Investigating Information Security Awareness: Research and Practice Gaps

Tsohou, Aggeliki; Kokolakis, Spyros; Karyda, Maria; Kiountouzis, Evangelos

doi:10.1080/19393550802492487

Cited by 39 publications

(29 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Aforementioned measures require customer's needs assessment to understand an organization's objectives and mission, as well as to measure the present ISA level of the employees (users). In this regard, several studies have addressed IS and ISA in business organizations [6,7,8]. At the same time understanding threats is crucial to design countermeasures to mitigate risks [9].…”

Section: Introductionmentioning

confidence: 99%

A taxonomy of perceived information security and privacy threats among IT security students

Farooq

Kakakhel

Virtanen

et al. 2015

2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)

View full text Add to dashboard Cite

The purpose of this study is to explore students' perceived information security and privacy (IS&P) threats and to classify them in a way that helps in analyzing the problem, creating awareness measures and further improving students' IS&P education. Using a qualitative research approach, a group of forty two Master's degree IT students identified seventy five IS&P threats related to them. The identified threats were classified into fourteen categories. Further, using the affinity diagraming technique, the categories were grouped into four domains -Personnel, Devices, Intranet and Internet. In this way, we defined a taxonomy of students' perceived IS&P threats as well as a model that highlights the domains where students consider themselves prone to IS&P threats. The proposed taxonomy and the domain model can be used as a benchmark for designing information security awareness assessment instruments as well as preparing information security awareness programs. The taxonomy can also be used for highlighting areas where students lack information security related knowledge.

show abstract

Section: Introductionmentioning

confidence: 99%

A taxonomy of perceived information security and privacy threats among IT security students

Farooq

Kakakhel

Virtanen

et al. 2015

2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)

View full text Add to dashboard Cite

show abstract

“…Most of the frameworks of IS awareness offer or implement some awareness approaches and methods, for example techniques for conveying security messages, computer games, artificial intelligence devices, etc., with no justification of their specific choices and also defining their theoretical foundations (Tsohou et al, 2008;Puhakainen, 2006). In addition, those research methods which are in nature theoretical and test the problems and challenges of security awareness, exclusively draw from behavioral and physical theories.…”

Section: Approaches To Is System Awarenessmentioning

confidence: 99%

Mediating role of Information System Security Awareness in the relationship between Self-Efficacy, Security Practice and Information System Security Behavior

Bojmaeh¹

2015

IJSEA

View full text Add to dashboard Cite

Through reviewing the previous conducted studies, we can find enough evidence in order to support the relationship between self-efficacy and security practice with information system security behavior. The main issue which is discussed in this research is the key role of information system security awareness. According to the data analysis results on 230 collected data from 10 universities in Iran, located in Tehran, it was revealed that the relationship between mentioned factors with information system security can be mediated by information system security awareness

show abstract

“…Information security awareness of Internet users was analyzed in Tsohou et al (2008) as well as Talib et al (2010). While Tsohou et al (2008) provide an overview on information security awareness, the study of Talib et al (2010) is based on survey data containing 333 observations.…”

Section: Introductionmentioning

confidence: 99%

“…While Tsohou et al (2008) provide an overview on information security awareness, the study of Talib et al (2010) is based on survey data containing 333 observations. The authors argue that -compared to private use -at an individual's workplace clearer legislation and regulation about IT security exist.…”

Section: Introductionmentioning

confidence: 99%

An Exploratory Analysis on the Risk to be Offended on the Internet

Kirchner

Sögner

2016

SSRN Journal

View full text Add to dashboard Cite

Questionnaire data is used to identify socio-demographic as well as the risk-awareness characteristics of users offended on the Internet. The data comprises a representative sample of 3,000 individuals, containing information on employment, education, age, the frequency of Internet usage and security measures taken by the users. By means of a cluster analysis, within the sub-sample of offended users, we identify a female group, where employment and education are high, a male cluster with similar characteristics, a group of urban users with low security awareness and a group of young users. Regressions show that the frequency of using the Internet increases, while to communicate only to people known in real life reduces the risk to be offended on the Internet.

show abstract

Investigating Information Security Awareness: Research and Practice Gaps

Cited by 39 publications

References 16 publications

A taxonomy of perceived information security and privacy threats among IT security students

A taxonomy of perceived information security and privacy threats among IT security students

Mediating role of Information System Security Awareness in the relationship between Self-Efficacy, Security Practice and Information System Security Behavior

An Exploratory Analysis on the Risk to be Offended on the Internet

Contact Info

Product

Resources

About