nach oben

Scientific and Technical Information Processing

Erschienen in:

01.09.2022

Information Security Awareness Program for Employees of the Organization: The Activity Approach

verfasst von: L. V. Astakhova

Erschienen in: Scientific and Technical Information Processing | Ausgabe 3/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The article actualizes the problem of the content of the employee awareness program concerning the information security of their organization as a key factor influencing the effectiveness of this activity. Based on the activity approach, a system of factors that determine the content of the awareness program in a particular organization is substantiated.

Vorheriger Artikel Role of the Cognitive Properties of the Observer in the Formation of the Information Picture of the World

Nächster Artikel Attitude of University Students to the Information Content of Electronic Educational Platforms

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Russia: Leaks of limited access information in 2020, InfoWatch, 2022. https://www.infowatch.ru/analytics/analitika/rossiya-utechki-informatsii-ogranichennogo-dostupa-2020-god. Cited February 25, 2022.

Study of leads of limited access information in 2020, InfoWatch, 2022. https://www.infowatch.ru/analytics/analitika/issledovanie-utechek-informatsii-ogranichennogo-dostupa-v-2020-godu. Cited February 25, 2022.

Grassegger, T. and Nedbal, D., The role of employees’ information security awareness on the intention to resist social engineering, Procedia Comput. Sci., 2021, vol. 181, pp. 59–66. https://doi.org/10.1016/j.procs.2021.01.103CrossRef

GOST R (State Standard) 22.3.07-2014: Safety in emergencies. Culture of life safety. General provisions, 2015.

Astakhova, L.V., Transformation of strategic models for managing human risks of information security of an enterprise as an imperative of the digital industry, Sci. Tech. Inf. Process., 2021, vol. 48, no. 2, pp. 71–77. doi https://doi.org/10.3103/S0147688221020027CrossRef

GOST R ISO/MEK (State Standard) 27000-2021: Information technology. Security techniques. Information security management systems. Overview and vocabulary, 2021. http://protect.gost.ru/v.aspx?control=7&id=240708. Cited February 26, 2022.

Scrimgeour, J.-M. and Ophoff, J., Lessons learned from an organizational information security awareness campaign, Information Security Education. Education in Proactive Information Security. WISE 2019, Drevin, L. and Theocharidou, M., Eds., IFIP Advances in Information and Communication Technology, vol. 557, Cham: Springer, 2019, pp. 129–142. https://doi.org/10.1007/978-3-030-23451-5_10

Astakhova, L.V., A corporate employee as a subject of corporate information security management, Sci. Tech. Inf. Process., 2020, vol. 47, no. 2, pp. 113–118. https://doi.org/10.3103/S0147688220020069CrossRef

Serfontein, R., Drevin, L., and Kruger, H., The feasibility of raising information security awareness in an academic environment using SNA, Information Security Education – Towards a Cybersecure Society. WISE 2018 Drevin, L. and Theocharidou, M., Eds., IFIP Advances in Information and Communication Technology, vol. 531, Cham: Springer, 2018, pp. 69–80. https://doi.org/10.1007/978-3-319-99734-6_6

10.

Stroganov, S., Survey of the market of services for raising information security awareness, Anti-Malware, 2018. https://www.anti-malware.ru/analytics/Market_Analysis/Security-Awareness. Cited February 26, 2022.

11.

Cloud Networks, Security awareness – programs for raising awareness. https://cloudnetworks.ru/inf-bezopasnost/security-awareness/. Cited February 26, 2022.

12.

Chepanova, E., Review of Kaspersky ASAP platform for raising cybersecurity awareness of employees, Anti-Malware, 2020. https://www.anti-malware.ru/reviews/Kaspersky-ASAP. Cited February 26, 2022.

13.

Standard of the Bank of Russia STO BR IBBS-1.0-2014: Information security of organizations of bank system of the Russian Federation. General provisions, 2014. https://www.garant.ru/products/ipo/prime/doc/70567254/. Cited February 25, 2022.

14.

