A Study on Security and Privacy Practices in Danish Companies

Asmita Dalela; Saverio Giallorenzo; Oksana Kulyk; Jacopo Mauro; Elda Paja

A Study on Security and Privacy Practices in Danish Companies

Asmita Dalela, Saverio Giallorenzo, Oksana Kulyk, Jacopo Mauro, Elda Paja

Publikation: Konference artikel i Proceeding eller bog/rapport kapitel › Konferencebidrag i proceedings › Forskning › peer review

Abstract

Increased levels of digitalization in society expose companies to new security threats, requiring them to establish adequate security and privacy measures. Additionally, the presence of exogenous forces like new regulations, e.g., GDPR and the global COVID-19 pandemic, pose new challenges for companies that should preserve an adequate level of security while having to adapt to change. In this paper, we investigate such challenges through a two-phase study in companies located in Denmark---a country characterized by a high level of digitalization---focusing on software development and tech-related companies. Our results show a number of issues, most notably i) a misalignment between software developers and management when it comes to the implementation of security and privacy measures, ii) difficulties in adapting company practices in light of implementing GDPR compliance, and iii) different views on the need to adapt security measures to cope with the COVID-19 pandemic.

Originalsprog	Engelsk
Titel	Usable Security and Privacy (USEC) Symposium 2022
Forlag	Internet society
Publikationsdato	apr. 2022
ISBN (Elektronisk)	1-891562-79-7
Status	Udgivet - apr. 2022

Adgang til dokumentet

https://www.ndss-symposium.org/wp-content/uploads/usec2022_23094_paper.pdf

Citationsformater

@inproceedings{170b05e3901f4731867bfa43c299ff12,

title = "A Study on Security and Privacy Practices in Danish Companies",

abstract = "Increased levels of digitalization in society expose companies to new security threats, requiring them to establish adequate security and privacy measures. Additionally, the presence of exogenous forces like new regulations, e.g., GDPR and the global COVID-19 pandemic, pose new challenges for companies that should preserve an adequate level of security while having to adapt to change. In this paper, we investigate such challenges through a two-phase study in companies located in Denmark---a country characterized by a high level of digitalization---focusing on software development and tech-related companies. Our results show a number of issues, most notably i) a misalignment between software developers and management when it comes to the implementation of security and privacy measures, ii) difficulties in adapting company practices in light of implementing GDPR compliance, and iii) different views on the need to adapt security measures to cope with the COVID-19 pandemic.",

keywords = "Security, Privacy, Organizational practices, Organizational culture, COVID-19, GDPR",

author = "Asmita Dalela and Saverio Giallorenzo and Oksana Kulyk and Jacopo Mauro and Elda Paja",

year = "2022",

month = apr,

language = "English",

booktitle = "Usable Security and Privacy (USEC) Symposium 2022",

publisher = "Internet society",

}

TY - GEN

T1 - A Study on Security and Privacy Practices in Danish Companies

AU - Dalela, Asmita

AU - Giallorenzo, Saverio

AU - Kulyk, Oksana

AU - Mauro, Jacopo

AU - Paja, Elda

PY - 2022/4

Y1 - 2022/4

N2 - Increased levels of digitalization in society expose companies to new security threats, requiring them to establish adequate security and privacy measures. Additionally, the presence of exogenous forces like new regulations, e.g., GDPR and the global COVID-19 pandemic, pose new challenges for companies that should preserve an adequate level of security while having to adapt to change. In this paper, we investigate such challenges through a two-phase study in companies located in Denmark---a country characterized by a high level of digitalization---focusing on software development and tech-related companies. Our results show a number of issues, most notably i) a misalignment between software developers and management when it comes to the implementation of security and privacy measures, ii) difficulties in adapting company practices in light of implementing GDPR compliance, and iii) different views on the need to adapt security measures to cope with the COVID-19 pandemic.

AB - Increased levels of digitalization in society expose companies to new security threats, requiring them to establish adequate security and privacy measures. Additionally, the presence of exogenous forces like new regulations, e.g., GDPR and the global COVID-19 pandemic, pose new challenges for companies that should preserve an adequate level of security while having to adapt to change. In this paper, we investigate such challenges through a two-phase study in companies located in Denmark---a country characterized by a high level of digitalization---focusing on software development and tech-related companies. Our results show a number of issues, most notably i) a misalignment between software developers and management when it comes to the implementation of security and privacy measures, ii) difficulties in adapting company practices in light of implementing GDPR compliance, and iii) different views on the need to adapt security measures to cope with the COVID-19 pandemic.

KW - Security

KW - Privacy

KW - Organizational practices

KW - Organizational culture

KW - COVID-19

KW - GDPR

M3 - Article in proceedings

BT - Usable Security and Privacy (USEC) Symposium 2022

PB - Internet society

ER -

A Study on Security and Privacy Practices in Danish Companies

Abstract

Adgang til dokumentet

Fingeraftryk

Citationsformater