Threats and countermeasures for information system security: A cross-industry study

Quey Jen Yeh, Arthur Jung Ting Chang

Research output: Contribution to journalArticlepeer-review

97 Citations (Scopus)

Abstract

IS security threats have increased significantly in recent years. We identified the gaps between manager perceptions of IS security threats and the security countermeasures adopted by firms by collecting empirical data from 109 Taiwanese enterprises. Industry type and organizational use of IT were seen as the two factors that affected the motivation of firms to adopt security countermeasures, but their implementation did not necessarily affect the threat perceptions of the managers. Analyses of responses suggested that the scope of the countermeasures adopted were not commensurate with the severity of the perceived threats. Among the threats, networks were rated as contributing the most severe threat and yet had the lowest level of protection, this was followed by threats due to personnel and administrative issues. We therefore addressed threat mitigation strategies, specifically in terms of the differences between industries.

Original languageEnglish
Pages (from-to)480-491
Number of pages12
JournalInformation and Management
Volume44
Issue number5
DOIs
Publication statusPublished - 2007 Jul 1

All Science Journal Classification (ASJC) codes

  • Management Information Systems
  • Information Systems
  • Information Systems and Management

Fingerprint Dive into the research topics of 'Threats and countermeasures for information system security: A cross-industry study'. Together they form a unique fingerprint.

Cite this