Building An Effective Information Security Awareness Program
Închide
Articolul precedent
Articolul urmator
395 1
Ultima descărcare din IBN:
2020-07-18 15:53
Căutarea după subiecte
similare conform CZU
004.056 (224)
Știința și tehnologia calculatoarelor. Calculatoare. Procesarea datelor (4102)
SM ISO690:2012
LEGARD, Ildiko. Building An Effective Information Security Awareness Program. In: Central and Eastern European eDem and eGov Days , Ed. 3, 21 septembrie 2020, Budapesta. Viena, Austria: Facultas Verlags- und Buchhandels, 2020, pp. 189-200. ISBN 978-3-7089-1956-0; 978-3-903035-27-0. ISSN 2520-3401. DOI: https://doi.org/10.24989/ocg.338.1
EXPORT metadate:
Google Scholar
Crossref
CERIF

DataCite
Dublin Core
Central and Eastern European eDem and eGov Days 2020
Conferința "Central and Eastern European eDem and eGov Days "
3, Budapesta, Ungaria, 21 septembrie 2020

Building An Effective Information Security Awareness Program

DOI: https://doi.org/10.24989/ocg.338.1
CZU: 004.056

Pag. 189-200

Legard Ildiko
 
University of Public Service
 
Disponibil în IBN: 30 iunie 2020


Rezumat

Many researchers and experts in the field of information security agree that the user is the weakest
link in an organization’s chain of information security. Even if the system’s and the stored data’s
physical and logical protection is well developed, the human factor exposes security to significant
risk. The effective protection against the threats is to provide security awareness through
implementing a well-developed and successful Information Security Awareness Program.
Although organizations are able to recognize the importance of information security awareness, the
implementation of the awareness programs can be difficult. The aim of this study is to help
organizations to develop an effective Information Security Awareness Program tailored to the
characteristics of the organization. The paper presents how we can build a program that influences
and improves the user’s knowledge, attitude and behavior the most towards information security and
makes positive changes in the security culture of an organization. To achieve that goal, the study
identifies the key elements of the implementation, compares traditional awareness programs with
modern trainings and highlights the importance of communication channels and methods. There is
no single solution to improve information security, the essay summarizes and shows the most effective
techniques that experts can use in order to seize the user’s attention toward information security, to
establish credibility and trust, and to motivate action.