Information behavior of Information Security and Cryptography professionals

Abstract

This paper presents a user study of information security and cryptography professionals, focusing on the use of information behavior models. The methodological procedure proposed in this paper uses as a base model the information behavior model proposed by Choo et al. (2000), which divides human information behavior into three processes: information need, seek and use. The exploratory, descriptive and quali-quantitative study was carried out with 50 professionals from the Brazilian Community of Information Security and Cryptography (Comsic) through questionnaires, interviews and documentary analysis. Four subgroups were identified: cryptographic algorithms and protocols research group, cryptographic hardware and firmware development group, network security professionals group, and information security managers group.