Understanding Information Security Culture In An Organization
DOWNLOAD
Download Understanding Information Security Culture In An Organization PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Understanding Information Security Culture In An Organization book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages. If the content not found or just blank you must refresh this page
Understanding Information Security Culture In An Organization
DOWNLOAD
Author : Donald Bess
language : en
Publisher:
Release Date : 2012
Understanding Information Security Culture In An Organization written by Donald Bess and has been published by this book supported file pdf, txt, epub, kindle and other format this book has been release on 2012 with categories.
Information systems are considered to be a critical and strategic part of most organizations today. Because of this it has become increasingly important to ensure that there is an effective information security program in place protecting those information systems. It has been well established by researchers that the success of an information security program is heavily dependent upon the actions of the organizational members that interact with the information security program. Because of the interaction between people and the information security program an appropriate information security culture is required to effectively influence and control the actions of the members within that organization. While the importance of an information security culture has been well established by researchers there has been little research conducted to date that assist in understanding and managing information security culture within organizations. To expand the body of knowledge in this area this study will explore the information security culture of a large organization using interpretive case study methodology. The use of semi-structured interviews to collect data has allowed the researcher to report back their interpretation of shared meanings, consciousness, language and artifacts observed while at the research site. Structuration theory was applied as a theoretical lens with which to better understand information security culture and explore ways in which organizations can better understand and manage information security culture. We found structures of signification and legitimacy were the most influential on employee's behavior towards information security. While the structure of domination exerted minimal influence over employee's behavior. This research study contributes to the existing body of knowledge regarding information security culture by examining the role of structural properties exhibited within information security culture. Structural properties of information security culture have not been adequately considered within the existing literature. By expanding our understanding of the role of social structures such as systems of meaning, power and legitimacy on information security culture researchers will have a deeper understanding of this phenomena call information security culture. This will enable us to better understand how to develop and manage an appropriate information security culture.
The Security Culture Playbook
DOWNLOAD
Author : Perry Carpenter
language : en
Publisher: John Wiley & Sons
Release Date : 2022-03-08
The Security Culture Playbook written by Perry Carpenter and has been published by John Wiley & Sons this book supported file pdf, txt, epub, kindle and other format this book has been release on 2022-03-08 with Computers categories.
Mitigate human risk and bake security into your organization’s culture from top to bottom with insights from leading experts in security awareness, behavior, and culture. The topic of security culture is mysterious and confusing to most leaders. But it doesn’t have to be. In The Security Culture Playbook, Perry Carpenter and Kai Roer, two veteran cybersecurity strategists deliver experience-driven, actionable insights into how to transform your organization’s security culture and reduce human risk at every level. This book exposes the gaps between how organizations have traditionally approached human risk and it provides security and business executives with the necessary information and tools needed to understand, measure, and improve facets of security culture across the organization. The book offers: An expose of what security culture really is and how it can be measured A careful exploration of the 7 dimensions that comprise security culture Practical tools for managing your security culture program, such as the Security Culture Framework and the Security Culture Maturity Model Insights into building support within the executive team and Board of Directors for your culture management program Also including several revealing interviews from security culture thought leaders in a variety of industries, The Security Culture Playbook is an essential resource for cybersecurity professionals, risk and compliance managers, executives, board members, and other business leaders seeking to proactively manage and reduce risk.
Security In The Information Society
DOWNLOAD
Author : M. Adeeb Ghonaimy
language : en
Publisher: Springer
Release Date : 2012-12-06
Security In The Information Society written by M. Adeeb Ghonaimy and has been published by Springer this book supported file pdf, txt, epub, kindle and other format this book has been release on 2012-12-06 with Computers categories.
Recent advances in technology and new software applications are steadily transforming human civilization into what is called the Information Society. This is manifested by the new terminology appearing in our daily activities. E-Business, E-Government, E-Learning, E-Contracting, and E-Voting are just a few of the ever-growing list of new terms that are shaping the Information Society. Nonetheless, as "Information" gains more prominence in our society, the task of securing it against all forms of threats becomes a vital and crucial undertaking. Addressing the various security issues confronting our new Information Society, this volume is divided into 13 parts covering the following topics: Information Security Management; Standards of Information Security; Threats and Attacks to Information; Education and Curriculum for Information Security; Social and Ethical Aspects of Information Security; Information Security Services; Multilateral Security; Applications of Information Security; Infrastructure for Information Security Advanced Topics in Security; Legislation for Information Security; Modeling and Analysis for Information Security; Tools for Information Security. Security in the Information Society: Visions and Perspectives comprises the proceedings of the 17th International Conference on Information Security (SEC2002), which was sponsored by the International Federation for Information Processing (IFIP), and jointly organized by IFIP Technical Committee 11 and the Department of Electronics and Electrical Communications of Cairo University. The conference was held in May 2002 in Cairo, Egypt.
