Assessing the Feasibility of Applying Criminological Theory to
the IS Security Context Robert Willison
This format serves as the rubric by which your effort will be graded.>>
Essay
If you choose an essay, you should evaluate it according to the following format:
1.Summarize the article. (40 points)
2.What are its major conclusions? (12 points)
3.What are the articles strengths? (12 points)
4.What are its weaknesses? (12 points)
5.Were the conclusions properly drawn and supported? How? (12 points)
6.Which ones, if any, were not? Show why not. (12 points)
Understanding the Offender/Environment Dynamic for Computer
Crimes: Assessing the Feasibility of Applying Criminological Theory to
the IS Security Context
Robert Willison
Department of Informatics, Copenhagen Business School
rw.inf@cbs.dk
Abstract
There is currently a paucity of literature
focusing on the relationship between the actual
actions of staff members, who perpetrate some
form of computer abuse, and the organisational
environment in which such actions take place. A
greater understanding of such a relationship may
complement existing security practices by possibly
highlighting new areas for safeguard
implementation. In addition, if insights are
afforded into the actions of dishonest staff, prior to
the actual perpetration of a crime, then
organisations may be able to expand their
preventive scope, rather than relying solely on
technical safeguards to stop the actual commission
of some form of computer abuse. To help facilitate
a greater understanding of the
offender/environment dynamic, this paper assesses
the feasibility of applying criminological theory to
the IS security context. More specifically, three
theories are advanced, which focus on the
offenders behaviour in a criminal setting. After
opening with a description of the theories, the
paper provides an account of the Barings Bank
collapse. Events highlighted in the case study are
used to assess whether concepts central to the
theories are supported by the data. The paper
concludes by summarising the major findings and
discussing future research possibilities.
1. Introduction
There is currently little written about the
relationship between the actual criminal actions of
staff members, who perpetrate some form of
computer abuse, and the organisational
environment in which such actions take place [1].
Insights into such a relationship may complement
existing IS security practices by possibly
highlighting additional areas in which safeguards
could be introduced. More specifically, if insights
are afforded into the actions of dishonest staff,
prior to the actual perpetration of a crime, then
organisations may be able to expand their
preventive scope. Rather than relying solely on
technical safeguards such as intrusion detection
tools and password system to help stop the
commission of a computer crime, other safeguards
designed to prevent criminal behaviour, prior to
perpetration, would prove to be a useful addition
in the preventive armoury of IS security
practitioners. In an attempt to facilitate a clear
understanding of the offender/environment
dynamic, this paper assesses the feasibility of
applying criminological theory to the IS security
context. Three theories are advanced which
specifically address the offenders behaviour in the
criminal setting. The paper opens with a
description of the criminological approaches,
which include routine activity theory,
environmental criminology and the rational choice
perspective.
"Looking for a Similar Assignment? Get Expert Help at an Amazing Discount!"