Investigating Information Security Awareness: Research and Practice Gaps
نویسندگان
چکیده
This paper aims at creating a broad picture of security awareness and the ways it has been approached and also concerns, problems or gaps that may inhibit its successful implementation, towards understanding the reasons why security awareness practice remains problematic. Open coding analysis was performed on numerous publications (articles, surveys, standards, reports and books). A classification scheme of six categories of concern has emerged from the content analysis (e.g. terminology ambiguity) and the chosen publications were classified based on it. The paper identifies ambiguous aspects of current security awareness approaches and the proposed classification provides a guide to identify the range of options available to researchers and practitioners when they design their research and practice on information security awareness.
منابع مشابه
Investigating the Effects of Psychological Capital on Evidence-based Clinical Practice of Nurses in Dealing With COVID-19 Patients: The Mediating Role of Psychological Security
Objectives: Given the outbreak of COVID-19 pandemic and its adverse effects on social psychological health, especially nurses, psychological empowerment of nurses can increase their psychological security and improve their clinical performance during critical situations. This study aims to investigate the relationship between nurses’ psychology capital and their clinical performance, with a foc...
متن کاملA Research Model for Investigating Human Behavior Related to Computer Security
Computer security issues have typically been approached from the perspective of building technical countermeasures to reduce risk. Recently, researchers have recognized that computer users play an important role in ensuring secure systems by implementing those technical countermeasures. As a means of encouraging safe computing practice, user training and awareness have been touted. However, sim...
متن کاملTowards an Intelligence-Driven Information Security Risk Management Process for Organisations
Three deficiencies exist in information security under prevailing practices: organisations tend to focus on compliance over protection; to estimate risk without investigating it; and to assess risk on an occasional (as opposed to continuous) basis. These tendencies indicate that important data is being missed and that the situation awareness of decision-makers in many organisations is currently...
متن کاملA Vocabulary Test to Assess Information Security Awareness
Purpose. The dependence on human involvement and human behavior to protect information assets necessitates an information security awareness program to make people aware of their roles and responsibilities towards information security. The purpose of this paper is to examine the feasibility of an information security vocabulary test as an aid to assess awareness levels and to assist with the id...
متن کاملSocial Cognitive Theory: Information Security Awareness and Practice
In this paper, the authors discuss employees’ beliefs about their abilities to competently use computer information security tools in the determination of effective information security practices within organizations. In the first section the authors present a background about information security practices at work. Then, the authors present a research approach based on social cognitive theory ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Information Security Journal: A Global Perspective
دوره 17 شماره
صفحات -
تاریخ انتشار 2008