Abstract
This paper examines the use of visualisations in the field of information security and in particular focuses on the practice of information security risk assessment. We examine the current roles of information security visualisations and place these roles in the wider information visualisation discourse.
We present an analytic lens which divides visualisations into three categories: journalistic, scientic and critical visualisations. We then present a case study that uses these three categories of visualisations to further support information security practice.
Two signicant results emerge from this case study: (1)
visualisations that promote critical thinking and reflection (a form of critical visualisation) support the multi-stakeholder nature of risk assessment and (2) a preparatory stage in risk assessment is sometimes needed by service designers in order to establish the service design before conducting a formal risk assessment.
The reader is invited to explore the images in the digital version of this paper where they can zoom in to particular aspects of the images and view the images in colour.
| Original language | English |
|---|---|
| Title of host publication | New Security Paradigm Workshop (NSPW) |
| Place of Publication | New York |
| Publisher | Association for Computing Machinery |
| Pages | 59-72 |
| Number of pages | 14 |
| ISBN (Print) | 978-1-4503-3754-0 |
| DOIs | |
| Publication status | Published - Sep 2015 |
| Event | 2015 New Security Paradigms Workshop, NSPW 2015 - Twente, Netherlands Duration: 8 Sep 2015 → 11 Sep 2015 |
Workshop
| Workshop | 2015 New Security Paradigms Workshop, NSPW 2015 |
|---|---|
| Abbreviated title | NSPW |
| Country/Territory | Netherlands |
| City | Twente |
| Period | 8/09/15 → 11/09/15 |
Keywords
- EC Grant Agreement nr.: FP7/318003
- EC Grant Agreement nr.: FP7/2007-2013
- n/a OA procedure