Cyber Security Culture
DOWNLOAD
Author : Dr Peter Trim
language : en
Publisher: Gower Publishing, Ltd.
Release Date : 2013-05-28
Cyber Security Culture written by Dr Peter Trim and has been published by Gower Publishing, Ltd. this book supported file pdf, txt, epub, kindle and other format this book has been release on 2013-05-28 with Computers categories.
Focusing on countermeasures against orchestrated cyber-attacks, Cyber Security Culture is research-based and reinforced with insights from experts who do not normally release information into the public arena. It will enable managers of organizations across different industrial sectors and government agencies to better understand how organizational learning and training can be utilized to develop a culture that ultimately protects an organization from attacks. Peter Trim and David Upton believe that the speed and complexity of cyber-attacks demand a different approach to security management, including scenario-based planning and training, to supplement security policies and technical protection systems. The authors provide in-depth understanding of how organizational learning can produce cultural change addressing the behaviour of individuals, as well as machines. They provide information to help managers form policy to prevent cyber intrusions, to put robust security systems and procedures in place and to arrange appropriate training interventions such as table top exercises. Guidance embracing current and future threats and addressing issues such as social engineering is included. Although the work is embedded in a theoretical framework, non-technical staff will find the book of practical use because it renders highly technical subjects accessible and links firmly with areas beyond ICT, such as human resource management - in relation to bridging the education/training divide and allowing organizational learning to be embraced. This book will interest Government officials, policy advisors, law enforcement officers and senior managers within companies, as well as academics and students in a range of disciplines including management and computer science.
Cyber Security Culture
DOWNLOAD
Author : Peter Trim
language : en
Publisher: Routledge
Release Date : 2016-05-13
Cyber Security Culture written by Peter Trim and has been published by Routledge this book supported file pdf, txt, epub, kindle and other format this book has been release on 2016-05-13 with Computers categories.
Focusing on countermeasures against orchestrated cyber-attacks, Cyber Security Culture is research-based and reinforced with insights from experts who do not normally release information into the public arena. It will enable managers of organizations across different industrial sectors and government agencies to better understand how organizational learning and training can be utilized to develop a culture that ultimately protects an organization from attacks. Peter Trim and David Upton believe that the speed and complexity of cyber-attacks demand a different approach to security management, including scenario-based planning and training, to supplement security policies and technical protection systems. The authors provide in-depth understanding of how organizational learning can produce cultural change addressing the behaviour of individuals, as well as machines. They provide information to help managers form policy to prevent cyber intrusions, to put robust security systems and procedures in place and to arrange appropriate training interventions such as table top exercises. Guidance embracing current and future threats and addressing issues such as social engineering is included. Although the work is embedded in a theoretical framework, non-technical staff will find the book of practical use because it renders highly technical subjects accessible and links firmly with areas beyond ICT, such as human resource management - in relation to bridging the education/training divide and allowing organizational learning to be embraced. This book will interest Government officials, policy advisors, law enforcement officers and senior managers within companies, as well as academics and students in a range of disciplines including management and computer science.
An Ethnographic Investigation Of The Assimilation Of New Organizational Members Into An Information Security Culture
DOWNLOAD
Author : Barry McIntosh
language : en
Publisher:
Release Date : 2011
An Ethnographic Investigation Of The Assimilation Of New Organizational Members Into An Information Security Culture written by Barry McIntosh and has been published by this book supported file pdf, txt, epub, kindle and other format this book has been release on 2011 with categories.
Research on information security culture evolved because technical security controls and policies have failed to eliminate information security incidents. Although existing research has addressed the measurement and cultivation of an information security culture, it has not addressed how to maintain that culture. This study focused on that gap by exploring the values and assumptions that inhibit assimilation of new members into an information security culture. Contract employees represent a distinct set of new organizational members with additional challenges assimilating into an organization's information security culture. This study addressed two research questions about how and why pre-existing information security related values and assumptions of new contract employees conflicted with the prevalent information security culture that created information security risks. This study applied an ethnographic approach to the examination of the assimilation of new contract employees based on Schein's framework of organizational culture. The findings revealed that IT contractors displayed a sense of responsibility for information security. However, the IT contractors demonstrated a detachment from the organization's information security culture through a lack of interest in the mission, goals and strategies. As a result of this detachment, information security concerns were linked to a lack of understanding of the information the organization sought to protect, the risk tolerance and the response to unforeseen security incidents. The contractors' detachment was traced to assumptions that resulted from their temporal relationship with the organization and their perception of being organizational outsiders. In addition to identifying the risk and mechanisms behind contractors' failure to assimilate, this study extended research into professional sub-groups within an information security culture. The study offered a contribution to research in its approach to Schein's framework by focusing on the inter-relationships between assumptions. The findings identified where organizations should be cognizant of specific contractor information security assumptions and how they create risk. The findings suggest that organization should encourage the engagement of contractor in social interactions with direct staff and the avoid actions leading to the perception of inequitable treatment. However, future research will be required to confirm the extent that these actions might have in overcoming the contractor's deeply rooted assumptions.
