论文信息 - Enhancing Security Culture through User-Engagement: An Organisational Perspective

Enhancing Security Culture through User-Engagement: An Organisational Perspective

This paper presents the survey conducted to assess end-user engagement in building organisation’s security. A total of forty-eight (48) responses were collected from fifteen (15) mid-sized business organisations and institutions in Tanzania. The results show that little has been done to facilitate end-user engagement in building secure organisation. Also, the survey showed that old security problem such as passwords sharing still exist. The findings from this paper can be used by security officers and implementers within organisation to build and maintain sustainable secure organisation. KEywORdS Organisation Security, Security Culture, Security, Survey, User Engagement

Said Jafari | Said Jafari

[1] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.

[2] M. Angela Sasse,et al. Users are not the enemy , 1999, CACM.

[3] Sebastiaan H. von Solms,et al. Information Security - A Multidimensional Discipline , 2001, Comput. Secur..

[4] L. R. Chao,et al. An integrated system theory of information security management , 2003, Inf. Manag. Comput. Secur..

[5] Jeffrey M. Stanton,et al. Analysis of end user security behaviors , 2005, Comput. Secur..

[6] Paul Ohm. Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization , 2009 .

[7] H. Raghav Rao,et al. Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..