Examining the case for the compulsory reporting of security failure in UK

Petrigh, Matthieu (2016) Examining the case for the compulsory reporting of security failure in UK. BSc dissertation, University of Portsmouth.

[img] PDF
Restricted to Registered users only

Download (673kB)

    Abstract

    Security is an important issue. It is a matter of potential organisational collapse, a road either to perpetuity or to ruin. However and despite such assertions, force is to acknowledge that security all too often fails. This dissertation focuses on improving the understanding of the concept and causes of security failures and on assessing the opinions of various security managers towards a hypothetical strategic means of minimising such incidences: the compulsory reporting of security failures in UK. A mixed-methods approach has been chosen for this study. Surveys have been distributed to 2344 research subjects, semi-structured interviews conducted on twelve selected individuals and an in-depth review of the existing literature on the topics of security failure, safety failure, human error, security management and risk management carried out. This research produced a number of key findings: there is no agreed definition of the term ‘security failure’; that organisations tend to analyse security failure in a subjective way, either proactively or retrospectively; that the structuring of security failure can be patterned and articulated around three common features, namely causal factors, shaping processes and consequentiality; that organisations do not necessarily follow the latest academic developments in terms of failure prevention; that the way organisations are learning from security failures is rather active and mostly experiential and cognitive; that organisations seem supporting the idea that the reporting of security failures in UK should be compulsory. The main conclusions drawn from this research were that current approaches to tackle the problem of security failures are deficient because they fail to embrace a holistic approach to failure prevention, instead opting for an outdated and narrow view of failure prevention, and that further research should be conducted in order to examine in depth the potential of making the reporting of security failures in UK a compulsory activity. The research argues for a holistic model of doing security adapted from the work of Button (2008) to reduce the incidences of security failures. One that takes into account human errors, technology malfunction, failure analysis, benefactors reliability and proactive learning. It also argues that more research should be conducted in order to ascertain of the need for and utility of the compulsory reporting of security failures in UK.

    Item Type: Dissertation
    Departments/Research Groups: Faculty of Humanities and Social Sciences > Institute of Criminal Justice Studies
    Depositing User: Jane Polwin
    Date Deposited: 20 Jan 2017 16:24
    Last Modified: 20 Jan 2017 16:24
    URI: http://eprints.port.ac.uk/id/eprint/22764

    Actions (login required)

    View Item

    Document Downloads

    More statistics for this item...