A Critical Assessment of IS Security Research between 1990-2004

Authors

Mikko Siponen, University of OuluFollow
Robert Willison, Copenhagen Business SchoolFollow

Abstract

This paper reviews the IS security literature for the period 1990-2004. More specifically three security

journals and the top twenty IS journals were examined. In total 1280 IS security papers were analysed in

terms of theories, research methods and research topics. Our research found that 1043 of the papers

contained no theory. In addition, almost 1000 of the papers were categorized as ‘subjectiveargumentative’ in terms of methodology, with field experiments, surveys, case studies and action research

accounting for less that 10% (8.10%) of all the papers. Fifty nine research topics were identified with

fourteen of these topics totaling 71.05% of the articles.

This papers offers implications for future research directions on IS security, scholars to publish IS

security research, tenure practice, and IS security classification schemas.

Recommended Citation

Siponen, Mikko and Willison, Robert, "A Critical Assessment of IS Security Research between 1990-2004" (2007). ECIS 2007 Proceedings. 190.
https://aisel.aisnet.org/ecis2007/190