Lukatskii, A., 12 reasons why business does not see information security, or Schrödinger cybersecurity, 2019. https://lukatsky.blogspot.com/2019/01/12.html. Cited February 25, 2022.

15.

Lukatskii, A., SOC: Is it a collection of services or processes?, 2019 https://lukatsky.blogspot.com/2019/06/soc.html. Cited February 25, 2022.

16.

Bauer, S., Bernroider, E.W.N., and Chudzikowski, K., Prevention is better than cure! Designing information security awareness programs to overcome users’ non-compliance with information security policies in banks, Comput. Secur., 2017, vol. 68, pp. 145–159. https://doi.org/10.1016/j.cose.2017.04.009CrossRef

17.

Tsohou, A., Karyda, M., and Kokolakis, S., Analyzing the role of cognitive and cultural biases in the internalization of information security policies: Recommendations for information security awareness programs, Comput. Secur., 2015, vol. 52, pp. 128–141. https://doi.org/10.1016/j.cose.2015.04.006CrossRef

18.

Astakhova, L.V. and Beschastnov, S.A., Targeted comprehension of the program of increasing awareness of employees on information security of the organization, Inf. Bezop., 2021, vol. 24, no. 2, pp. 231–238. https://doi.org/10.36622/VSTU.2021.24.2.006CrossRef

19.

Alshaikh, M., Maynard, S.B., and Ahmad, A., Applying social marketing to evaluate current security education training and awareness programs in organisations, Comput. Secur., 2021, vol. 100, p. 102090. https://doi.org/10.1016/j.cose.2020.102090CrossRef

20.

Khando, K., Gao, S., Islam, S.M., and Salman, A., Enhancing employees information security awareness in private and public organisations: A systematic literature review, Comput. Secur., 2021, vol. 106, p. 102267. https://doi.org/10.1016/j.cose.2021.102267CrossRef

21.

Tolah, A., Furnell, S.M., and Papadaki, M., An empirical analysis of the information security culture key factors framework, Comput. Secur., 2021, vol. 108, p. 102354. https://doi.org/10.1016/j.cose.2021.102354CrossRef

22.

Posey, C., Roberts, T.L., Lowry, P.B., and Highto-wer, R.T., Bridging the divide: A qualitative comparison of information security thought patterns between information security professionals and ordinary organizational insiders, Inf. Manage., 2014, vol. 51, no. 5, pp. 551–567. https://doi.org/10.1016/j.im.2014.03.009CrossRef

23.

Astakhova, L. and Medvedev, I., Scanning the resilience of an organization employees to social engineering attacks using machine learning technologies, Ural Symp. on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), Yekaterinburg, 2020, IEEE, 2020, pp. 606–610. https://doi.org/10.1109/USBEREIT48449.2020.9117746

24.

Astakhova, L.V. and Kiryaev, A.I., Integration of automated management of documents and awareness of employees about information security of a small and medium enterprise, Vestn. Ural. Fed. Okruga. Bezop. Inf. Srede, 2021, no. 4, pp. 46–58. https://doi.org/10.14529/secur210405

Titel: Information Security Awareness Program for Employees of the Organization: The Activity Approach
verfasst von: L. V. Astakhova
Publikationsdatum: 01.09.2022
Verlag: Pleiades Publishing
Erschienen in: Scientific and Technical Information Processing / Ausgabe 3/2022
Print ISSN: 0147-6882
Elektronische ISSN: 1934-8118
DOI: https://doi.org/10.3103/S0147688222030066

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 3/2022

Attitude of University Students to the Information Content of Electronic Educational Platforms

Role of the Cognitive Properties of the Observer in the Formation of the Information Picture of the World

The Information Ecosystem of Open Science: Key Aspects of Development

Representation of Scientific and Technological Innovation in Russian Business Journals: Quantitative Analysis (2017–2021)

Formation of an Information Resource for the Interstate Personnel Training System for CIS Member States

Use of Electronic Media and Social Media in the Scientific and Technical and Educational Spheres

Premium Partner