This paper aims to introduce the main aspects arising in the organisational context related to leadership roles when information security awareness is being engineered and developed according to purposes set within. Achieving these development purposes is connected to the commanding function of leadership, while being influenced by key human risk factors such as: leadership commitment and example setting, leadership quality, the state of being motivated and above all, the ability of responsible decision- making on a professional basis. In order to improve the effectiveness of putting the implementation into practice, a methodological toolset needs to be elaborated for the disposal of the leader, thanks to which, besides taking on a transactional leadership style and a cyclic program management, the continuous monitoring and tailoring to the organisation of the development purposes all become facilitated.
With regard to the threats of information society nowadays, the digital asset management and the safety of the related information systems as well as critical infrastructure elements became highly important. The defence of cyberspace itself evolved as a social necessity. This paper aims to provide an overview of how each of the occurring human risk factors influence the effectuation of information security purposes of firms and/or organisations operating critical infrastructure or critical information infrastructure, as well as the engineering of their data processing and data analytics procedures. Moreover, the helpful role of the possible methodological toolset (connected to HR, management and risk management) is also assessed in the context of managing and improving information security awareness.
This paper marks out possible further research directions based on the research problem that security awareness or unawareness has an impact on the correct approach of society-related security issues, acting as a human risk factor. Considering technically emerging reliability problems of authentication solutions (focusing on biometrics) as vulnerabilities, the author makes suggestions upon implementing possible risk management steps. Elements of the complex answer given to security questions related to private and organisational (employee) behavior can be an increase of the level of leadership commitment, evolvement of the organisational security awareness and continuous improvement of problem handling process.
A közlemény egy sorozat első része, amely egyfelől bemutatja a tréningek hatékonyságát értékelő módszerek tulajdonságait, ezen belül pedig feltárja a befektetés-megtérülési (ROI) módszertan alkalmazásának problémáit a magyarországi vállalati HR menedzsment gyakorlatban. A közlemény másfelől szektorális és egyéb statisztikai elemzések segítségével előkészíti a ROI biztonság-tudatoss ági tréningek vonatkozásában történő alkalmazásának további vizsgálatát – a sorozat következő részeiben.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.