A prototype for assessing information security awareness
نویسندگان
چکیده
Due to the intensified need for improved information security, many organisations have established information security awareness programs to ensure that their employees are informed and aware of security risks, thereby protecting themselves and their profitability. In order for a security awareness program to add value to an organisation and at the same time make a contribution to the field of information security, it is necessary to have a set of methods to study and measure its effect. The objective of this paper is to report on the development of a prototype model for measuring information security awareness in an international mining company. Following a description of the model, a brief discussion of the application results is presented. a 2006 Elsevier Ltd. All rights reserved.
منابع مشابه
A toolkit approach to information security awareness and education
In today’s business environment where all operations are enabled by technology, information security has become an established discipline as more and more businesses realize its value. The human component has been recognized to have an important role in information security since the only way to reduce security risks is through making employees more information security aware. Towards this goal...
متن کاملPrivate Key based query on encrypted data
Nowadays, users of information systems have inclination to use a central server to decrease data transferring and maintenance costs. Since such a system is not so trustworthy, users' data usually upkeeps encrypted. However, encryption is not a nostrum for security problems and cannot guarantee the data security. In other words, there are some techniques that can endanger security of encrypted d...
متن کاملStudying SCADA Organisations Information Security Goals: An Integrated System Theory Approach
Security awareness and its implementation within an organisation is crucial for preventing deliberate attacks or/and minimise system failures on organisation’s system especially where critical infrastructure is involved including energy, water, gas and etc. This study is based on Integrated System Theory (IST) and focuses on measuring and assessing security goals including policies, risk manage...
متن کاملUnderstanding susceptibility to phishing emails: Assessing the impact of individual differences and culture
In a lab-based empirical study, we examined how individual differences and an aspect of national culture impacted on participants’ responses to phishing and spear-phishing emails. Results showed that the strongest predictor of the participants’ ability to detect these malicious emails was cultural orientation towards the needs of the individual rather than the needs of society. For both types o...
متن کاملAssessing The Students’ Awareness In Information Security Threats In E-Learning : A Case Study
Many higher institutions used e-learning to improve their learning and teaching process. Users often use services of e-learning with great confidence on its security. The increasing number of universities in Malaysia contributes the increasing number of elearning system as alternative to face-to-face lecture. As e-learning use a network, it is exposed to threats. Threats become the problem sinc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Computers & Security
دوره 25 شماره
صفحات -
تاریخ انتشار 2006