论文信息 - Information security culture - from analysis to change

Information security culture - from analysis to change

Information Security Culture includes all socio-cultural measures that support technical security methods, so that information security becomes a natural aspect in the daily activity of every employee. To apply these socio-cultural measures in an effective and efficient way, certain management models and tools are needed. In our research we developed a framework analyzing the security culture of an organization which we then applied in a pre-evaluation survey. This paper is based on the results of this survey. We will develop a management model for creating, changing and maintaining Information Security Culture. This model will then be used to define explicit sociocultural measures, based on the concept of internal marketing.

Stephanie Teufel | Thomas Schlienger | T. Schlienger | S. Teufel

[1] Ivan Horrocks. Security Training: Education For an Emerging Profession? , 2001, Comput. Secur..

[2] K. Seltman. Marketing for management. , 2004, Marketing health services.

[3] Stephanie Teufel,et al. Analyzing information security culture: increased trust by an appropriate information security culture , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[4] Manfred Bruhn,et al. Internes Marketing als Forschungsgebiet der Marketingwissenschaft , 1999 .

[5] E. Schein. Organizational Culture and Leadership: A Dynamic View , 1985 .

[6] Stephanie Teufel,et al. Information Security Culture: The Socio-Cultural Dimension in Information Security Management , 2002, SEC.

[7] Manfred Bruhn,et al. Internes Marketing als Forschungsgebiet der Marketingwissenschaft — Eine Einführung in die theoretischen und praktischen Probleme , 1995 .

[8] Robert P. Vecchio,et al. Organizational Behavior: Core Concepts , 2002 .

[9] Jan H. P. Eloff,et al. Information security architecture , 2005 .