Political engineering in knowledge security
| Date | 01 July 2006 |
| Pages | 265-266 |
| DOI | https://doi.org/10.1108/03055720610703551 |
| Published date | 01 July 2006 |
| Author | Julie J.C.H. Ryan |
| Subject Matter | Information & knowledge management |
KNOWLEDGE/INFORMATION SECURITY
Political engineering in
knowledge security
Julie J.C.H. Ryan
Department of Engineering Management and Systems Engineering,
The George Washington University, Washington, DC, USA
Abstract
Purpose – Knowledge security requires a balanced approach tha t incorporates and treats
appropriately both tangible security needs and intangible environmental imperatives. This paper
aims to investigate the concept of political engineering in knowledge security.
Design/methodology/approach – The concept of a knowledge security architect is described.
Findings – The study finds that commercial certification vendors, such as ISC(2) and ISACA, have
recognized the need and are offering management certifications for information security professionals.
This is not enough. The educational needs of a knowledge security architect would include not only
the technologies and legal aspects of information security, but also the political engineering skills and
decision capabilities of senior executives.
Originality/value – The paper puts forward the conceptualization of a knowledge security architect
as an integral part of the knowledge strategy team.
Keywords Information control,Data security, Knowledge management,Education
Paper type Viewpoint
When considering how to implement security controls in a knowledge centric
organization, it is tempting to begin by specifying precisely what data can be shared
and what data must be protected. And, in fact, this is a good place to begin, since there
are legal issues associated with the protection of certain types of information. However,
once those concerns are addressed, it quickly becomes apparent to the management
team struggling with the architectural decisions that there is more at stake than simply
quantifying security needs and allocating resources against those needs. Competing
intangible needs include politics, corporate culture, idea incubation desires, social
interests, and employee culture. Complicating this situation is the emerging truth that
no enterprise is an island and that there may be localized aspects that impact a global
enterprise policy structures.
The balancing of quantifiable needs against qualitative needs requires a skill not
taught in many educational tracks. Decision theory typically focuses on quantifiable
aspects of decisions – how to calculate an optimal outcome given measurable
elements. Risk management typically focuses on looking at probability of
occurrence of a problem and the cost of each occurrence (to include impact). But
how does one quantify politics? How does one quantify corporate culture or strategic
positioning? It is simply not possible, except perhaps through using surrogate
variables in convoluted formulism. One may as well quantify love or disgust. This is
part of the challenge that knowledge managers recognize: not everything valuable
can be counted empirically.
The current issue and full text archive of this journal is available at
www.emeraldinsight.com/0305-5728.htm
Political
engineering
265
VINE: The journal of information and
knowledge management systems
Vol. 36 No. 3, 2006
pp. 265-266
qEmerald Group Publishing Limited
0305-5728
DOI 10.1108/03055720610703551
To continue reading
Request your trial