Abstract
Drawing inspiration from bureaucracy and information security literature, we develop the theory of security bureaucracy—an evolutionary framework that describes how organizations arrive at their information-securing approaches. Within this framework, we describe three general bureaucratic archetypes (i.e., Security Prototype, Security Structure, and Security Superstructure) that emerge from the interplay between control and expertise. We also expound on the phenomenon of security bureaucracy and delineate how organizations can transition from coercive “iron cages” to enabling “iron shields” in information securing. We also use our security establish-enforce-enculturate (3E) evolutionary framework to inform a proposed variance model of security bureaucracy. Our efforts offer significant insights and implications for organizational information security research and practice.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callSimilar Papers
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
