https://www.usenix.org/conference/soups2017/workshop-program/wsiw2017/mmanga

Files





You might also like



Downloadable Citations