Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q)

Parsons, Kathryn; McCormac, Agata; Butavicius, Marcus A.; Pattinson, Malcolm R.; Jerram, Cate

doi:10.1016/j.cose.2013.12.003

Cited by 272 publications

(239 citation statements)

References 37 publications

Supporting

Mentioning

217

Contrasting

Unclassified

Order By: Relevance

“…Preventing the repetition of similar negligent behavior or duplicating the same solutions by sharing the already known lesson allows for a better investment of time and money in other areas [12]. Sharing prior relevant experiences in the field of information security is a considerable source of information security awareness [25]. Thus, on the organizational information security level, it is proposed that experience sharing is an important factor that positively affects employees' information security awareness.…”

Section: Figure 1 Information Security Involvement Theorymentioning

confidence: 99%

Lessons Learned from an Information Security Incident: A Practical Recommendation to Involve Employees in Information Security

Tatu¹,

Ament²,

Jaeger³

2018

Proceedings of the 51st Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

Section: Figure 1 Information Security Involvement Theorymentioning

confidence: 99%

Lessons Learned from an Information Security Incident: A Practical Recommendation to Involve Employees in Information Security

Tatu¹,

Ament²,

Jaeger³

2018

Proceedings of the 51st Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…Bilgi güvenliği farkındalığının oluşması için literatürde çok sayıda ve geniş katılımlı çalışmalar yapılmaktadır [2][3][4][5]. Kablosuz ağ güvenliği farkındalığı konusunu temel alan çalışmalarda mevcuttur [6].…”

Section: Gi̇ri̇ş (Introduction)unclassified

Kablosuz Ağ Ci̇hazi Eri̇şi̇m Güvenli̇ği̇ Ve Farkindalik Anali̇zi̇: Ankara Örneği̇

Yavanğlu¹,

Kapkiç²,

Yağci³

et al. 2015

Uluslararasi Bi̇lgi̇ Güvenli̇ği̇ Mühendi̇sli̇ği̇ Dergi̇si̇

View full text Add to dashboard Cite

ÖZETBu çalışmada, Ankara ilindeki kablosuz internet kullanıcılarının güvenli internet kullanım alışkanlarının incelenmesi ve toplumun sosyoekonomik düzeyi ile bilgi güvenliği farkındalığı arasındaki ilişkinin araştırılması hedeflenmiştir. Bu kapsamda kablosuz ağ cihazlarına yönelik ilçe bazlı güvenlik düzeyi ölçümleri uzaktan izleme ile yapılarak araştırma sonuçları Türkiye İstatistik Kurumu verileriyle karşılaştırılmıştır. Ankara ilinin Çankaya, Yenimahalle ve Keçiören ilçelerinde yapılan alan çalışması kapsamında 16978 kablosuz ağ cihazı incelenmiştir. Elde edilen sonuçlara göre incelenen cihazların %72 oranında güvenli kabul edilen WPA2 şifreleme bulunduğu, %64 oranında SSID kimliğinin değiştirilmiş olduğu, %43 oranında WPS standardı kullandığı, %98 oranında 2GHz bandında yayın yaptığı tespit edilmiştir. Sonuçlar bilgi güvenliği farkındalığı ile Ankara ili halkının sosyoekonomik düzeyleri arasında %95,58 oranında benzerlik gösterdiği tespit edilmiştir. Bu makale ISDFS 2015 konferansında sunulmuş olup seçilmiş bildiriler içerisine girdiği için bu dergide basılmıştır.Anahtar Kelimeler: Kablosuz Ağ, Cihaz, Erişim Güvenliği, Farkındalık, Analiz, Web Güvenliği, Ankara. WIRELESS NETWORK DEVICE ACCESS SECURITY AND AWARENESS ANALYSIS: CASE OF ANKARA ABSTRACTThis paper analyses the habit of using secure internet among the wireless network users and examines the relationship between socioeconomic level of people and information security awareness, especially, in Ankara, the capital city of Turkey. In this context, district based security measurements for wireless network devices have been done with remote tracking devices. The results have been compared with TUIK's data. 16978 wireless network devices have been examined within the field study in Ankara, the capital city of Turkey, particularly, Çankaya, Yenimahalle and Keçiören districts. This study have shown that %72 of the examined devices use WPA2 encryption (which acknowledged as secured), as %64 have changed their SSID, %43 of them are being used WPS security standard and %98 of those are broadcasting on 2GHz. The results have demonstrated that %95.58 similarities between information security awareness and socioeconomic levels of people lived in Ankara.

show abstract

“…Experts believe that human aspects of information security should be taken into consideration in addition to technological aspects of information security in order to achieve a secure environment for information assets in organisations [11]. The human aspects of information security concern the information security risks that originate intentionally or unintentionally from human mistakes.…”

Section: Human Aspectsmentioning

confidence: 99%

The information security landscape in the supply chain

Safa

2017

Computer Fraud & Security

View full text Add to dashboard Cite

Information security is an important issue in supply chain. Information security breaches have serious consequences for companies, such as loss of revenue, reputation, customers, business advantages, and, in the worst-case scenario, bankruptcy. On the other hand, collaboration and integration between different parties is necessary to increase productivity in the supply chain. However, increasing the flow of information increases the risk of information leakage. To mitigate the risk of information security breach in the supply chain we need to have a comprehensive view about information security. This research aims to investigate different dimensions of information security in the supply chain. A review of literature revealed that technological, managerial, organizational, psychological, educational and awareness aspects of information security play important roles in the security of information in supply chain.

show abstract

Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q)

Cited by 272 publications

References 37 publications

Lessons Learned from an Information Security Incident: A Practical Recommendation to Involve Employees in Information Security

Lessons Learned from an Information Security Incident: A Practical Recommendation to Involve Employees in Information Security

Kablosuz Ağ Ci̇hazi Eri̇şi̇m Güvenli̇ği̇ Ve Farkindalik Anali̇zi̇: Ankara Örneği̇

The information security landscape in the supply chain

Contact Info

Product

Resources

About