Security Culture
DOWNLOAD
Author : Hilary Walton
language : en
Publisher: Routledge
Release Date : 2016-04-01
Security Culture written by Hilary Walton and has been published by Routledge this book supported file pdf, txt, epub, kindle and other format this book has been release on 2016-04-01 with Business & Economics categories.
Security Culture starts from the premise that, even with good technical tools and security processes, an organisation is still vulnerable without a strong culture and a resilient set of behaviours in relation to people risk. Hilary Walton combines her research and her unique work portfolio to provide proven security culture strategies with practical advice on their implementation. And she does so across the board: from management buy-in, employee development and motivation, right through to effective metrics for security culture activities. There is still relatively little integrated and structured advice on how you can embed security in the culture of your organisation. Hilary Walton draws all the best ideas together, including a blend of psychology, risk and security, to offer a security culture interventions toolkit from which you can pick and choose as you design your security culture programme - whether in private or public settings. Applying the techniques included in Security Culture will enable you to introduce or enhance a culture in which security messages stick, employees comply with policies, security complacency is challenged, and managers and employees understand the significance of this critically important, business-as-usual, function.
Information Security Governance
DOWNLOAD
Author : S.H. Solms
language : en
Publisher: Springer Science & Business Media
Release Date : 2008-12-16
Information Security Governance written by S.H. Solms and has been published by Springer Science & Business Media this book supported file pdf, txt, epub, kindle and other format this book has been release on 2008-12-16 with Business & Economics categories.
IT Security governance is becoming an increasingly important issue for all levels of a company. IT systems are continuously exposed to a wide range of threats, which can result in huge risks that threaten to compromise the confidentiality, integrity, and availability of information. This book will be of use to those studying information security, as well as those in industry.
Information Security And Employee Behaviour
DOWNLOAD
Author : Angus McIlwraith
language : en
Publisher: CRC Press
Release Date : 2016-05-23
Information Security And Employee Behaviour written by Angus McIlwraith and has been published by CRC Press this book supported file pdf, txt, epub, kindle and other format this book has been release on 2016-05-23 with Business & Economics categories.
Research suggests that between 60-75% of all information security incidents are the result of a lack of knowledge and/or understanding amongst an organization's own staff. And yet the great majority of money spent protecting systems is focused on creating technical defences against external threats. Angus McIlwraith's book explains how corporate culture affects perceptions of risk and information security, and how this in turn affects employee behaviour. He then provides a pragmatic approach for educating and training employees in information security and explains how different metrics can be used to assess awareness and behaviour. Information security awareness will always be an ongoing struggle against complacency, problems associated with new systems and technology, and the challenge of other more glamorous and often short term priorities. Information Security and Employee Behaviour will help you develop the capability and culture that will enable your organization to avoid or reduce the impact of unwanted security breaches.
Building A Cybersecurity Culture In Organizations
DOWNLOAD
Author : Isabella Corradini
language : en
Publisher: Springer Nature
Release Date : 2020-04-29
Building A Cybersecurity Culture In Organizations written by Isabella Corradini and has been published by Springer Nature this book supported file pdf, txt, epub, kindle and other format this book has been release on 2020-04-29 with Technology & Engineering categories.
This book offers a practice-oriented guide to developing an effective cybersecurity culture in organizations. It provides a psychosocial perspective on common cyberthreats affecting organizations, and presents practical solutions for leveraging employees’ attitudes and behaviours in order to improve security. Cybersecurity, as well as the solutions used to achieve it, has largely been associated with technologies. In contrast, this book argues that cybersecurity begins with improving the connections between people and digital technologies. By presenting a comprehensive analysis of the current cybersecurity landscape, the author discusses, based on literature and her personal experience, human weaknesses in relation to security and the advantages of pursuing a holistic approach to cybersecurity, and suggests how to develop cybersecurity culture in practice. Organizations can improve their cyber resilience by adequately training their staff. Accordingly, the book also describes a set of training methods and tools. Further, ongoing education programmes and effective communication within organizations are considered, showing that they can become key drivers for successful cybersecurity awareness initiatives. When properly trained and actively involved, human beings can become the true first line of defence for every organization.