A Critical assesment of IS Security Research Between 1990-2004

Robert Andrew Willison, Mikko Siponen

    Research output: Working paperResearch

    110 Downloads (Pure)


    This paper reviews the IS security literature for the period 1990-2004. More specifically three security journals and the top twenty IS journals were examined. In total 1280 papers were analysed in terms of theories, research methods and research topics. Our research found that 1043 of the papers contained no theory. In addition, almost 1000 of the papers were categorized as ‘subjective-argumentative’ in terms of methodology, with field experiments, surveys, case studies and action research accounting for less that 10% (8.10%) of all the papers. Fifty nine research topics were identified with fourteen of these topics totaling 71.05% of the articles.

    This papers offers implications for future research directions on IS security, scholars to publish IS security research, tenure practice, and IS security classification schemas.
    Original languageEnglish
    Place of PublicationFrederiksberg
    PublisherDepartment of Informatics INF, Copenhagen Business School
    Number of pages17
    Publication statusPublished - 2007

    Cite this