A Framework for Evaluating ICT Security Awareness
نویسندگان
چکیده
ICT resources are important assets of any organization and the protection of these resources are equally important. To be able to protect themselves and their profitability, many organizations have established information security awareness programs. In order for a security awareness program to add value to an organization and at the same time make a contribution to the field of information security it is necessary to have a set of methods to study and measure its effect. This paper gives an overview of a suggested framework for evaluating ICT security awareness. Following a brief description of the framework, a more detailed overview on the identification of areas to be evaluated, using a value focused assessment, will be presented. Comments on possible system generated information, that may be used to assist with the evaluation of security behavior of users, will also be presented.
منابع مشابه
An approach to enhance the security of ICT infrastructure through legal, regulatory influences
As information systems and networks (ICTs) are increasingly used by governments, different organisations, businesses and end-users worldwide, there has been a common interest in promoting the security of such systems through a variety of methods and approaches. This interest is important to address the challenges posed by the potential harm from security failures of the systems to national econ...
متن کاملValue-focused assessment of ICT security awareness in an academic environment
Security awareness is important to reduce human error, theft, fraud, and misuse of computer assets. A strong ICT security culture cannot develop and grow in a company without awareness programmes. This paper focuses on ICT security awareness and how to identify key areas of concern to address in ICT security awareness programmes by making use of the value-focused approach. The result of this ap...
متن کاملValue-Focused Assessment of Information Communication and Technology Security Awareness in an Academic Environment
The aim of this paper is to introduce the approach of value-focused thinking when identifying information and communications technology (ICT) security awareness aspects. Security awareness is important to reduce human error, theft, fraud, and misuse of computer assets. A strong ICT security culture cannot develop and grow in a company without awareness programmes. How can personnel follow the r...
متن کاملDesigning a Cyber Attack Information System for National Situational Awareness
Information and communication technology (ICT) systems underpin many of today’s societal functions and economic development. Consequently, protecting a nation’s ICT infrastructure from deliberate cyber attacks and unintentional disruptions is of paramount importance. Collaboration among all parties across all domains of cyberspace is the key to effective and coordinated effort to cope with cybe...
متن کاملApplied Holistic Approach For Security Awareness And Training - Computer Games As Means To Increase Users' Information And Communication Security Awareness
In order to decrease Information and Communication Technology (ICT) security threats caused by human errors an increased concentration on education and learning is necessary. Because of the large amount of new users, with different kind of learning capabilities, the traditional teaching methods are not sufficient. Alternative forms of education are needed. This article discusses why ICT securit...
متن کامل