Abstract
The shift towards digitized identities and electronic ID cards presents significant information security management challenges for identity organisations like the NIA. The transition from securing paper records to electronic records and digital assets, such as citizen biometrics, is critical due to the potential implications of security issues on transactions requiring citizen identification and the protection of citizens’ privacy.
Our study, based on interviews with nine current and former senior man-agers of the NIA, reveals that the NIA faces unique challenges due to its nature as a public sector organisation and the political context within which it operates. These challenges include taking a holistic view of information security, instilling an information security culture, developing comprehensive information security policies, and ensuring policy compliance. Additionally, the NIA struggles with aligning its information security policies with relevant legislation, managing relationships with other government stakeholders and private sector organisations, and operating within government constraints. These challenges have significant implications for the NIA and other identity organisations facing similar issues.
Understanding and addressing these challenges can enhance information security management, safeguard digital assets, and ensure citizen privacy. However, these challenges occur in a context where management continuity is difficult due to political appointments and interference. These challenges are not unique to the NIA, as identity organisations in other developing countries face similar issues. Further research is needed to best address these challenges and ensure secure digitised identification.
Our study, based on interviews with nine current and former senior man-agers of the NIA, reveals that the NIA faces unique challenges due to its nature as a public sector organisation and the political context within which it operates. These challenges include taking a holistic view of information security, instilling an information security culture, developing comprehensive information security policies, and ensuring policy compliance. Additionally, the NIA struggles with aligning its information security policies with relevant legislation, managing relationships with other government stakeholders and private sector organisations, and operating within government constraints. These challenges have significant implications for the NIA and other identity organisations facing similar issues.
Understanding and addressing these challenges can enhance information security management, safeguard digital assets, and ensure citizen privacy. However, these challenges occur in a context where management continuity is difficult due to political appointments and interference. These challenges are not unique to the NIA, as identity organisations in other developing countries face similar issues. Further research is needed to best address these challenges and ensure secure digitised identification.
Original language | English |
---|---|
Number of pages | 14 |
Publication status | Published - 11 Jul 2024 |
Event | IFIP International Symposium on Human Aspects of Information Security and Assurance - University of Skövde, Skövde, Sweden Duration: 9 Jul 2024 → 11 Jul 2024 Conference number: 18th |
Conference
Conference | IFIP International Symposium on Human Aspects of Information Security and Assurance |
---|---|
Abbreviated title | HAISA 2024 |
Country/Territory | Sweden |
City | Skövde |
Period | 9/07/24 → 11/07/24 |