{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,30]],"date-time":"2025-07-30T11:46:46Z","timestamp":1753876006120,"version":"3.41.2"},"reference-count":32,"publisher":"Oxford University Press (OUP)","issue":"1","license":[{"start":{"date-parts":[[2020,10,11]],"date-time":"2020-10-11T00:00:00Z","timestamp":1602374400000},"content-version":"vor","delay-in-days":284,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,1,1]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>It is a well-known fact that the language of IT security experts differs from that of non-security-related people, leading to a multitude of problems. However, very little work has examined the differences in perception between security experts within a single security department or company. The sociological theory of power relations and organizational uncertainties by Croizer and Friedberg suggests that uncertainties about the narratives used in a department can lead to potentially harmful power relations and dissatisfied employees. We conducted a qualitative interview study within two distinct IT security companies in order to research the impact of diverging security narratives within security departments. Our results show that there is indeed an uncertainty about the term IT security. However, one company we interviewed regarded this uncertainty as highly beneficial for team creativity, communication, and mutual education, while the other, more technical-focused company showed few diversions within the security staff, but a possibly uniting conflict with the company\u2019s IT department. Our results suggest that conscious shaping of a zone of uncertainty around the security narrative in the work context can be an important management skill for IT security practitioners. Furthermore, we show that the analysis of language uncertainties provides a powerful approach to studying the motivation of professional security groups.<\/jats:p>","DOI":"10.1093\/cybsec\/tyaa011","type":"journal-article","created":{"date-parts":[[2020,10,11]],"date-time":"2020-10-11T10:54:35Z","timestamp":1602413675000},"source":"Crossref","is-referenced-by-count":2,"title":["Exploring the security narrative in the work context"],"prefix":"10.1093","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4484-7639","authenticated-orcid":false,"given":"Karoline","family":"Busse","sequence":"first","affiliation":[{"name":"Usable Security and Privacy Group, Rheinische Friedrich-Wilhelms-Universitat Bonn, Bonn, Germany"},{"name":"Institut f\u00fcr Informatik IV Endenicher Allee 19a 53115 Bonn, Germany"}]},{"given":"Jennifer","family":"Seifert","sequence":"additional","affiliation":[{"name":"Faculty of Philosophy, Leibniz Universitat Hannover, Hannover, Germany"}]},{"given":"Matthew","family":"Smith","sequence":"additional","affiliation":[{"name":"Usable Security and Privacy Group, Rheinische Friedrich-Wilhelms-Universitat Bonn, Bonn, Germany"},{"name":"Institut f\u00fcr Informatik IV Endenicher Allee 19a 53115 Bonn, Germany"}]}],"member":"286","published-online":{"date-parts":[[2020,10,11]]},"reference":[{"year":"1923","key":"2020101106542761800_tyaa011-B1"},{"volume-title":"Philosophische Untersuchungen Kritisch-genetische Edition","year":"2001","author":"Wittgenstein","key":"2020101106542761800_tyaa011-B2"},{"volume-title":"Information Technology; Security Techniques; Information Security Management Guidelines for Telecommunications Organizations Based on ISO\/IEC 27002","year":"2009","author":"I. O. for Standardization","key":"2020101106542761800_tyaa011-B3"},{"volume-title":"Information Security: Protecting the Global Enterprise","year":"2000","author":"Pipkin","key":"2020101106542761800_tyaa011-B4"},{"first-page":"167","year":"2013","author":"Cherdantseva","key":"2020101106542761800_tyaa011-B5"},{"first-page":"103","year":"2015","author":"Blythe","key":"2020101106542761800_tyaa011-B6"},{"first-page":"347","volume-title":"Symposium on Usable Privacy and Security","author":"Chandran","key":"2020101106542761800_tyaa011-B7"},{"volume-title":"Qualitative Inhaltsanalyse, 12th edn","year":"2012","author":"Mayring","key":"2020101106542761800_tyaa011-B8"},{"volume-title":"Institutions and Organizations: Ideas and Interests","year":"2008","author":"Scott","key":"2020101106542761800_tyaa011-B9"},{"year":"1979","author":"Croizer","key":"2020101106542761800_tyaa011-B10"},{"volume-title":"Organisation und Unsicherheit","year":"2015","author":"Seidel","key":"2020101106542761800_tyaa011-B11"},{"volume-title":"Organisation - Eine sehr kurze Einf\u00fchrung","year":"2011","author":"K\u00fchl","key":"2020101106542761800_tyaa011-B12"},{"key":"2020101106542761800_tyaa011-B13","doi-asserted-by":"crossref","DOI":"10.4324\/9780080963594","volume-title":"Management Teams, 3rd edn","author":"Belbin","year":"2010"},{"key":"2020101106542761800_tyaa011-B14","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1007\/978-3-658-00603-7_5","volume-title":"Formalit\u00e4t Und Informalit\u00e4t in Organisationen","author":"Becke","year":"2015"},{"year":"2019","author":"Krombholz","key":"2020101106542761800_tyaa011-B15"},{"year":"2017","author":"Theofanos","key":"2020101106542761800_tyaa011-B16"},{"key":"2020101106542761800_tyaa011-B17","doi-asserted-by":"crossref","first-page":"551","DOI":"10.1016\/j.im.2014.03.009","article-title":"Bridging the divide: a qualitative comparison of information security thought patterns between information security professionals and ordinary organizational insiders","volume":"51","author":"Posey","year":"2014","journal-title":"Inform Manage"},{"first-page":"3639","year":"2008","author":"Hawkey","key":"2020101106542761800_tyaa011-B18"},{"key":"2020101106542761800_tyaa011-B19","first-page":"237","volume-title":"Twelfth Symposium on Usable Privacy and Security (SOUPS 2016)","author":"Sundaramurthy","year":"2016"},{"key":"2020101106542761800_tyaa011-B20","first-page":"357","volume-title":"Fourteenth Symposium on Usable Privacy and Security (SOUPS 2018)","author":"Haney","year":"2018"},{"year":"1991","author":"Hochschild","key":"2020101106542761800_tyaa011-B21"},{"volume-title":"BENEVOL 2017: BElgian-NEtherlands Software eVOLution Symposium, 4\u20135 December 2017, pp. 1\u20136","year":"2017","author":"Serebrenik","key":"2020101106542761800_tyaa011-B22"},{"year":"2017","author":"M\u2019manga","key":"2020101106542761800_tyaa011-B23"},{"volume-title":"Qualitative Inquiry and Research Design: Choosing among Five Approaches, 4th edn","year":"2017","author":"Creswell","key":"2020101106542761800_tyaa011-B24"},{"key":"2020101106542761800_tyaa011-B25","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-531-91538-8","volume-title":"Experteninterviews und qualitative Inhaltsanalyse","author":"Gl\u00e4ser","year":"2010"},{"key":"2020101106542761800_tyaa011-B26","doi-asserted-by":"crossref","first-page":"1277","DOI":"10.1177\/1049732305276687","article-title":"Three approaches to qualitative content analysis","volume":"15","author":"Hsieh","year":"2005","journal-title":"Qual Health Res"},{"year":"2018","key":"2020101106542761800_tyaa011-B27","first-page":"2019,"},{"author":"Chaos Computer Club e. V. Chaos Computer Club","key":"2020101106542761800_tyaa011-B28"},{"key":"2020101106542761800_tyaa011-B29","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1080\/13600869.2015.1125154","article-title":"Germany\u2019s \u2018right to be forgotten\u2019 - between the freedom of expression and the right to informational self-determination","volume":"30","author":"Kodde","year":"2016","journal-title":"International Review of Law, Computers & Technology"},{"author":"Chaos Computer Club e. V. Browse Videos by Category: Congress","key":"2020101106542761800_tyaa011-B30"},{"key":"2020101106542761800_tyaa011-B31","first-page":"121","article-title":"Identifying patterns in informal sources of security information","volume":"1","author":"Rader","year":"2015","journal-title":"J Cybersecur"},{"first-page":"1","year":"2017","author":"Haney","key":"2020101106542761800_tyaa011-B32"}],"container-title":["Journal of Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/academic.oup.com\/cybersecurity\/article-pdf\/6\/1\/tyaa011\/33862682\/tyaa011.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"http:\/\/academic.oup.com\/cybersecurity\/article-pdf\/6\/1\/tyaa011\/33862682\/tyaa011.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,9]],"date-time":"2023-10-09T13:57:07Z","timestamp":1696859827000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article\/doi\/10.1093\/cybsec\/tyaa011\/5920841"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,1,1]]},"references-count":32,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,1,1]]}},"URL":"https:\/\/doi.org\/10.1093\/cybsec\/tyaa011","relation":{},"ISSN":["2057-2085","2057-2093"],"issn-type":[{"type":"print","value":"2057-2085"},{"type":"electronic","value":"2057-2093"}],"subject":[],"published-other":{"date-parts":[[2020]]},"published":{"date-parts":[[2020,1,1]]},"article-number":"tyaa011"}}