Paper Info
Title
On small-scale IT users' system architectures and cyber security: A UK case study.
Abstract
Despite long-standing predictions that developments in, for example, personal and cloud computing practices would change the ways in which we approach security, small-scale IT users (SSITUs) remain ill-served by existing cyber security practices. Following an extensive study of the adoption of cyber security in UK-based SSITUs, this paper discusses results pertaining to technologies employed by such organisations, with respect to their ability to apply security measures. We determine: that the system architectures employed by SSITUs are significantly different from those employed by large corporate or government entities; that the architecture of a small organisation's digital footprint has far more impact on their overall security than would be the case for a large organisation; and that SSITUs do not hold sufficient influence within the supply chain to manage cyber security in their interactions with service providers. We show that improving small-scale cyber security architectures is not simply about developing new technology; rather, there are additional needs to consider, including technology use in the context of interactions that occur within a broader ecosystem of a supply chain, users with multiple roles, and the impact of the digital footprint on security.
Year
DOI
Venue
2017
10.1016/j.cose.2017.05.001
Computers & Security
Keywords
Field
DocType
Cyber security,Security architecture,System architecture,SME,Charity,Home users,Supply chain
Security convergence,Security through obscurity,Computer science,Computer security,Asset (computer security),Sherwood Applied Business Security Architecture,Security service,Cloud computing security,Security information and event management,Computer security model
Journal
Volume
ISSN
Citations 
70
0167-4048
1
PageRank 
References 
Authors
0.35
16
2
Name
Order
Citations
PageRank
Emma Osborn110.35
Andrew Simpson228249.37