A Framework for Evaluating ICT Security Awareness

نویسندگان

  • Hennie A. Kruger
  • Lynette Drevin
  • Tjaart Steyn
چکیده

ICT resources are important assets of any organization and the protection of these resources are equally important. To be able to protect themselves and their profitability, many organizations have established information security awareness programs. In order for a security awareness program to add value to an organization and at the same time make a contribution to the field of information security it is necessary to have a set of methods to study and measure its effect. This paper gives an overview of a suggested framework for evaluating ICT security awareness. Following a brief description of the framework, a more detailed overview on the identification of areas to be evaluated, using a value focused assessment, will be presented. Comments on possible system generated information, that may be used to assist with the evaluation of security behavior of users, will also be presented.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

An approach to enhance the security of ICT infrastructure through legal, regulatory influences

As information systems and networks (ICTs) are increasingly used by governments, different organisations, businesses and end-users worldwide, there has been a common interest in promoting the security of such systems through a variety of methods and approaches. This interest is important to address the challenges posed by the potential harm from security failures of the systems to national econ...

متن کامل

Value-focused assessment of ICT security awareness in an academic environment

Security awareness is important to reduce human error, theft, fraud, and misuse of computer assets. A strong ICT security culture cannot develop and grow in a company without awareness programmes. This paper focuses on ICT security awareness and how to identify key areas of concern to address in ICT security awareness programmes by making use of the value-focused approach. The result of this ap...

متن کامل

Value-Focused Assessment of Information Communication and Technology Security Awareness in an Academic Environment

The aim of this paper is to introduce the approach of value-focused thinking when identifying information and communications technology (ICT) security awareness aspects. Security awareness is important to reduce human error, theft, fraud, and misuse of computer assets. A strong ICT security culture cannot develop and grow in a company without awareness programmes. How can personnel follow the r...

متن کامل

Designing a Cyber Attack Information System for National Situational Awareness

Information and communication technology (ICT) systems underpin many of today’s societal functions and economic development. Consequently, protecting a nation’s ICT infrastructure from deliberate cyber attacks and unintentional disruptions is of paramount importance. Collaboration among all parties across all domains of cyberspace is the key to effective and coordinated effort to cope with cybe...

متن کامل

Applied Holistic Approach For Security Awareness And Training - Computer Games As Means To Increase Users' Information And Communication Security Awareness

In order to decrease Information and Communication Technology (ICT) security threats caused by human errors an increased concentration on education and learning is necessary. Because of the large amount of new users, with different kind of learning capabilities, the traditional teaching methods are not sufficient. Alternative forms of education are needed. This article discusses why ICT securit...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006