Information security management: An information security retrieval and awareness model for industry

Kritzinger, Elmarie; Smith, E.E.

doi:10.1016/j.cose.2008.05.006

Cited by 62 publications

(26 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…This has led to the development and implementation of numerous information security awareness programmes within these domains (Bishop, 2000;Crowley, 2003;Hilburn, 1999;Kritzinger & Smith, 2006;The White House, 2000;Yasubsac, 2002). Within these domains, users are forced by their organizations to make themselves information security aware and to apply a wide range of information security awareness tools.…”

Section: Non Home Users and Information Security Awarenessmentioning

confidence: 99%

Cyber security for home users: A new way of protection through awareness enforcement

Kritzinger

Solms

2010

Computers & Security

Self Cite

111

View full text Add to dashboard Cite

Abstract:We are currently living in an age, where the use of the Internet has become second nature to millions of people. Not only do businesses depend on the Internet for all types of electronic transactions, but more and more home users are experiencing the immense benefit of the Internet.However, this dependence and use of the Internet bring new and dangerous risks. This is due to increasing attempts from unauthorised third parties to compromise private information for their own benefit -the whole wide area of cyber crime.It is therefore essential that all users understand the risks of using the Internet, the importance of securing their personal information and the consequences if this is not done properly.It is well known that home users are specifically vulnerable, and that cyber criminals have such users squarely in their target. This vulnerability of home users are due to many factors, but one of the most important ones is the fact that such home users are in many cases not aware of the risks of using the Internet, and often venture into cyber space without any awareness preparation for this journey.This paper specifically investigates the position of the home user, and proposes a new model, The E-Awareness Model (E-AM), in which home users can be forced to acquaint themselves with the risks involved in venturing into cyber space. The E-AM consists of two components : the awareness component housed in the E-Awareness Portal, and the enforcement component.This model proposes a way to improve information security awareness amongst home users by presenting some information security content and enforcing the absorption of this content.The main difference between the presented model and other existing information security awareness models, is that in the presented model the acquiring/absorption of the awareness content is compulsory -the user is forced to proceed via the E-Awareness Portal without the option of bypassing it.

show abstract

Section: Non Home Users and Information Security Awarenessmentioning

confidence: 99%

Cyber security for home users: A new way of protection through awareness enforcement

Kritzinger

Solms

2010

Computers & Security

Self Cite

111

View full text Add to dashboard Cite

show abstract

“…This definition is consistent with the view that security awareness is a state in which employees are aware of and are ideally committed to their organization's security objectives (Siponen, 2000). Information security awareness forms part of information security management and ensures that all employees are aware of their role and responsibility with respect to information security (Kritzinger & Smith, 2008). D'Arcy et al (2009) found that organizations can use three security countermeasures: user awareness of security policies; security education, training, and awareness programs; and computer monitoring to reduce user IS abuse.…”

Section: Awarenessmentioning

confidence: 73%

The influence of information security on the adoption of web-based integrated information systems: an e-government study in Peru

Joo

Hovav

2015

Information Technology for Development

View full text Add to dashboard Cite

This study analyzes the determinants of information security that influence the adoption of Web-based integrated information systems (IIS) by government agencies in Peru. The study introduces Web-based information systems designed to formulate strategic plans for the Peruvian government. A theoretical model is proposed to test the impact of organizational factors such as deterrent efforts, severity efforts, and preventive efforts and individual factors such as perceived information security threats and security awareness on intentions to use Web-based IIS. The empirical results indicate that deterrent efforts and deterrent severity have no significant influence on use intentions of IIS, whereas preventive efforts play an important role in such intentions. Information security awareness and perceived information security threats as individual factors have a significant effect on intentions to use the system. This suggests that organizations should implement preventive efforts by introducing various information security solutions, and improve information security awareness while reducing perceived information security threats.

show abstract

“…Alanyazındaki çalışmalarda, hangi konuların bilgi güvenliği dâhilinde ele alındığına bakıldığında ise genellikle şu üç başlık vurgulanmaktadır: Gizlilik, bütünlük ve erişilebilirlik (Güldüren & Keser, 2015;Kritzinger & Smith, 2008). Bu başlıklar ayrıntılandığında, araştırma sonuçlarına göre özellikle; erişim ve şifre güvenliği, sosyal ağ güvenliği, tehditler ve korunma yolları, yazılım yükleme ve güncelleme, e-posta güvenliği, internet ve ağ güvenliği, sosyal (veya toplum) mühendisliği (bir bilgisayar korsanının kimliğini gizleyerek veya farklı göstererek karşı tarafı aldatmaya dönük hileleri) ve kullanıcı farkındalığı gibi farklı boyutlara yönelik birçok tehdidin ve kullanıcı hatalarının bilgi güvenliği açıklarına yol açtığı ifade edilmektedir (Alhejaili, 2013;Arachchilage & Love, 2014;Berrier, 2007;Chen, 2014;Van Bruggen, 2014;Valcke et al, 2007).…”

Section: Bilge Güvenliği Kapsamında Ele Alınan Konularunclassified

“…In terms of concerns of the information security in the literature, it is aimed to ensure that availability, confidentiality and integrity of information are not compromised (Güldüren & Keser, 2015;Kritzinger & Smith, 2008). Taking a closer look at these studies, according to research findings, it is stated that many threats and user error intended for different dimensions such as access and password security, social network security, threats and defense methods, software installation and updating, email security, internet and network security, social engineering (manipulations of the people through some tricks such as hiding or disguising real life identities, and awareness of users cause the information security gaps (Alhejaili, 2013;Arachchilage & Love, 2014;Berrier, 2007;Chen, 2014;Van Bruggen, 2014;Valcke et al, 2007).…”

Section: Aspects Of Information Securitymentioning

confidence: 99%

Examining secondary school students' safe computer and internet usage awareness: An example from Bartın province

Yılmaz

Öztürk

et al. 2017

Pegegog

View full text Add to dashboard Cite

Information and Communication Technologies (ICT) have been rapidly prevailed among the children and youths. Personal technologies facilitating the students to gain some learning experiences both in and out of the schools also include many threats. It is important for students to have high awareness of safe internet and computer use to overcome with these threats. In this research, it was aimed to reveal internet security and computer usage awareness profiles of students studying in the secondary school. The data were collected from 2029 students studying in the secondary schools in Bartın Province in Turkey by using a questionnaire developed by the researchers. The data obtained from the questionnaire were analyzed based on the pre-determined themes and the students' information security and computer usage awareness profiles were revealed. The findings indicate that the majority of the students are insufficient regarding information security and computer usage awareness and they could be under risk in online settings towards the threats. In the discussion section, some measures for the parents, schools and policy makers were mentioned to increase students' information security and computer usage awareness.

show abstract

Information security management: An information security retrieval and awareness model for industry

Cited by 62 publications

References 20 publications

Cyber security for home users: A new way of protection through awareness enforcement

Cyber security for home users: A new way of protection through awareness enforcement

The influence of information security on the adoption of web-based integrated information systems: an e-government study in Peru

Examining secondary school students' safe computer and internet usage awareness: An example from Bartın province

Contact Info

Product

Resources

About