Managing and controlling computer misuse

Dhillon, Gurpreet

doi:10.1108/09685229910292664

Cited by 68 publications

(37 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Many scholars have proposed a proactive approach for information security, such as [7][20]. Yet they do not have quantitative analysis on costeffectiveness of proactive approach.…”

Section: Contribution To Researchmentioning

confidence: 99%

Managing Emerging Information Security Risks during Transitions to Integrated Operations

Qian

Fang

Jaatun

et al. 2010

2010 43rd Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…Many scholars have proposed a proactive approach for information security, such as [7][20]. Yet they do not have quantitative analysis on costeffectiveness of proactive approach.…”

Section: Contribution To Researchmentioning

confidence: 99%

Managing Emerging Information Security Risks during Transitions to Integrated Operations

Qian

Fang

Jaatun

et al. 2010

2010 43rd Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…Business controls in this sense refer to operational controls. According to Dhillon (1999), increasing awareness of security issues is the most cost-effective control that an organization can implement. However, in order to ensure that the maximum return on investment is gained, special care should be taken to ensure the success of the user education programs used.…”

Section: The Human Side Of Information Securitymentioning

confidence: 99%

Corporate Information Security Education

Niekerk¹,

Solms²

2004

Information Security Management, Education and Privacy

View full text Add to dashboard Cite

Department of Business Information Systems, Port Elizabeth Technikon 1 ; Department of Information Technology, Port Elizabeth Technikon 2Today's global economy is increasingly dependent on the creation, management, and distribution of information resources. Information and its use permeate all aspects of modern society. Most modern organizations need information systems to survive and prosper. Information has become a valuable commodity and as such needs to be protected. This protection is typically implemented in the form of various security controls. In order for these controls to be effective, the users in the organization need to be educated regarding these controls. Recent studies have indicated that current user education programs fail to pay adequate attention to behavioral theories. This paper examines the educational principles an information security user education program should adhere to. It then introduces outcomes based education (OBE) and finally argues that OBE is ideally suited for the needs of information security.

show abstract

“…Security culture can also be defined as: The totality of patterns of behaviours in an organization that contribute to the protection of information of all kinds [4] (p.90).…”

Section: (P148)mentioning

confidence: 99%

A Conceptual Model to Understand Information Security Culture

Alnatheer¹

2014

IJSSH

View full text Add to dashboard Cite

Abstract-The purpose of the paper is to examine the conceptualization of information security culture in order to develop an information security culture measurement model. In order to do so, a comprehensive literature analysis of current information security culture models and frameworks were examined. The outcome of the comprehensive review is a top constructs candidate that conceptualizes security culture. The current paper found no mutual agreement on what factors conceptualize a security culture. Our contribution is being able to identify a clear gap on the existing literature of a lack of clear conceptualization and distinction between factors that constitute information security culture and factors that influence information security culture. The distinction clearly has not been made by academic literature on the information security culture. The current study assists academic researchers to identify research gaps in the information security culture field, including identifying further empirical research needed in this area.Index Terms-Security culture, factors constitute security culture, factors influence security culture.

show abstract

Managing and controlling computer misuse

Cited by 68 publications

References 6 publications

Managing Emerging Information Security Risks during Transitions to Integrated Operations

Managing Emerging Information Security Risks during Transitions to Integrated Operations

Corporate Information Security Education

A Conceptual Model to Understand Information Security Culture

Contact Info

Product

Resources

About