Previous case studies demonstrate that security professionals often fail to consider how the policies they put in place could affect the day-to-day activities of employees in their companies.
First, we need to understand whether security managers perceive this as a problem. To explore this further, a number of interviews were conducted with security managers of major UK-based firms.
All of the information security experts selected to participate in the study had seven or more years of work experience in the field of information security and were holding managerial positions in their companies at the time of the interview.
The following insights from security managers were gathered as part of research ...