NCJ Number
157914
Journal
Security Journal Volume: 6 Issue: 3 Dated: (October 1995) Pages: 177-181
Date Published
1995
Length
5 pages
Annotation
Deterrence is applied to information security, based on the premise that security professionals should consider deterrence a central concern, along with the existing technical and managerial approaches to computer crime prevention.
Abstract
Therefore, personnel security officials should determine how best to change the existing perceptions of employees and outsiders regarding both the risks of being caught in computer crime activities and the perceived payoffs from such activities. Actions that organizations can take to change employee attitudes include training about the legal as well as ethical aspects of information security, the establishment of social control mechanisms emphasizing that computer crime lets down colleagues, making control and security monitoring more visible, and distribution of information about punishments given to convicted computer criminals. Security professionals should be aware of what social science researchers know and do not know about deterrence, as well as the problems involved in applying the concept to computer crime. Deterring computer crime will require improved legislation and the study, development, and implementation of appropriate security measures. Deterrence of computer crime should focus on tailoring penalties to computer crime severity. Changes are also needed with respect to mandatory reporting. 26 references (Author abstract modified)