Persona-centred information security awareness

Ki-Aries, Duncan; Faily, Shamal

doi:10.1016/j.cose.2017.08.001

Cited by 67 publications

(31 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Other results found were 41.2% of respondents believed that the security of public services in storing data and personal information, while 9.8% were unsure and 49% were doubtful about the security of public services in storing personal data and information. This means that the majority of respondents still do not believe in data security in public services [7,8].…”

Section: Resultsmentioning

confidence: 99%

Information Security Awareness on Data Privacy in Higher Education

Runtuwene¹,

Mege²,

Palilingan³

et al. 2019

Proceedings of the 5th UPI International Conference on Technical and Vocational Education and Training (ICTVET 2018)

View full text Add to dashboard Cite

There is always a negative aspect of a technology utilization. Security issues become a serious problem in information technology. The development of information technology makes access to data privacy is very important to note. The purpose of this study is to analyze and measure students understanding of the importance of understanding the privacy policy on public services. The method used in this research is survey method. The survey is done by collecting data of student survey result. This study was conducted face-to-face with the respondents and online. The results of this study indicate that 78% of students who are the majority of respondents realize the importance of private security in public services. Respondents are also aware of the risks that can occur if a violation of the privacy policies of others. Yet 65% of respondents feel unconcerned about their private security. Why? because respondents do not know how to maintain their privacy data and tools that can use which can make the data safe.

show abstract

Section: Resultsmentioning

confidence: 99%

Information Security Awareness on Data Privacy in Higher Education

Runtuwene¹,

Mege²,

Palilingan³

et al. 2019

Proceedings of the 5th UPI International Conference on Technical and Vocational Education and Training (ICTVET 2018)

View full text Add to dashboard Cite

show abstract

“…Through our research [19] [37], it has also become evident that use of a common less-technical language of security and risk can assist multi-level stakeholder understanding. Moreover, it is useful for operational stakeholders to first align with the concept of SoSs before its complexity can be identified and appreciated.…”

Section: Approachmentioning

confidence: 98%

System of Systems Characterisation assisting Security Risk Assessment

Ki-Aries

Faily

Doğan

et al. 2018

2018 13th Annual Conference on System of Systems Engineering (SoSE)

Self Cite

View full text Add to dashboard Cite

System of Systems (SoS) is a term often used to describe the coming together of independent systems, collaborating to achieve a new or higher purpose. However, clarity is needed when using this term given that operational areas may be unfamiliar with the terminology. In this paper, we present an approach for refining System and SoS descriptions to aid multistakeholder communication and understanding; building on previous work, we illustrate an example of characterising a likely SoS. By identifying key stakeholders, systems, management and control, this approach supports the initial steps of a SoS security risk assessment approach using a tool-supported framework that supports operational needs towards requirements engineering.

show abstract

“…In addition, a culture of information security will be created with awareness programs among organisational members [25]. The awareness programme is to inform the organisational members so that they will understand the importance of IS and the level of security policy required by the organisation, thus driving them to act according to the security policy [9], [23]. Therefore, the coordinating team must be knowledgeable about ISM and committed to coordinating the ISM activities in addition to possessing excellent communication skills [19] when communicating at all levels.…”

Section: Literature Reviewmentioning

confidence: 99%

“…Moreover, organisations tend to emphasise on the technical aspects, [7] hence ignoring the non-technical aspects in implementing ISM [5]. As a result, the organisations" critical information has been attacked, leading to triggering major disruptions and enormous financial damage [8] and reputation loss [9]. Based on these facts, this study was conducted to determine the success factors of ISM implementation.…”

Section: Introductionmentioning

confidence: 99%

Contributing Factors for Successful Information Security Management Implementation: A Conceptual Model

2019

IJITEE

View full text Add to dashboard Cite

Information security management is a comprehensive information management technique that is used as a strategic approach for addressing risks, breaches of information security incidents that threaten confidentiality, integrity and availability. Information Security Management has become an important initiative for organizations to manage and protect their information assets responsibly and effectively. One of the common problems in organisations is the lack of guidelines for the implementation of an effective and efficient ISM. As a result, incidents and threats to organisations continue to rise causing the organisations to suffer losses and their reputation jeopardised. Therefore, this study aims to identify the success factors that could assist organisations in the implementation of ISM. The methodology used in this study is a qualitative research technique whereby a theoretical study was reviewed through existing literature together with ISM international standards, frameworks, guidelines, best practices and previous studies in the IS field. The data from the theoretical study was then analysed using content analysis. Twelve success factors were identified and the relationships between these factors are proposed. These factors are derived and grouped into aspects of people and process. Each factor contains its own element that represents either the role to play or the activity to perform. In the process aspect, the factor was further divided into the Plan, Do, Check and Act phases. The aspects and factors were then formulated as a conceptual model for information security management implementation. The conceptual model acts as a guideline and an initial setup for organisations intending to implement ISM in the future. Furthermore, it could also act as a reference for future research in the information security domain.

show abstract

Persona-centred information security awareness

Cited by 67 publications

References 9 publications

Information Security Awareness on Data Privacy in Higher Education

Information Security Awareness on Data Privacy in Higher Education

System of Systems Characterisation assisting Security Risk Assessment

Contributing Factors for Successful Information Security Management Implementation: A Conceptual Model

Contact Info

Product

Resources

About