When Sentry Goes Stealing: An Information Systems Security Case Study in Behavioural Context

Abstract

In this paper we describe a case where the top management of a small holding company is involved in a love-hate relationship with its own IT department. The top management firmly believes that IT staff is involved in leaking out company’s secrets. However, having no expertise in IT and even lesser grasp on the complexity of IT architecture resulting from recent mergers and acquisition, the top management finds itself crucially dependent on its IT systems, yet unable to trust them fully. The theories of deterrence and reasoned action are used to explain the otherwise objectionable behaviour of the perpetrator.