论文信息 - Investigation of Stakeholders Commitment to Information Security Awareness Programs

Investigation of Stakeholders Commitment to Information Security Awareness Programs

Organisations have become increasingly dependent on technology in order to compete in their respective markets. As IT technology advances at a rapid pace, so does its complexity, giving rise to new IT security vulnerabilities and methods of attack. Even though the human factors have been recognized to have a crucial role in information security management, the effects of weakness of will and lack of commitment on the stakeholders (i.e., employers and employees) parts has never been factored into the design and delivery of awareness programs. To this end, this paper investigates the impacts of the availability of awareness programs and end-user drive and lack of commitment to information security awareness program design, delivery and success.

Tai-hoon Kim | J.H. Abawajy | K. Thatcher

[1] Dennis Longley,et al. Electronic Information Security Documentation , 2003, ACSW.

[2] Wasim A. Al-Hamdani. Assessment of need and method of delivery for information security awareness program , 2006, InfoSecCD '06.

[3] Mikko T. Siponen,et al. A conceptual foundation for organizational information security awareness , 2000, Inf. Manag. Comput. Secur..

[4] Detmar W. Straub,et al. Effective IS Security: An Empirical Study , 1990, Inf. Syst. Res..

[5] Jan H. P. Eloff,et al. New Approaches for Security, Privacy and Trust in Complex Environments: Proceedings of the Ifip Tc 11 22nd International Information Security Conference ... Federation for Information Processing) , 2007 .

[6] Donald L. Kirkpatrick,et al. Evaluating Training Programs : The Four Levels , 2009 .

[7] Donovan A. McFarlane,et al. Evaluating Training Programs: The Four Levels , 2006 .

[8] Bhagyavati,et al. Wireless security techniques: an overview , 2004, InfoSecCD '04.

[9] Steve Elky. An Introduction to Information System Risk Management , 2007 .

[10] Carrie McCoy,et al. "You are the key to security": establishing a successful security awareness program , 2004, SIGUCCS '04.