There is currently a paucity of literature focusing on the relationship between theactions of staff members, who perpetrate some form of computer abuse, and theorganisational environment in which such actions take place. A greater understandingof such a relationship may complement existing security practices by possiblyhighlighting new areas for safeguard implementation. To help facilitate a greaterunderstanding of the offender/environment dynamic, this paper assesses the feasibilityof applying criminological theory to the IS security context. More specifically, threetheories are advanced, which focus on the offender's behaviour in a criminal setting. Drawing on an account of the Barings Bank collapse, events highlighted in the casestudy are used to assess whether concepts central to the theories are supported by thedata. It is noted that while one of the theories is to be found wanting in terms ofconceptual sophistication, the case can be made for the further exploration of applyingall three in the IS security context.
|Status||Udgivet - 2005|