The Utilization of Information Systems Security in SMEs in the South East of Ireland

  • Amanda Freeman
  • Liam Doyle
Conference paper


The protection of information has always been a challenge. There is a lack of academic research regarding the protection of information in small to medium sized enterprises (SMEs). The purpose of this research study was to gain an under-standing of the role of information systems security in SMEs in the South East of Ireland. This paper outlines the importance of SMEs in Ireland and examines the implementation of information systems security in those organisations. The study reports on the security technologies that are implemented and examines issues re-garding the implementation of those technologies. This study employed a quanti-tative approach to gather empirical data


Security Policy Security Technology Security Breach Inside Attack Security Expertise 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Curran J, Blackburn R (2001) Researching the small business. Sage Publications, LondonGoogle Scholar
  2. 2.
    European Commission (2003) Commission adopts a new definition of micro, small and medium sized enterprises in Europe [Online]. Available from, Accessed 16th May 2006
  3. 3.
    OECD (2002) OECD small and medium enterprise outlook. OECD Publications, ParisGoogle Scholar
  4. 4.
    Levy M, Powell P (1997) SME flexibility and the role of information systems. Small Bus Econ 11(2):183–196CrossRefGoogle Scholar
  5. 5.
    Forfas (1998) Annual competitiveness report 1998 – SME Performance, DublinGoogle Scholar
  6. 6.
    Golden W, Griffin M (1998) A survey of internet commerce in small and medium sized enterprises. National University of Ireland, GalwayGoogle Scholar
  7. 7.
    Ballantine J, Levy M, Powell P (1998) Evaluating information systems in small and medium-sized enterprises: issues and evidence. Eur J Inf Syst 7(4):241–251CrossRefGoogle Scholar
  8. 8.
    Levy M, Powell P, Yetton P (2002) The dynamics of SME information systems. Small Bus Econ 19(4):341–354CrossRefGoogle Scholar
  9. 9.
    Whitman M, Mattord H (2002) Principles of information security. Course technology, 1st edn. Thomson/Course Technology, Boston, 16 December 2002Google Scholar
  10. 10.
    Dhillon G (2006) Principles of information systems security. Wiley, New JerseyGoogle Scholar
  11. 11.
    Posthumus S, Von-Solms R (2004) A framework for the governance of information security. Comput Secur 23(8):638–646CrossRefGoogle Scholar
  12. 12.
    Saltzman S (2004) Fraudulent bugs. Irish Comput 28(5):18Google Scholar
  13. 13.
    Williams N (2004) Security – stop outside getting in. Irish Comput 28(5):36–38Google Scholar
  14. 14.
    Bednarz A (2004) Crime and punishment. Network World 21(37):49Google Scholar
  15. 15.
    Dhillon G, Backhouse J (2000) Information system security management in the new millennium. Communications ACM 43(7):125–128CrossRefGoogle Scholar
  16. 16.
    Garg A, Curtis J, Halper H (2003) Quantifying the financial impact of IT security breaches. Inf Manage Comput Secur 11(2):74–83Google Scholar
  17. 17.
    Carr N (2003) IT doesn't matter. Harv Bus Rev 81(5):41–49Google Scholar
  18. 18.
    Austin R, Darby C (2003) The myth of secure computing. Harv Bus Rev 81(6):120–126Google Scholar
  19. 19.
    Stich P (2005) IT security: the human factor. ISSA J:27–29, February 2005Google Scholar
  20. 20.
    CCI (2005) SME e-business survey 2005, Chambers of Commerce of Ireland. DublinGoogle Scholar
  21. 21.
    Collins J (2005) Staying within the law, Sunday business post, October, 1–35Google Scholar
  22. 22.
    Winkler I (2003). Zen and the art of cyber security. In Proceedings of the IDC security conference. Croke Park, DublinGoogle Scholar
  23. 23.
    Leach J (2003) Improving user security behaviour. Comput Secur 22(8):685–692CrossRefGoogle Scholar
  24. 24.
    Robinson F (2001) High-end IT security: no longer a distant pipe dream for SMEs. Comput Fraud Secur (9):12–14Google Scholar
  25. 25.
    Weil S (2003) Creating high-quality security policies. Inf Syst Secur Assoc J:10–14, May 2003Google Scholar
  26. 26.
    Higgins HN (1999) Corporate system security: towards an integrated management approach. Inf Manage Comput Secur 7(5):217–222Google Scholar
  27. 27.
    Karyda M, Kiountouzis E, Kokolakis S (2004) Information systems security policies: a contextual perspective. Comput Secur 24(3):1–7Google Scholar
  28. 28.
    Dhillon G (2001) Violations of safeguards by trusted personnel and understanding related information security concerns. Comput Secur 20(2):165–172CrossRefGoogle Scholar
  29. 29.
    Dinnie G (1999) The second annual global information security survey. Inf Manage Comput Secur 7(3):112–120Google Scholar
  30. 30.
    Ernst and Young (2004) Global information security survey 2004, Ernst and YoungGoogle Scholar
  31. 31.
    Schneier B (2004) Customers, passwords, and web sites. Computer 37(4):88CrossRefGoogle Scholar
  32. 32.
    CSI/FBI (2005) Computer crime and security survey 2005, Computer Security InstituteGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  1. 1.Waterford Institute of TechnologyWaterfordIreland
  2. 2.Waterford Institute of TechnologyWaterfordIreland

Personalised recommendations